File _patchinfo of Package patchinfo.25533

<patchinfo incident="25533">
  <issue tracker="bnc" id="1202427">VUL-0: java-1_8_0-ibm, java-1_7_1-ibm, java-1_7_0-ibm: IBM Security Update July 2022</issue>
  <issue tracker="bnc" id="1201685">VUL-0: CVE-2022-21549: java-17-openjdk: random exponentials issue</issue>
  <issue tracker="bnc" id="1201694">VUL-0: CVE-2022-21540: java,openjdk: class compilation issue</issue>
  <issue tracker="bnc" id="1201684">VUL-0: CVE-2022-34169: java,openjdk: integer truncation issue in Xalan</issue>
  <issue tracker="bnc" id="1201692">VUL-0: CVE-2022-21541: java,openjdk: improper restriction of MethodHandle.invokeBasic()</issue>
  <issue tracker="cve" id="2022-21549"/>
  <issue tracker="cve" id="2022-21541"/>
  <issue tracker="cve" id="2022-34169"/>
  <issue tracker="cve" id="2022-21540"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-ibm</summary>
  <description>This update for java-1_8_0-ibm fixes the following issues:

- Updated to Java 8.0 Service Refresh 7 Fix Pack 11 (bsc#1202427):
  - CVE-2022-34169: Fixed an integer truncation issue in the Xalan
    Java XSLT library that occurred when processing malicious
    stylesheets (bsc#1201684).
  - CVE-2022-21549: Fixed an issue that could lead to computing
    negative random exponentials (bsc#1201685).
  - CVE-2022-21541: Fixed a potential bypass of sandbox restrictions
    in the Hotspot component (bsc#1201692).
  - CVE-2022-21540: Fixed a potential bypass of sandbox restrictions
    in the Hotspot component (bsc#1201694).
</description>
</patchinfo>