ID CVE-2017-10388
Summary Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
  • cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:7.2:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:7.2:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.10:-:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.10:-:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:7.2:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
    cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
  • cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
    cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:7.2:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:7.2:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.3:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:6.4:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.0:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.2:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.2:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:7.3:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:7.3:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:9.4:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:9.4:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:9.5:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:9.5:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 06-10-2022 - 18:57)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1503169
    title CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.8.0-openjdk is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998001
          • comment java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636002
        • AND
          • comment java-1.8.0-openjdk-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998003
          • comment java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919004
        • AND
          • comment java-1.8.0-openjdk-demo is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998005
          • comment java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636004
        • AND
          • comment java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998007
          • comment java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919008
        • AND
          • comment java-1.8.0-openjdk-devel is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998009
          • comment java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636006
        • AND
          • comment java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998011
          • comment java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919012
        • AND
          • comment java-1.8.0-openjdk-headless is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998013
          • comment java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636008
        • AND
          • comment java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998015
          • comment java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919016
        • AND
          • comment java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998017
          • comment java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636010
        • AND
          • comment java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998019
          • comment java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919020
        • AND
          • comment java-1.8.0-openjdk-src is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998021
          • comment java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636012
        • AND
          • comment java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.151-1.b12.el6_9
            oval oval:com.redhat.rhsa:tst:20172998023
          • comment java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919024
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.8.0-openjdk is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998026
          • comment java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636002
        • AND
          • comment java-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998027
          • comment java-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150809016
        • AND
          • comment java-1.8.0-openjdk-accessibility-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998029
          • comment java-1.8.0-openjdk-accessibility-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20160049006
        • AND
          • comment java-1.8.0-openjdk-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998031
          • comment java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919004
        • AND
          • comment java-1.8.0-openjdk-demo is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998032
          • comment java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636004
        • AND
          • comment java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998033
          • comment java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919008
        • AND
          • comment java-1.8.0-openjdk-devel is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998034
          • comment java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636006
        • AND
          • comment java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998035
          • comment java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919012
        • AND
          • comment java-1.8.0-openjdk-headless is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998036
          • comment java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636008
        • AND
          • comment java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998037
          • comment java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919016
        • AND
          • comment java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998038
          • comment java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636010
        • AND
          • comment java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998039
          • comment java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919020
        • AND
          • comment java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998040
          • comment java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170180041
        • AND
          • comment java-1.8.0-openjdk-javadoc-zip-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998042
          • comment java-1.8.0-openjdk-javadoc-zip-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170180043
        • AND
          • comment java-1.8.0-openjdk-src is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998044
          • comment java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636012
        • AND
          • comment java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.151-1.b12.el7_4
            oval oval:com.redhat.rhsa:tst:20172998045
          • comment java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919024
    rhsa
    id RHSA-2017:2998
    released 2017-10-20
    severity Critical
    title RHSA-2017:2998: java-1.8.0-openjdk security update (Critical)
  • bugzilla
    id 1503320
    title CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.8.0-oracle is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999001
          • comment java-1.8.0-oracle is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080002
        • AND
          • comment java-1.8.0-oracle-devel is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999003
          • comment java-1.8.0-oracle-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080004
        • AND
          • comment java-1.8.0-oracle-javafx is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999005
