drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Oracle JDK-JRE
Name: |
Mehrere Probleme in Oracle JDK-JRE |
|
ID: |
201903-14 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Do, 14. März 2019, 09:19 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2018-2795
https://nvd.nist.gov/vuln/detail/CVE-2018-2797
https://nvd.nist.gov/vuln/detail/CVE-2019-2426
https://nvd.nist.gov/vuln/detail/CVE-2018-2814
https://nvd.nist.gov/vuln/detail/CVE-2018-2796
https://nvd.nist.gov/vuln/detail/CVE-2018-2799
https://nvd.nist.gov/vuln/detail/CVE-2018-2815
https://nvd.nist.gov/vuln/detail/CVE-2018-2794
https://nvd.nist.gov/vuln/detail/CVE-2018-2790
https://nvd.nist.gov/vuln/detail/CVE-2018-2811
https://nvd.nist.gov/vuln/detail/CVE-2018-2800
https://nvd.nist.gov/vuln/detail/CVE-2018-2798
https://nvd.nist.gov/vuln/detail/CVE-2019-2422 |
|
Applikationen: |
Oracle JDK |
|
Originalnachricht |
--twz1s1Hj1O0rHoT0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Oracle JDK/JRE: Multiple vulnerabilities Date: March 14, 2019 Bugs: #653560, #661456, #676134 ID: 201903-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Oracleâs JDK and JRE software suites.
Background ==========
Java Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in todayâs demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that todayâs applications require.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/oracle-jdk-bin < 1.8.0.202 >= 1.8.0.202 2 dev-java/oracle-jre-bin < 1.8.0.202 >= 1.8.0.202 ------------------------------------------------------------------- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Oracleâs JDK and JRE software suites. Please review the CVE identifiers referenced below for details.
Impact ======
A remote attacker could possibly execute arbitrary code with the privileges of the process, gain access to information, or cause a Denial of Service condition.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Oracle JDK bin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.8.0.202"
All Oracle JRE bin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.8.0.202"
References ==========
[ 1 ] CVE-2018-2790 https://nvd.nist.gov/vuln/detail/CVE-2018-2790 [ 2 ] CVE-2018-2794 https://nvd.nist.gov/vuln/detail/CVE-2018-2794 [ 3 ] CVE-2018-2795 https://nvd.nist.gov/vuln/detail/CVE-2018-2795 [ 4 ] CVE-2018-2796 https://nvd.nist.gov/vuln/detail/CVE-2018-2796 [ 5 ] CVE-2018-2797 https://nvd.nist.gov/vuln/detail/CVE-2018-2797 [ 6 ] CVE-2018-2798 https://nvd.nist.gov/vuln/detail/CVE-2018-2798 [ 7 ] CVE-2018-2799 https://nvd.nist.gov/vuln/detail/CVE-2018-2799 [ 8 ] CVE-2018-2800 https://nvd.nist.gov/vuln/detail/CVE-2018-2800 [ 9 ] CVE-2018-2811 https://nvd.nist.gov/vuln/detail/CVE-2018-2811 [ 10 ] CVE-2018-2814 https://nvd.nist.gov/vuln/detail/CVE-2018-2814 [ 11 ] CVE-2018-2815 https://nvd.nist.gov/vuln/detail/CVE-2018-2815 [ 12 ] CVE-2019-2422 https://nvd.nist.gov/vuln/detail/CVE-2019-2422 [ 13 ] CVE-2019-2426 https://nvd.nist.gov/vuln/detail/CVE-2019-2426
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201903-14
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--twz1s1Hj1O0rHoT0 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEiDRK3jyVBE/RkymqpRQw84X1dt0FAlyJsj4ACgkQpRQw84X1 dt38TQf/RZH75fs+pqLYKWB15E382598/k3ewWw4nTFb3uTCeZGxKLzfEbLCDcbH 2LEgP8DiHCrjJ22G5Lxeg9iUMw18C5BUntQ9MWUaglPgtQ3uraTxclZXJ7kh4v6h g/oPlowliCXrONBDCj+6hgSalmu2L90PqZX/3VXiu5jBfMRZEVHA9xRZG3xRMKoV SUSwoH3vzHC9iRX4RCHCNuiV61aYC8Svs/aJbG+KwtWzdzpCqcltDzrqDLJexX/c 5S3AqNnB6TKEGvXGGlYV0ROZUSxmzKztunk/HLcHqCU4NY5SzwmHY2ySBPswYn0t eq0GelY30kkXee1NczMr1048pTIaKA== =5JTx -----END PGP SIGNATURE-----
--twz1s1Hj1O0rHoT0--
|
|
|
|