Mageia: 2020-0309 Moderate: Java-1.8.0-openjdk Buffer Overflow Security Fix
mageia
July 31, 2020
Bypass of boundary checks in nio.Buffer via concurrent access
Summary
Bypass of boundary checks in nio.Buffer via concurrent access.
(CVE-2020-14583)
Incomplete bounds checks in Affine Transformations. (CVE-2020-14593)
Incorrect handling of access control context in ForkJoinPool.
(CVE-2020-14556)
Unexpected exception raised by DerInputStream. (CVE-2020-14578)
Unexpected exception raised by DerValue.equals(). (CVE-2020-14579)
XML validation manipulation due to incomplete application of the
use-grammar-pool-only feature. (CVE-2020-14621)
HostnameChecker does not ensure X.509 certificate names are in
normalized form. (CVE-2020-14577)
References
- https://bugs.mageia.org/show_bug.cgi?id=26960
- https://access.redhat.com/errata/RHSA-2020:2972
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.cve.org/CVERecord?id=CVE-2020-14583
- https://www.cve.org/CVERecord?id=CVE-2020-14593
- https://www.cve.org/CVERecord?id=CVE-2020-14556
- https://www.cve.org/CVERecord?id=CVE-2020-14578
- https://www.cve.org/CVERecord?id=CVE-2020-14579
- https://www.cve.org/CVERecord?id=CVE-2020-14621
- https://www.cve.org/CVERecord?id=CVE-2020-14577
Resolution
SRPMS
- 7/core/java-1.8.0-openjdk-1.8.0.262-1.b10.1.mga7
PREVIOUS
NEXT
Publication date: 31 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0309.html
Type: security
CVE: CVE-2020-14583,
CVE-2020-14593,
CVE-2020-14556,
CVE-2020-14578,
CVE-2020-14579,
CVE-2020-14621,
CVE-2020-14577
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!