ID CVE-2019-2999
Summary Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_231:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_231:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_221:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_221:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
  • cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
    cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
CVSS
Base: 4.0 (as of 08-09-2020 - 13:00)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:N
redhat via4
advisories
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-11-openjdk is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127001
          • comment java-11-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521002
        • AND
          • comment java-11-openjdk-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127003
          • comment java-11-openjdk-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521004
        • AND
          • comment java-11-openjdk-demo is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127005
          • comment java-11-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521006
        • AND
          • comment java-11-openjdk-demo-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127007
          • comment java-11-openjdk-demo-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521008
        • AND
          • comment java-11-openjdk-devel is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127009
          • comment java-11-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521010
        • AND
          • comment java-11-openjdk-devel-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127011
          • comment java-11-openjdk-devel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521012
        • AND
          • comment java-11-openjdk-headless is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127013
          • comment java-11-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521014
        • AND
          • comment java-11-openjdk-headless-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127015
          • comment java-11-openjdk-headless-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521016
        • AND
          • comment java-11-openjdk-javadoc is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127017
          • comment java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521018
        • AND
          • comment java-11-openjdk-javadoc-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127019
          • comment java-11-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521020
        • AND
          • comment java-11-openjdk-javadoc-zip is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127021
          • comment java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521022
        • AND
          • comment java-11-openjdk-javadoc-zip-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127023
          • comment java-11-openjdk-javadoc-zip-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521024
        • AND
          • comment java-11-openjdk-jmods is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127025
          • comment java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521026
        • AND
          • comment java-11-openjdk-jmods-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127027
          • comment java-11-openjdk-jmods-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521028
        • AND
          • comment java-11-openjdk-src is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127029
          • comment java-11-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521030
        • AND
          • comment java-11-openjdk-src-debug is earlier than 1:11.0.5.10-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193127031
          • comment java-11-openjdk-src-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521032
    rhsa
    id RHSA-2019:3127
    released 2019-10-16
    severity Important
    title RHSA-2019:3127: java-11-openjdk security update (Important)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.8.0-openjdk is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128001
          • comment java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636002
        • AND
          • comment java-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128003
          • comment java-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150809016
        • AND
          • comment java-1.8.0-openjdk-accessibility-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128005
          • comment java-1.8.0-openjdk-accessibility-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20160049006
        • AND
          • comment java-1.8.0-openjdk-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128007
          • comment java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919004
        • AND
          • comment java-1.8.0-openjdk-demo is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128009
          • comment java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636004
        • AND
          • comment java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128011
          • comment java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919008
        • AND
          • comment java-1.8.0-openjdk-devel is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128013
          • comment java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636006
        • AND
          • comment java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128015
          • comment java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919012
        • AND
          • comment java-1.8.0-openjdk-headless is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128017
          • comment java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636008
        • AND
          • comment java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128019
          • comment java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919016
        • AND
          • comment java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128021
          • comment java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636010
        • AND
          • comment java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128023
          • comment java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919020
        • AND
          • comment java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128025