          • comment java-1.8.0-oracle-javafx is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080006
        • AND
          • comment java-1.8.0-oracle-jdbc is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999007
          • comment java-1.8.0-oracle-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080008
        • AND
          • comment java-1.8.0-oracle-plugin is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999009
          • comment java-1.8.0-oracle-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080010
        • AND
          • comment java-1.8.0-oracle-src is earlier than 1:1.8.0.151-1jpp.5.el7
            oval oval:com.redhat.rhsa:tst:20172999011
          • comment java-1.8.0-oracle-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080012
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.8.0-oracle is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999014
          • comment java-1.8.0-oracle is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080002
        • AND
          • comment java-1.8.0-oracle-devel is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999015
          • comment java-1.8.0-oracle-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080004
        • AND
          • comment java-1.8.0-oracle-javafx is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999016
          • comment java-1.8.0-oracle-javafx is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080006
        • AND
          • comment java-1.8.0-oracle-jdbc is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999017
          • comment java-1.8.0-oracle-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080008
        • AND
          • comment java-1.8.0-oracle-plugin is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999018
          • comment java-1.8.0-oracle-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080010
        • AND
          • comment java-1.8.0-oracle-src is earlier than 1:1.8.0.151-1jpp.1.el6
            oval oval:com.redhat.rhsa:tst:20172999019
          • comment java-1.8.0-oracle-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150080012
    rhsa
    id RHSA-2017:2999
    released 2017-10-23
    severity Critical
    title RHSA-2017:2999: java-1.8.0-oracle security update (Critical)
  • bugzilla
    id 1503320
    title CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.7.0-oracle is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046001
          • comment java-1.7.0-oracle is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413015
        • AND
          • comment java-1.7.0-oracle-devel is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046003
          • comment java-1.7.0-oracle-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413017
        • AND
          • comment java-1.7.0-oracle-javafx is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046005
          • comment java-1.7.0-oracle-javafx is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413019
        • AND
          • comment java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046007
          • comment java-1.7.0-oracle-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413021
        • AND
          • comment java-1.7.0-oracle-plugin is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046009
          • comment java-1.7.0-oracle-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413023
        • AND
          • comment java-1.7.0-oracle-src is earlier than 1:1.7.0.161-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173046011
          • comment java-1.7.0-oracle-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413025
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.7.0-oracle is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046014
          • comment java-1.7.0-oracle is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413015
        • AND
          • comment java-1.7.0-oracle-devel is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046015
          • comment java-1.7.0-oracle-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413017
        • AND
          • comment java-1.7.0-oracle-javafx is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046016
          • comment java-1.7.0-oracle-javafx is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413019
        • AND
          • comment java-1.7.0-oracle-jdbc is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046017
          • comment java-1.7.0-oracle-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413021
        • AND
          • comment java-1.7.0-oracle-plugin is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046018
          • comment java-1.7.0-oracle-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413023
        • AND
          • comment java-1.7.0-oracle-src is earlier than 1:1.7.0.161-1jpp.3.el6
            oval oval:com.redhat.rhsa:tst:20173046019
          • comment java-1.7.0-oracle-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140413025
    rhsa
    id RHSA-2017:3046
    released 2017-10-24
    severity Important
    title RHSA-2017:3046: java-1.7.0-oracle security update (Important)
  • bugzilla
    id 1503320
    title CVE-2017-10293 Oracle JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.6.0-sun is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047001
          • comment java-1.6.0-sun is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414015
        • AND
          • comment java-1.6.0-sun-demo is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047003
          • comment java-1.6.0-sun-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414017
        • AND
          • comment java-1.6.0-sun-devel is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047005
          • comment java-1.6.0-sun-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414019
        • AND
          • comment java-1.6.0-sun-jdbc is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047007
          • comment java-1.6.0-sun-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414021
        • AND
          • comment java-1.6.0-sun-plugin is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047009
          • comment java-1.6.0-sun-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414023
        • AND
          • comment java-1.6.0-sun-src is earlier than 1:1.6.0.171-1jpp.4.el7
            oval oval:com.redhat.rhsa:tst:20173047011
          • comment java-1.6.0-sun-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414025
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.6.0-sun is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047014
          • comment java-1.6.0-sun is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414015
        • AND
          • comment java-1.6.0-sun-demo is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047015
          • comment java-1.6.0-sun-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414017
        • AND
          • comment java-1.6.0-sun-devel is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047016
          • comment java-1.6.0-sun-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414019
        • AND
          • comment java-1.6.0-sun-jdbc is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047017
          • comment java-1.6.0-sun-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414021
        • AND
          • comment java-1.6.0-sun-plugin is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047018
          • comment java-1.6.0-sun-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414023
        • AND
          • comment java-1.6.0-sun-src is earlier than 1:1.6.0.171-1jpp.4.el6
            oval oval:com.redhat.rhsa:tst:20173047019
          • comment java-1.6.0-sun-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140414025
    rhsa
    id RHSA-2017:3047
    released 2017-10-24
