java-1.8.0-openjdk security update

1:1.8.0.492.b09-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.492.b09-1 - Update to 8u492-b09 GA - Update release notes for 8u492-b09. - Add missing CVEs for 8u482. - Regenerate JDK-8199936/PR3533 patch following JDK-8374917 - Regenerate JDK-8186464/RH1433262 patch following...

EUVD-2006-0659

Malware in sbrugna...

java-1.8.0-openjdk security update

1:1.8.0.462.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.462.b08-1 - Update to 8u462-b08 GA - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion of JDK-8352716 - Add early backport of JDK-8339414 - Sync the copy of the portable specfile with the...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2025-10867)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10867 advisory. 1:17.0.16.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.16.0.8-2 - Update to jdk-17.0.16+8 - Add to .gitignore...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-3845)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3845 advisory. 1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09....

java-1.8.0-openjdk security update

1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09. - Remove long option documentation from JDK-8335912/JDK-8337499 as not present in 8u - Require tzdata 2025a due to upstream inclusion of JDK-8347965 ...

java-21-openjdk security update

1:21.0.7.0.6-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.7.0.6-1 - Update to jdk-21.0.7+6 GA - Update release notes to 21.0.7+6 - Rebase FIPS support against 21.0.7+5 - Require tzdata 2025a due to upstream inclusion of JDK-8347965 - Sync the copy of the portable specfile with the...

java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5

1:17.0.14.0.7-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.14.0.7-3 - Set rpmrelease to 3 - Revert 'Require tzdata-java 2024b at runtime and for build' 1:17.0.14.0.7-2 - Do not pass nil to jvmdir macro in cjc logic - Related: RHEL-73867 1:17.0.14.0.7-2 - Adapt to newest cjc to fix...

java-21-openjdk security update for RHEL 8.10, 9.4 and 9.5

1:21.0.6.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.6.0.7-1 - Update to jdk-21.0.6+7 GA - Update release notes to 21.0.6+7 - Sync the copy of the portable & devkit specfiles with the latest update - Include the latest devkit patches - Update README.md to list an easier way of...

java-1.8.0-openjdk security update

1.8.0.422.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.422.b05-1.1 - Update to shenandoah-jdk8u422-b05 GA - Update release notes for shenandoah-8u422-b05. - Rebase PR2462 patch following patched hunk being removed by JDK-8322106 - Switch to GA mode. - Sync the copy of the portab...

java-1.8.0-openjdk security update

1:1.8.0.412.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155...

java-21-openjdk security update

1:21.0.2.0.13-1.0.1 - Add Oracle vendor bug URL 1:21.0.2.0.13-1 - Rebase to 21.0.2.0.13...

java-11-openjdk security and bug fix update

1:11.0.21.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 -...

java-11-openjdk security and bug fix update

1:11.0.20.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Fix tzdata requirement copy-and-paste error that led to two BuildRequires and no Requires 1:11.0.20.0.8-2 - Bump release number so we are newer than 9.0 - Related: rhbz2221106 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Updat...

java-1.8.0-openjdk security and bug fix update

1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...

java-1.8.0-openjdk security and bug fix update

1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...

MineStack 1.0 Cross Site Scripting

Exploit Title: MineStack 1.0 - Stored XSS Exploit Author: CraCkEr Date: 14/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/minestack-a-cloud-mining-platform/10 Tested on: Windows 10 Pro Impact: Manipulate the content of the site...

OpenMRS 2.3 (1.11.4) - Expression Language Injection

OpenMRS 2.3 1.11.4 Expression Language Injection Vulnerability Vendor: OpenMRS Inc. Product web page: http://www.openmrs.org Affected version: OpenMRS 2.3, 2.2, 2.1, 2.0 Platform 1.11.4 Build 6ebcaf, 1.11.2 and 1.10.0 OpenMRS-TB System OpenMRS 1.9.7 Build 60bd9b Summary: OpenMRS is an application...

[Full-disclosure] The Everything Development System - SQL Injection

Application: The Everything Development System Versions: = Pre-1.0 current version at time of release Author: sub [email protected] Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to...

The Everything Development System Pre-1.0 - SQL Injection

The Everything Development System Pre-1.0 - SQL Injection Application: The Everything Development System Versions: Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to information...