          • comment java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170180041
        • AND
          • comment java-1.8.0-openjdk-javadoc-zip-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128027
          • comment java-1.8.0-openjdk-javadoc-zip-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170180043
        • AND
          • comment java-1.8.0-openjdk-src is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128029
          • comment java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636012
        • AND
          • comment java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.232.b09-0.el7_7
            oval oval:com.redhat.rhsa:tst:20193128031
          • comment java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919024
    rhsa
    id RHSA-2019:3128
    released 2019-10-16
    severity Important
    title RHSA-2019:3128: java-1.8.0-openjdk security update (Important)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment java-1.8.0-openjdk is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134001
          • comment java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636002
        • AND
          • comment java-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134003
          • comment java-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150809016
        • AND
          • comment java-1.8.0-openjdk-debugsource is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134005
          • comment java-1.8.0-openjdk-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191146006
        • AND
          • comment java-1.8.0-openjdk-demo is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134007
          • comment java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636004
        • AND
          • comment java-1.8.0-openjdk-devel is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134009
          • comment java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636006
        • AND
          • comment java-1.8.0-openjdk-headless is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134011
          • comment java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636008
        • AND
          • comment java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134013
          • comment java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636010
        • AND
          • comment java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134015
          • comment java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20170180041
        • AND
          • comment java-1.8.0-openjdk-src is earlier than 1:1.8.0.232.b09-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193134017
          • comment java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636012
    rhsa
    id RHSA-2019:3134
    released 2019-10-17
    severity Important
    title RHSA-2019:3134: java-1.8.0-openjdk security update (Important)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment java-11-openjdk is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135001
          • comment java-11-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521002
        • AND
          • comment java-11-openjdk-debugsource is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135003
          • comment java-11-openjdk-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191518004
        • AND
          • comment java-11-openjdk-demo is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135005
          • comment java-11-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521006
        • AND
          • comment java-11-openjdk-devel is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135007
          • comment java-11-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521010
        • AND
          • comment java-11-openjdk-headless is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135009
          • comment java-11-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521014
        • AND
          • comment java-11-openjdk-javadoc is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135011
          • comment java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521018
        • AND
          • comment java-11-openjdk-javadoc-zip is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135013
          • comment java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521022
        • AND
          • comment java-11-openjdk-jmods is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135015
          • comment java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521026
        • AND
          • comment java-11-openjdk-src is earlier than 1:11.0.5.10-0.el8_0
            oval oval:com.redhat.rhsa:tst:20193135017
          • comment java-11-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183521030
    rhsa
    id RHSA-2019:3135
    released 2019-10-17
    severity Important
    title RHSA-2019:3135: java-11-openjdk security update (Important)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.8.0-openjdk is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136001
          • comment java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636002
        • AND
          • comment java-1.8.0-openjdk-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136003
          • comment java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919004
        • AND
          • comment java-1.8.0-openjdk-demo is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136005
          • comment java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636004
        • AND
          • comment java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136007
          • comment java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919008
        • AND
          • comment java-1.8.0-openjdk-devel is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136009
          • comment java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636006
        • AND
          • comment java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136011
          • comment java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919012
        • AND
          • comment java-1.8.0-openjdk-headless is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136013
          • comment java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636008
        • AND
          • comment java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136015
