ID |
CVE-2017-10388
|
Summary |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
|
CVSS |
Base: | 5.1 (as of 13-05-2022 - 14:57) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-noinfo |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
HIGH |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
redhat
via4
|
advisories | bugzilla | id | 1503169 | title | CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.8.0-openjdk is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998001 |
comment | java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636002 |
|
AND | comment | java-1.8.0-openjdk-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998003 |
comment | java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919004 |
|
AND | comment | java-1.8.0-openjdk-demo is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998005 |
comment | java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636004 |
|
AND | comment | java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998007 |
comment | java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919008 |
|
AND | comment | java-1.8.0-openjdk-devel is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998009 |
comment | java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636006 |
|
AND | comment | java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998011 |
comment | java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919012 |
|
AND | comment | java-1.8.0-openjdk-headless is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998013 |
comment | java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636008 |
|
AND | comment | java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998015 |
comment | java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919016 |
|
AND | comment | java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998017 |
comment | java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636010 |
|
AND | comment | java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998019 |
comment | java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919020 |
|
AND | comment | java-1.8.0-openjdk-src is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998021 |
comment | java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636012 |
|
AND | comment | java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.151-1.b12.el6_9 | oval | oval:com.redhat.rhsa:tst:20172998023 |
comment | java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919024 |
|
|
|
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | java-1.8.0-openjdk is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998026 |
comment | java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636002 |
|
AND | comment | java-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998027 |
comment | java-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150809016 |
|
AND | comment | java-1.8.0-openjdk-accessibility-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998029 |
comment | java-1.8.0-openjdk-accessibility-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20160049006 |
|
AND | comment | java-1.8.0-openjdk-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998031 |
comment | java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919004 |
|
AND | comment | java-1.8.0-openjdk-demo is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998032 |
comment | java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636004 |
|
AND | comment | java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998033 |
comment | java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919008 |
|
AND | comment | java-1.8.0-openjdk-devel is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998034 |
comment | java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636006 |
|
AND | comment | java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998035 |
comment | java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919012 |
|
AND | comment | java-1.8.0-openjdk-headless is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998036 |
comment | java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636008 |
|
AND | comment | java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998037 |
comment | java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919016 |
|
AND | comment | java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998038 |
comment | java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636010 |
|
AND | comment | java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998039 |
comment | java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919020 |
|
AND | comment | java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998040 |
comment | java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20170180041 |
|
AND | comment | java-1.8.0-openjdk-javadoc-zip-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998042 |
comment | java-1.8.0-openjdk-javadoc-zip-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20170180043 |
|
AND | comment | java-1.8.0-openjdk-src is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998044 |
comment | java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20141636012 |
|
AND | comment | java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.151-1.b12.el7_4 | oval | oval:com.redhat.rhsa:tst:20172998045 |
comment | java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20151919024 |
|
|
|
|
| rhsa | id | RHSA-2017:2998 | released | 2017-10-20 | severity | Critical | title | RHSA-2017:2998: java-1.8.0-openjdk security update (Critical) |
|
bugzilla | id | 1503320 | title | CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | java-1.8.0-oracle is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999001 |
comment | java-1.8.0-oracle is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080002 |
|
AND | comment | java-1.8.0-oracle-devel is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999003 |
comment | java-1.8.0-oracle-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080004 |
|
AND | comment | java-1.8.0-oracle-javafx is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999005 |
comment | java-1.8.0-oracle-javafx is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080006 |
|
AND | comment | java-1.8.0-oracle-jdbc is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999007 |
comment | java-1.8.0-oracle-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080008 |
|
AND | comment | java-1.8.0-oracle-plugin is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999009 |
comment | java-1.8.0-oracle-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080010 |
|
AND | comment | java-1.8.0-oracle-src is earlier than 1:1.8.0.151-1jpp.5.el7 | oval | oval:com.redhat.rhsa:tst:20172999011 |
comment | java-1.8.0-oracle-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080012 |
|
|
|
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.8.0-oracle is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999014 |
