MGASA-2020-0069
- Source
- https://advisories.mageia.org/MGASA-2020-0069.html
- Import Source
- https://advisories.mageia.org/MGASA-2020-0069.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2020-0069
- Related
- Published
- 2020-01-30T18:28:34Z
- Modified
- 2020-01-30T18:03:23Z
- Summary
- Updated java-1.8.0-openjdk packages fix security vulnerabilities
- Details
-
The updated packages fix security vulnerabilities:
Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590)
Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583)
Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593)
Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601)
Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604)
Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)
Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:7 / java-1.8.0-openjdk
Package
- Name
- java-1.8.0-openjdk
- Purl
- pkg:rpm/mageia/java-1.8.0-openjdk?distro=mageia-7