SciLinux: SLSA-2020-0541-1 Important: java-1.7.0-openjdk on SL7.x x86_64

    Date18 Feb 2020
    213
    Posted ByLinuxSecurity Advisories
    OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalizat [More...]
    Synopsis:          Important: java-1.7.0-openjdk security update
    Advisory ID:       SLSA-2020:0541-1
    Issue Date:        2020-02-18
    CVE Numbers:       None
    --
    
    Security Fix(es):
    
    * OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security,
    8229951) (CVE-2020-2601)
    
    * OpenJDK: Serialization filter changes via jdk.serialFilter property
    modification (Serialization, 8231422) (CVE-2020-2604)
    
    * OpenJDK: Improper checks of SASL message properties in GssKrb5Base
    (Security, 8226352) (CVE-2020-2590)
    
    * OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization
    issues (Networking, 8228548) (CVE-2020-2593)
    
    * OpenJDK: Excessive memory usage in OID processing in X.509 certificate
    parsing (Libraries, 8234037) (CVE-2020-2654)
    
    * OpenJDK: Incorrect exception processing during deserialization in
    BeanContextSupport (Serialization, 8224909) (CVE-2020-2583)
    
    * OpenJDK: Incomplete enforcement of maxDatagramSockets limit in
    DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)
    --
    
    SL7
      x86_64
        java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-headless-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-accessibility-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
        java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el7_7.x86_64.rpm
      noarch
        java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el7_7.noarch.rpm
    
    - Scientific Linux Development Team
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"48","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"4","type":"x","order":"2","pct":7.41,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"2","type":"x","order":"3","pct":3.7,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.