Security update for java-1_8_0-ibm (Important) (in QA)
Description:
This update for java-1_8_0-ibm fixes the following issues:
Note: the issues listed below were NOT fixed with the previous update (8.0-7.11).
- Update to Java 8.0 Service Refresh 7 Fix Pack 15 (bsc#1202427): - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets (bsc#1201684). - CVE-2022-21549: Fixed an issue that could lead to computing negative random exponentials (bsc#1201685). - CVE-2022-21541: Fixed a potential bypass of sandbox restrictions in the Hotspot component (bsc#1201692). - CVE-2022-21540: Fixed a potential bypass of sandbox restrictions in the Hotspot component (bsc#1201694)..
This patch is currently in QA and not yet available for download.