OVAL Reference oval:com.redhat.rhsa:def:20182942

Oval Definition:

oval:com.redhat.rhsa:def:20182942

Revision Date:	2018-10-17	Version:	636
Title:	RHSA-2018:2942: java-1.8.0-openjdk security update (Critical)
Description:	The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) OpenJDK: Unrestricted access to scripting engine (Scripting, 8202936) (CVE-2018-3183) OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177) (CVE-2018-3149) OpenJDK: Incorrect handling of unsigned attributes in singed Jar manifests (Security, 8194534) (CVE-2018-3136) OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902) (CVE-2018-3139) OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613) (CVE-2018-3180) OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361) (CVE-2018-3214) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Family:	unix	Class:	patch
Status:		Reference(s):	CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 RHSA-2018:2942 RHSA-2018:2942-00 RHSA-2018:2942-01
Platform(s):	Red Hat Enterprise Linux 7	Product(s):
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND java-1.8.0-openjdk is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-accessibility-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-accessibility-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-demo is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-demo-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-demo-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-devel is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-devel-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-devel-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-headless is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-headless-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-headless-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-javadoc-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-javadoc-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-javadoc-zip-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-javadoc-zip-debug is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-src is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key java-1.8.0-openjdk-src-debug is earlier than 1:1.8.0.191.b12-0.el7_5 AND java-1.8.0-openjdk-src-debug is signed with Red Hat redhatrelease2 key

BACK