File _patchinfo of Package patchinfo.30312

<patchinfo incident="30312">
  <issue tracker="bnc" id="1214431">VUL-0: java-1_8_0-ibm: IBM Security Update August 2023</issue>
  <issue tracker="cve" id="2023-22036"/>
  <issue tracker="cve" id="2023-22006"/>
  <issue tracker="cve" id="2022-40609"/>
  <issue tracker="cve" id="2023-22044"/>
  <issue tracker="cve" id="2023-22041"/>
  <issue tracker="cve" id="2023-25193"/>
  <issue tracker="cve" id="2023-22049"/>
  <issue tracker="cve" id="2023-22045"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-ibm</summary>
  <description>This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 8 Fix Pack 10 (bsc#1213541)
- CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. (bsc#1213934)
- CVE-2023-22041: Fixed a flaw whcih could allow unauthorized access to critical data or complete access. (bsc#1213475)
- CVE-2023-22049: Fixed a flaw which could result in unauthorized update. (bsc#1213482)
- CVE-2023-22045: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213481)
- CVE-2023-22044: Fixed a flaw which could result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. (bsc#1213479)
- CVE-2023-22036: Fixed a flaw which could result in unauthorized ability to cause a partial denial of service. (bsc#1213474)
- CVE-2023-25193: Fixed a flaw which could allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. (bsc#1207922)
- CVE-2023-22006: Fixed a flaw which could result in unauthorized update, insert or delete access for JDK accessible data. (bsc#1213473)
</description>
</patchinfo>