java-1.7.0-openjdk (SL6)

Synopsis: Moderate: java-1.7.0-openjdk security update
Advisory ID: SLSA-2019:1840-1
Issue Date: 2019-07-23
CVE Numbers: CVE-2019-2769
CVE-2019-2816
CVE-2019-2842
CVE-2019-2786
CVE-2019-2745
CVE-2019-2762

Security Fix(es):

* OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography
(Security, 8208698) (CVE-2019-2745)

* OpenJDK: Insufficient checks of suppressed exceptions in deserialization
(Utilities, 8212328) (CVE-2019-2762)

* OpenJDK: Unbounded memory allocation during deserialization in
Collections (Utilities, 8213432) (CVE-2019-2769)

* OpenJDK: Missing URL format validation (Networking, 8221518)
(CVE-2019-2816)

* OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)
(CVE-2019-2842)

* OpenJDK: Insufficient restriction of privileges in AccessController
(Security, 8216381) (CVE-2019-2786)

SL6
x86_64
java-1.7.0-openjdk-1.7.0.231-2.6.19.1.el6_10.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.231-2.6.19.1.el6_10.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.231-2.6.19.1.el6_10.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.231-2.6.19.1.el6_10.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.231-2.6.19.1.el6_10.x86_64.rpm
i386
java-1.7.0-openjdk-1.7.0.231-2.6.19.1.el6_10.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.231-2.6.19.1.el6_10.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.231-2.6.19.1.el6_10.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.231-2.6.19.1.el6_10.i686.rpm
java-1.7.0-openjdk-src-1.7.0.231-2.6.19.1.el6_10.i686.rpm
noarch
java-1.7.0-openjdk-javadoc-1.7.0.231-2.6.19.1.el6_10.noarch.rpm

– Scientific Linux Development Team