SciLinux: SLSA-2022-1440-1 Important: java-11-openjdk on SL7.x x86

Synopsis:          Important: java-11-openjdk security, bug fix, and enhancement update
Advisory ID:       SLSA-2022:1440-1
Issue Date:        2022-04-20
CVE Numbers:       CVE-2022-21426
                   CVE-2022-21443
                   CVE-2022-21434
                   CVE-2022-21476
                   CVE-2022-21496
--

The following packages have been upgraded to a later upstream version:
java-11-openjdk (11.0.15.0.9).

Security Fix(es):

* OpenJDK: Defective secure validation in Apache Santuario (Libraries,
8278008) (CVE-2022-21476)

* OpenJDK: Unbounded memory allocation when compiling crafted XPath
expressions (JAXP, 8270504) (CVE-2022-21426)

* OpenJDK: Improper object-to-string conversion in
AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)

* OpenJDK: Missing check for negative ObjectIdentifier (Libraries,
8275151)  (CVE-2022-21443)

* OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
--

SL7
  x86_64
    java-11-openjdk-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-debuginfo-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-debuginfo-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-headless-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-headless-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-demo-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-demo-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-devel-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-devel-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-javadoc-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-javadoc-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-jmods-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-jmods-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-src-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-src-11.0.15.0.9-2.el7_9.x86_64.rpm
    java-11-openjdk-static-libs-11.0.15.0.9-2.el7_9.i686.rpm
    java-11-openjdk-static-libs-11.0.15.0.9-2.el7_9.x86_64.rpm

- Scientific Linux Development Team

Get the Latest News & Insights

SciLinux: SLSA-2022-1440-1 Important: java-11-openjdk on SL7.x x86_64

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By