Red Hat Security Advisory 2018-1812-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20. Issues addressed include deserialization, insecure handling, randomization, and use-after-free vulnerabilities.
221148ef0de88896f8459f4e5e0cbf8dcb142f45ea6c2e753d125ce1e56b2984
Red Hat Security Advisory 2018-1463-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.
80ce6d0081fec02cd94f1f4ffeaf0d179a18234d8f8ba21736afebe5737f2d94
Debian Linux Security Advisory 4166-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions.
6f36f4da2f3eb8043a433062d4aad7c8ab82511dadd128bdfbebde9f80182976
Ubuntu Security Notice 3614-1 - It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could possibly use this to expose sensitive information. It was discovered that the DNS client implementation in OpenJDK did not properly randomize source ports. A remote attacker could use this to spoof responses to DNS queries made by Java applications. Various other issues were also addressed.
65f8a0d0aab5a2c6072e2706dcbe72635130ec35592468e4424476e34701f86f
Ubuntu Security Notice 3613-1 - It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. It was discovered that the Hotspot component of OpenJDK did not properly validate uses of the invokeinterface JVM instruction. An attacker could possibly use this to access unauthorized resources. It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
928013bd5e1ee1d64cc4573070b7f35cde515ccf144ffe9f8098bc389a7993d3
Gentoo Linux Security Advisory 201803-6 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites, the worst of which may allow execution of arbitrary code. Versions less than 1.8.0.162:1.8 are affected.
3adf6c6e01b4fe20edbd5e749a7fd0f271f03fd5b0f403e992461b868b4673d9
Debian Linux Security Advisory 4144-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions.
2d5384afbd0e90976390bc413c367bc0957397bf968c6767eda699136dbe59b4
Red Hat Security Advisory 2018-0521-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.
7ae5584ed48fb8fe5feace735645093fc305fc5409fc9f6a5cbe1d76430117c6
Red Hat Security Advisory 2018-0458-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20. Security Fix: OpenJDK: insufficient validation of the invokeinterface instruction OpenJDK: LDAPCertStore insecure handling of LDAP referrals.
15f403872c4df4568761419deebb48ed3ea9fcbea017fcebb06d648353448d44
Red Hat Security Advisory 2018-0349-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.
a5193bcd01498012225250e8c493b1011be7f27b55df40690e4a03b7aac1fecd
Red Hat Security Advisory 2018-0352-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
0747b311eba7722f568906e172a0f201037893e0f8ddd8b951ef3a339b7dd292
Red Hat Security Advisory 2018-0351-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
af327ee7be945314f6bdd71373f6b237240539412ecb3a9c8b991c77002eea53
Red Hat Security Advisory 2018-0115-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 181. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
a282016f6ca8ca2c34b370151c16fa7d27f3526cc5f5974a70c432afe358a6b5
Red Hat Security Advisory 2018-0100-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 171. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
8540f9feeff78bc07d82fc40fdf1ac168688d391d6df121ef7ed0dba3daea02b
Red Hat Security Advisory 2018-0099-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
da3b985a579d8f6663d0d08ddcced8c6d62cf2eeab46fa3c5328353efe6b5f1d
Red Hat Security Advisory 2018-0095-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.
9a9ead0be0c0b8603f1341e6ae2cc4afc54e6876629a31bc348d58a8e1be5ea7