MGASA-2020-0309

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2020-0309.html
Import Source
https://advisories.mageia.org/MGASA-2020-0309.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2020-0309
Related
Published
2020-07-31T23:25:42Z
Modified
2020-07-31T22:43:51Z
Summary
Updated java-1.8.0-openjdk packages fix security vulnerability
Details

Bypass of boundary checks in nio.Buffer via concurrent access. (CVE-2020-14583)

Incomplete bounds checks in Affine Transformations. (CVE-2020-14593)

Incorrect handling of access control context in ForkJoinPool. (CVE-2020-14556)

Unexpected exception raised by DerInputStream. (CVE-2020-14578)

Unexpected exception raised by DerValue.equals(). (CVE-2020-14579)

XML validation manipulation due to incomplete application of the use-grammar-pool-only feature. (CVE-2020-14621)

HostnameChecker does not ensure X.509 certificate names are in normalized form. (CVE-2020-14577)

References
Credits

Affected packages

Mageia:7 / java-1.8.0-openjdk

Package

Name
java-1.8.0-openjdk
Purl
pkg:rpm/mageia/java-1.8.0-openjdk?distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.262-1.b10.1.mga7

Ecosystem specific 

{
    "section": "core"
}