Gentoo Linux Security Advisory 201903-14 - Multiple vulnerabilities have been found in Oracleas JDK and JRE software suites. Versions less than 1.8.0.202 are affected.
c381dad8caa69e0787771dadeb9e4838aadfef674832136569f7bed7299726ac
Red Hat Security Advisory 2018-1975-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.
8195fccd479514f27690fbfaf526994432154f6f8c773640850c17eae2361e26
Red Hat Security Advisory 2018-1974-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
845e1273b91ea122e2412665711776fc99d8d94609b34d54213ab9e3c6cfcc70
Ubuntu Security Notice 3691-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
7d06ec77a02bfafefe9a5d49677b3d153c5882a5ed1dc168714bceea224ce19e
Debian Linux Security Advisory 4225-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
dda5d0fcd2be222346aff61463dc08a6de7bd42db79fa9a53a40e92f636e1c7d
Red Hat Security Advisory 2018-1724-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
2e5dd86e7bb7be2ad0379be9bb23b5763cf5029804d3da6d6184572e3beeb0de
Red Hat Security Advisory 2018-1723-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
336aa8a03be2a5c8ac78bdbe977acefaf909e808d197a57be5714d9740292384
Red Hat Security Advisory 2018-1722-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.
edc73d4ed7139837602c028e2ae9536c4f1081766c634964c910b44a2140e2d2
Red Hat Security Advisory 2018-1721-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include deserialization vulnerabilities.
0272152fff5c50359d88831a1d656b2adf44cce4c367b7458def6c8f94cc9d77
Ubuntu Security Notice 3644-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.
da85077bce5ffaf12b06fc7b23e6cb9ec18575e068ff9522ebf87774d77786ce
Red Hat Security Advisory 2018-1278-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
bc4c1a7de774c5033cc7404b418e1050514213ab7f4c0f78240d803da8a857cd
Red Hat Security Advisory 2018-1270-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
90abdfd20e9beeed02d72eb4ed3bc4db43bd1d767f10dfd4a03634eaa8fb6887
Debian Linux Security Advisory 4185-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
4b50e9d98efd4b23a87cb5dbfd928c095176bb7fb220d433ff5d2a7e1b55123a
Red Hat Security Advisory 2018-1206-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
e5bf1029e4aa44dcd69aad7fa41383bcb94974454c28d57057decc3737455dec
Red Hat Security Advisory 2018-1201-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 181. Issues addressed include a bypass vulnerability.
f0af30a7d0964d92200b4de2a66f9a7b450a0a66dab48679eb81c619c2562dea
Red Hat Security Advisory 2018-1204-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
e625595928eee1bee979150635556c97b39e82000588df28d2586498feb5fd54
Red Hat Security Advisory 2018-1202-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 171. Issues addressed include a bypass vulnerability.
4a4568e2eff3179d27ae9133da42c48605d7293bda38106834c4a97ce41db187
Red Hat Security Advisory 2018-1191-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
025e0cde2194670d686b880f3a9df16fc361bc15e48a96bca36432c1b9e36190
Red Hat Security Advisory 2018-1188-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
87ae60024967af1a3267d9309cb4cf6625b7d944c43b3532d2896668bae46549