comment | java-1.8.0-oracle is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080002 |
|
AND | comment | java-1.8.0-oracle-devel is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999015 |
comment | java-1.8.0-oracle-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080004 |
|
AND | comment | java-1.8.0-oracle-javafx is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999016 |
comment | java-1.8.0-oracle-javafx is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080006 |
|
AND | comment | java-1.8.0-oracle-jdbc is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999017 |
comment | java-1.8.0-oracle-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080008 |
|
AND | comment | java-1.8.0-oracle-plugin is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999018 |
comment | java-1.8.0-oracle-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080010 |
|
AND | comment | java-1.8.0-oracle-src is earlier than 1:1.8.0.151-1jpp.1.el6 | oval | oval:com.redhat.rhsa:tst:20172999019 |
comment | java-1.8.0-oracle-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20150080012 |
|
|
|
|
| rhsa | id | RHSA-2017:2999 | released | 2017-10-23 | severity | Critical | title | RHSA-2017:2999: java-1.8.0-oracle security update (Critical) |
|
bugzilla | id | 1503320 | title | CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | java-1.7.0-oracle is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046001 |
comment | java-1.7.0-oracle is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413015 |
|
AND | comment | java-1.7.0-oracle-devel is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046003 |
comment | java-1.7.0-oracle-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413017 |
|
AND | comment | java-1.7.0-oracle-javafx is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046005 |
comment | java-1.7.0-oracle-javafx is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413019 |
|
AND | comment | java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046007 |
comment | java-1.7.0-oracle-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413021 |
|
AND | comment | java-1.7.0-oracle-plugin is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046009 |
comment | java-1.7.0-oracle-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413023 |
|
AND | comment | java-1.7.0-oracle-src is earlier than 1:1.7.0.161-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173046011 |
comment | java-1.7.0-oracle-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413025 |
|
|
|
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.7.0-oracle is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046014 |
comment | java-1.7.0-oracle is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413015 |
|
AND | comment | java-1.7.0-oracle-devel is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046015 |
comment | java-1.7.0-oracle-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413017 |
|
AND | comment | java-1.7.0-oracle-javafx is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046016 |
comment | java-1.7.0-oracle-javafx is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413019 |
|
AND | comment | java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046017 |
comment | java-1.7.0-oracle-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413021 |
|
AND | comment | java-1.7.0-oracle-plugin is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046018 |
comment | java-1.7.0-oracle-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413023 |
|
AND | comment | java-1.7.0-oracle-src is earlier than 1:1.7.0.161-1jpp.3.el6 | oval | oval:com.redhat.rhsa:tst:20173046019 |
comment | java-1.7.0-oracle-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140413025 |
|
|
|
|
| rhsa | id | RHSA-2017:3046 | released | 2017-10-24 | severity | Important | title | RHSA-2017:3046: java-1.7.0-oracle security update (Important) |
|
bugzilla | id | 1503320 | title | CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | java-1.6.0-sun is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047001 |
comment | java-1.6.0-sun is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414015 |
|
AND | comment | java-1.6.0-sun-demo is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047003 |
comment | java-1.6.0-sun-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414017 |
|
AND | comment | java-1.6.0-sun-devel is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047005 |
comment | java-1.6.0-sun-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414019 |
|
AND | comment | java-1.6.0-sun-jdbc is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047007 |
comment | java-1.6.0-sun-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414021 |
|
AND | comment | java-1.6.0-sun-plugin is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047009 |
comment | java-1.6.0-sun-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414023 |
|
AND | comment | java-1.6.0-sun-src is earlier than 1:1.6.0.171-1jpp.4.el7 | oval | oval:com.redhat.rhsa:tst:20173047011 |
comment | java-1.6.0-sun-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414025 |
|
|
|
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.6.0-sun is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047014 |
comment | java-1.6.0-sun is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414015 |
|
AND | comment | java-1.6.0-sun-demo is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047015 |
comment | java-1.6.0-sun-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414017 |
|
AND | comment | java-1.6.0-sun-devel is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047016 |
comment | java-1.6.0-sun-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414019 |
|
AND | comment | java-1.6.0-sun-jdbc is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047017 |
comment | java-1.6.0-sun-jdbc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414021 |
|
AND | comment | java-1.6.0-sun-plugin is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047018 |
comment | java-1.6.0-sun-plugin is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414023 |
|
AND | comment | java-1.6.0-sun-src is earlier than 1:1.6.0.171-1jpp.4.el6 | oval | oval:com.redhat.rhsa:tst:20173047019 |
comment | java-1.6.0-sun-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140414025 |
|
|
|
|
| rhsa | id | RHSA-2017:3047 | released | 2017-10-24 | severity | Important | title | RHSA-2017:3047: java-1.6.0-sun security update (Important) |
|
bugzilla | id | 1503169 | title | CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.7.0-openjdk is earlier than 1:1.7.0.161-2.6.12.0.el6_9 | oval | oval:com.redhat.rhsa:tst:20173392001 |
comment | java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009002 |
|
AND | comment | java-1.7.0-openjdk-demo is earlier than 1:1.7.0.161-2.6.12.0.el6_9 | oval | oval:com.redhat.rhsa:tst:20173392003 |
comment | java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009004 |
|