    severity Important
    title RHSA-2017:3047: java-1.6.0-sun security update (Important)
  • bugzilla
    id 1503169
    title CVE-2017-10356 OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.7.0-openjdk is earlier than 1:1.7.0.161-2.6.12.0.el6_9
            oval oval:com.redhat.rhsa:tst:20173392001
          • comment java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009002
        • AND
          • comment java-1.7.0-openjdk-demo is earlier than 1:1.7.0.161-2.6.12.0.el6_9
            oval oval:com.redhat.rhsa:tst:20173392003
          • comment java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009004
        • AND
          • comment java-1.7.0-openjdk-devel is earlier than 1:1.7.0.161-2.6.12.0.el6_9
            oval oval:com.redhat.rhsa:tst:20173392005
          • comment java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009006
        • AND
          • comment java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.161-2.6.12.0.el6_9
            oval oval:com.redhat.rhsa:tst:20173392007
          • comment java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009008
        • AND
          • comment java-1.7.0-openjdk-src is earlier than 1:1.7.0.161-2.6.12.0.el6_9
            oval oval:com.redhat.rhsa:tst:20173392009
          • comment java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009010
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.7.0-openjdk is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392012
          • comment java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009002
        • AND
          • comment java-1.7.0-openjdk-accessibility is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392013
          • comment java-1.7.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140675004
        • AND
          • comment java-1.7.0-openjdk-demo is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392015
          • comment java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009004
        • AND
          • comment java-1.7.0-openjdk-devel is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392016
          • comment java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009006
        • AND
          • comment java-1.7.0-openjdk-headless is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392017
          • comment java-1.7.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140675010
        • AND
          • comment java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392019
          • comment java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009008
        • AND
          • comment java-1.7.0-openjdk-src is earlier than 1:1.7.0.161-2.6.12.0.el7_4
            oval oval:com.redhat.rhsa:tst:20173392020
          • comment java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009010
    rhsa
    id RHSA-2017:3392
    released 2017-12-06
    severity Important
    title RHSA-2017:3392: java-1.7.0-openjdk security and bug fix update (Important)
  • rhsa
    id RHSA-2017:3264
  • rhsa
    id RHSA-2017:3267
  • rhsa
    id RHSA-2017:3268
  • rhsa
    id RHSA-2017:3453
rpms
  • java-1.8.0-openjdk-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-accessibility-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-accessibility-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-demo-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-demo-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-devel-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-devel-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-headless-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-headless-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-javadoc-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-javadoc-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-javadoc-zip-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-javadoc-zip-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-src-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-src-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-openjdk-src-debug-1:1.8.0.151-1.b12.el6_9
  • java-1.8.0-openjdk-src-debug-1:1.8.0.151-1.b12.el7_4
  • java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7
  • java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-devel-1:1.8.0.151-1jpp.5.el7
  • java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-javafx-1:1.8.0.151-1jpp.5.el7
  • java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-jdbc-1:1.8.0.151-1jpp.5.el7
  • java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-plugin-1:1.8.0.151-1jpp.5.el7
  • java-1.8.0-oracle-src-1:1.8.0.151-1jpp.1.el6
  • java-1.8.0-oracle-src-1:1.8.0.151-1jpp.5.el7
  • java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7
  • java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-devel-1:1.7.0.161-1jpp.4.el7
  • java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-javafx-1:1.7.0.161-1jpp.4.el7
  • java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-jdbc-1:1.7.0.161-1jpp.4.el7
  • java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-plugin-1:1.7.0.161-1jpp.4.el7
  • java-1.7.0-oracle-src-1:1.7.0.161-1jpp.3.el6
  • java-1.7.0-oracle-src-1:1.7.0.161-1jpp.4.el7
  • java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7
  • java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-demo-1:1.6.0.171-1jpp.4.el7
  • java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-devel-1:1.6.0.171-1jpp.4.el7
  • java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-jdbc-1:1.6.0.171-1jpp.4.el7
  • java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-plugin-1:1.6.0.171-1jpp.4.el7
  • java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el6
  • java-1.6.0-sun-src-1:1.6.0.171-1jpp.4.el7
  • java-1.8.0-ibm-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.2.el7
  • java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-demo-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-jdbc-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-plugin-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-src-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.7.1-ibm-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.1-ibm-demo-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-demo-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.1-ibm-devel-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-devel-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.1-ibm-jdbc-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-jdbc-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.1-ibm-plugin-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-plugin-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.1-ibm-src-1:1.7.1.4.15-1jpp.2.el7
  • java-1.7.1-ibm-src-1:1.7.1.4.15-1jpp.3.el6_9
  • java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-accessibility-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-demo-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-demo-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-devel-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-devel-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-headless-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-javadoc-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-javadoc-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.7.0-openjdk-src-1:1.7.0.161-2.6.12.0.el6_9
  • java-1.7.0-openjdk-src-1:1.7.0.161-2.6.12.0.el7_4
  • java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9
  • java-1.8.0-ibm-devel-1:1.8.0.5.5-1jpp.1.el6_9
refmap via4
bid 101321
confirm
debian
  • DSA-4015
  • DSA-4048
gentoo
  • GLSA-201710-31
  • GLSA-201711-14
mlist [debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update
sectrack 1039596
Last major update 06-10-2022 - 18:57
Published 19-10-2017 - 17:29
Last modified 06-10-2022 - 18:57
Back to Top