          • comment java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919016
        • AND
          • comment java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136017
          • comment java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636010
        • AND
          • comment java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136019
          • comment java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919020
        • AND
          • comment java-1.8.0-openjdk-src is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136021
          • comment java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20141636012
        • AND
          • comment java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.232.b09-1.el6_10
            oval oval:com.redhat.rhsa:tst:20193136023
          • comment java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20151919024
    rhsa
    id RHSA-2019:3136
    released 2019-10-17
    severity Important
    title RHSA-2019:3136: java-1.8.0-openjdk security update (Important)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment java-1.7.0-openjdk is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157001
          • comment java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009002
        • AND
          • comment java-1.7.0-openjdk-accessibility is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157003
          • comment java-1.7.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140675004
        • AND
          • comment java-1.7.0-openjdk-demo is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157005
          • comment java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009004
        • AND
          • comment java-1.7.0-openjdk-devel is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157007
          • comment java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009006
        • AND
          • comment java-1.7.0-openjdk-headless is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157009
          • comment java-1.7.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140675010
        • AND
          • comment java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157011
          • comment java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009008
        • AND
          • comment java-1.7.0-openjdk-src is earlier than 1:1.7.0.241-2.6.20.0.el7_7
            oval oval:com.redhat.rhsa:tst:20193157013
          • comment java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009010
    rhsa
    id RHSA-2019:3157
    released 2019-10-21
    severity Moderate
    title RHSA-2019:3157: java-1.7.0-openjdk security update (Moderate)
  • bugzilla
    id 1761601
    title CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment java-1.7.0-openjdk is earlier than 1:1.7.0.241-2.6.20.0.el6_10
            oval oval:com.redhat.rhsa:tst:20193158001
          • comment java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009002
        • AND
          • comment java-1.7.0-openjdk-demo is earlier than 1:1.7.0.241-2.6.20.0.el6_10
            oval oval:com.redhat.rhsa:tst:20193158003
          • comment java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009004
        • AND
          • comment java-1.7.0-openjdk-devel is earlier than 1:1.7.0.241-2.6.20.0.el6_10
            oval oval:com.redhat.rhsa:tst:20193158005
          • comment java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009006
        • AND
          • comment java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.241-2.6.20.0.el6_10
            oval oval:com.redhat.rhsa:tst:20193158007
          • comment java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009008
        • AND
          • comment java-1.7.0-openjdk-src is earlier than 1:1.7.0.241-2.6.20.0.el6_10
            oval oval:com.redhat.rhsa:tst:20193158009
          • comment java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20121009010
    rhsa
    id RHSA-2019:3158
    released 2019-10-21
    severity Moderate
    title RHSA-2019:3158: java-1.7.0-openjdk security update (Moderate)
  • bugzilla
    id 1779880
    title CVE-2019-17631 IBM JDK: Unrestricted access to diagnostic operations
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment java-1.8.0-ibm is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046001
          • comment java-1.8.0-ibm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238002
        • AND
          • comment java-1.8.0-ibm-demo is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046003
          • comment java-1.8.0-ibm-demo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238004
        • AND
          • comment java-1.8.0-ibm-devel is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046005
          • comment java-1.8.0-ibm-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238006
        • AND
          • comment java-1.8.0-ibm-headless is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046007
          • comment java-1.8.0-ibm-headless is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238008
        • AND
          • comment java-1.8.0-ibm-jdbc is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046009
          • comment java-1.8.0-ibm-jdbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238010
        • AND
          • comment java-1.8.0-ibm-plugin is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046011
          • comment java-1.8.0-ibm-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238012
        • AND
          • comment java-1.8.0-ibm-src is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046013
          • comment java-1.8.0-ibm-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238014
        • AND
          • comment java-1.8.0-ibm-webstart is earlier than 1:1.8.0.6.0-3.el8_1
            oval oval:com.redhat.rhsa:tst:20200046015
          • comment java-1.8.0-ibm-webstart is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191238016
    rhsa
    id RHSA-2020:0046
    released 2020-01-07
    severity Moderate
    title RHSA-2020:0046: java-1.8.0-ibm security update (Moderate)
  • rhsa
    id RHSA-2019:4109
  • rhsa
    id RHSA-2019:4110
  • rhsa
    id RHSA-2019:4113
  • rhsa
    id RHSA-2019:4115
  • rhsa
    id RHSA-2020:0006
rpms
  • java-11-openjdk-1:11.0.5.10-0.el7_7
  • java-11-openjdk-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-debuginfo-1:11.0.5.10-0.el7_7
  • java-11-openjdk-demo-1:11.0.5.10-0.el7_7
  • java-11-openjdk-demo-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-devel-1:11.0.5.10-0.el7_7
