Overview

File _patchinfo of Package patchinfo.25137

<patchinfo incident="25137">
  <issue tracker="bnc" id="1194931">VUL-0: CVE-2022-21299: java-17-openjdk,java-11-openjdk,java-1_8_0-openjdk,java-1_7_0-openjdk: Infinite loop related to incorrect handling of newlines in XMLEntityScanner</issue>
  <issue tracker="bnc" id="1201643">VUL-0: java-1_8_0-ibm, java-1_7_1-ibm, java-1_7_0-ibm: IBM Security Update April 2022</issue>
  <issue tracker="bnc" id="1198672">VUL-0: CVE-2022-21426: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="bnc" id="1198674">VUL-0: CVE-2022-21434: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="bnc" id="1198670">VUL-0: CVE-2022-21449: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="bnc" id="1198675">VUL-0: CVE-2022-21443: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="bnc" id="1191912">VUL-0: CVE-2021-35561: java-1_8_0-openjdk,java-11-openjdk,java-1_7_0-openjdk: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)</issue>
  <issue tracker="bnc" id="1198673">VUL-0: CVE-2022-21496: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="bnc" id="1198671">VUL-0: CVE-2022-21476: java-1_7_0-openjdk,java-1_8_0-openjdk,java-11-openjdk,java-17-openjdk: unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE</issue>
  <issue tracker="cve" id="2022-21443"/>
  <issue tracker="cve" id="2022-21476"/>
  <issue tracker="cve" id="2022-21496"/>
  <issue tracker="cve" id="2022-21426"/>
  <issue tracker="cve" id="2022-21299"/>
  <issue tracker="cve" id="2022-21449"/>
  <issue tracker="cve" id="2022-21434"/>
  <issue tracker="cve" id="2021-35561"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-ibm</summary>
  <description>This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 7 Fix Pack 10 (bsc#1201643), including fixes for:

- CVE-2022-21476 (bsc#1198671), CVE-2022-21449 (bsc#1198670),
  CVE-2022-21496 (bsc#1198673), CVE-2022-21434 (bsc#1198674),
  CVE-2022-21426 (bsc#1198672), CVE-2022-21443 (bsc#1198675),
  CVE-2021-35561 (bsc#1191912), CVE-2022-21299 (bsc#1194931).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places