SciLinux: SLSA-2018-3350-1 Important: java-1.7.0-openjdk on SL7.x x86_64
Summary
Important: java-1.7.0-openjdk security update
Security Fixes
* OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169)
* OpenJDK: Incomplete enforcement of the trustURLCodebase restriction
(JNDI, 8199177) (CVE-2018-3149)
* OpenJDK: Incorrect handling of unsigned attributes in signed Jar
manifests (Security, 8194534) (CVE-2018-3136)
* OpenJDK: Leak of sensitive header data via HTTP redirect (Networking,
8196902) (CVE-2018-3139)
* OpenJDK: Missing endpoint identification algorithm check during TLS
session resumption (JSSE, 8202613) (CVE-2018-3180)
* OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)
(CVE-2018-3214)
SL7
x86_64
java-1.7.0-openjdk-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-headless-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-accessibility-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.201-2.6.16.1.el7_6.x86_64.rpm
java-1.7.0-openjdk-1.7.0.201-2.6.16.1.el7_6.src.rpm
noarch
java-1.7.0-openjdk-javadoc-1.7.0.201-2.6.16.1.el7_6.noarch.rpm
- Scientific Linux Development Team