  • java-11-openjdk-devel-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-headless-1:11.0.5.10-0.el7_7
  • java-11-openjdk-headless-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-javadoc-1:11.0.5.10-0.el7_7
  • java-11-openjdk-javadoc-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-javadoc-zip-1:11.0.5.10-0.el7_7
  • java-11-openjdk-javadoc-zip-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-jmods-1:11.0.5.10-0.el7_7
  • java-11-openjdk-jmods-debug-1:11.0.5.10-0.el7_7
  • java-11-openjdk-src-1:11.0.5.10-0.el7_7
  • java-11-openjdk-src-debug-1:11.0.5.10-0.el7_7
  • java-1.8.0-openjdk-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-accessibility-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-accessibility-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-demo-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-devel-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-headless-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-javadoc-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-javadoc-zip-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-javadoc-zip-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-src-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-src-debug-1:1.8.0.232.b09-0.el7_7
  • java-1.8.0-openjdk-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-accessibility-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-debugsource-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-demo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-demo-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-demo-slowdebug-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-devel-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-devel-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-devel-slowdebug-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-headless-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-headless-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-headless-slowdebug-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-javadoc-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-javadoc-zip-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-slowdebug-debuginfo-1:1.8.0.232.b09-0.el8_0
  • java-1.8.0-openjdk-src-1:1.8.0.232.b09-0.el8_0
  • java-11-openjdk-1:11.0.5.10-0.el8_0
  • java-11-openjdk-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-debugsource-1:11.0.5.10-0.el8_0
  • java-11-openjdk-demo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-devel-1:11.0.5.10-0.el8_0
  • java-11-openjdk-devel-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-headless-1:11.0.5.10-0.el8_0
  • java-11-openjdk-headless-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-javadoc-1:11.0.5.10-0.el8_0
  • java-11-openjdk-javadoc-zip-1:11.0.5.10-0.el8_0
  • java-11-openjdk-jmods-1:11.0.5.10-0.el8_0
  • java-11-openjdk-slowdebug-debuginfo-1:11.0.5.10-0.el8_0
  • java-11-openjdk-src-1:11.0.5.10-0.el8_0
  • java-1.8.0-openjdk-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-demo-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-devel-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-headless-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-javadoc-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-src-1:1.8.0.232.b09-1.el6_10
  • java-1.8.0-openjdk-src-debug-1:1.8.0.232.b09-1.el6_10
  • java-1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-accessibility-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-demo-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-devel-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-headless-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-javadoc-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-src-1:1.7.0.241-2.6.20.0.el7_7
  • java-1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.0-openjdk-demo-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.0-openjdk-devel-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.0-openjdk-javadoc-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.0-openjdk-src-1:1.7.0.241-2.6.20.0.el6_10
  • java-1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-demo-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-devel-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-jdbc-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-plugin-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-src-1:1.7.1.4.55-1jpp.1.el6_10
  • java-1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el7
  • java-1.7.1-ibm-demo-1:1.7.1.4.55-1jpp.1.el7
  • java-1.7.1-ibm-devel-1:1.7.1.4.55-1jpp.1.el7
  • java-1.7.1-ibm-jdbc-1:1.7.1.4.55-1jpp.1.el7
  • java-1.7.1-ibm-plugin-1:1.7.1.4.55-1jpp.1.el7
  • java-1.7.1-ibm-src-1:1.7.1.4.55-1jpp.1.el7
  • java-1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-demo-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-devel-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-jdbc-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-plugin-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-src-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-demo-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-devel-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-jdbc-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-plugin-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-src-1:1.8.0.6.0-1jpp.1.el7
  • java-1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-devel-1:1.8.0.6.0-1jpp.1.el6_10
  • java-1.8.0-ibm-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-demo-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-devel-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-headless-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-jdbc-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-plugin-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-src-1:1.8.0.6.0-3.el8_1
  • java-1.8.0-ibm-webstart-1:1.8.0.6.0-3.el8_1
refmap via4
bugtraq
  • 20191021 [SECURITY] [DSA 4546-1] openjdk-11 security update
  • 20191021 [SECURITY] [DSA 4548-1] openjdk-8 security update
confirm https://security.netapp.com/advisory/ntap-20191017-0001/
debian
  • DSA-4546
  • DSA-4548
misc http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
mlist [debian-lts-announce] 20191207 [SECURITY] [DLA 2023-1] openjdk-7 security update
suse
  • openSUSE-SU-2019:2557
  • openSUSE-SU-2019:2565
  • openSUSE-SU-2019:2687
ubuntu USN-4223-1
Last major update 08-09-2020 - 13:00
Published 16-10-2019 - 18:15
Last modified 08-09-2020 - 13:00
Back to Top