AND | comment | java-1.7.0-openjdk-devel is earlier than 1:1.7.0.161-2.6.12.0.el6_9 | oval | oval:com.redhat.rhsa:tst:20173392005 |
comment | java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009006 |
|
AND | comment | java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.161-2.6.12.0.el6_9 | oval | oval:com.redhat.rhsa:tst:20173392007 |
comment | java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009008 |
|
AND | comment | java-1.7.0-openjdk-src is earlier than 1:1.7.0.161-2.6.12.0.el6_9 | oval | oval:com.redhat.rhsa:tst:20173392009 |
comment | java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009010 |
|
|
|
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | java-1.7.0-openjdk is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392012 |
comment | java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009002 |
|
AND | comment | java-1.7.0-openjdk-accessibility is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392013 |
comment | java-1.7.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140675004 |
|
AND | comment | java-1.7.0-openjdk-demo is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392015 |
comment | java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009004 |
|
AND | comment | java-1.7.0-openjdk-devel is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392016 |
comment | java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009006 |
|
AND | comment | java-1.7.0-openjdk-headless is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392017 |
comment | java-1.7.0-openjdk-headless is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140675010 |
|
AND | comment | java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392019 |
comment | java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009008 |
|
AND | comment | java-1.7.0-openjdk-src is earlier than 1:1.7.0.161-2.6.12.0.el7_4 | oval | oval:com.redhat.rhsa:tst:20173392020 |
comment | java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009010 |
|
|
|
|
| rhsa | id | RHSA-2017:3392 | released | 2017-12-06 | severity | Important | title | RHSA-2017:3392: java-1.7.0-openjdk security and bug fix update (Important) |
|
| rpms | - java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-accessibility-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-accessibility-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-debuginfo-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-debuginfo-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-demo-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-demo-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-demo-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-demo-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-devel-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-devel-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-devel-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-devel-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-headless-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-headless-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-headless-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-headless-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-javadoc-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-javadoc-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-javadoc-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-javadoc-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-javadoc-zip-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-javadoc-zip-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-src-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-src-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-openjdk-src-debug-1:1.8.0.151-1.b12.el6_9
- java-1.8.0-openjdk-src-debug-1:1.8.0.151-1.b12.el7_4
- java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7
- java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7
- java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7
- java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7
- java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7
- java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6
- java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7
- java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7
- java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7
- java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7
- java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7
- java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7
- java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6
- java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7
- java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7
- java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7
- java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7
- java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7
- java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7
- java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6
- java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7
- java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7
- java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.1-ibm-demo-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-demo-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.1-ibm-devel-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-devel-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.1-ibm-jdbc-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-jdbc-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.1-ibm-plugin-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-plugin-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.1-ibm-src-1:1.7.1.4.15-1jpp.2.el7
- java-1.7.1-ibm-src-1:1.7.1.4.15-1jpp.3.el6_9
- java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-accessibility-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-debuginfo-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-debuginfo-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-demo-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-demo-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-devel-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-devel-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-headless-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-javadoc-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-javadoc-1:1.7.0.161-2.6.12.0.el7_4
- java-1.7.0-openjdk-src-1:1.7.0.161-2.6.12.0.el6_9
- java-1.7.0-openjdk-src-1:1.7.0.161-2.6.12.0.el7_4
- java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9
- java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9
|
|
refmap
via4
|
bid | 101321 | confirm | | debian | | gentoo | - GLSA-201710-31
- GLSA-201711-14
| mlist | [debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update | sectrack | 1039596 |
|
Last major update |
13-05-2022 - 14:57 |
Published |
19-10-2017 - 17:29 |
Last modified |
13-05-2022 - 14:57 |