Updated java-1.8.0-openjdk packages fix security vulnerability
Publication date: 07 May 2019Modification date: 07 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-2602 , CVE-2019-2684 , CVE-2019-2698
Description
The updated packages fix several bugs and some security issues:
Font layout engine out of bounds access setCurrGlyphID(). (CVE-2019-2698)
Slow conversion of BigDecimal to long. (CVE-2019-2602)
Incorrect skeleton selection in RMI registry server-side dispatch
handling. (CVE-2019-2684)
References
- https://bugs.mageia.org/show_bug.cgi?id=24682
- https://access.redhat.com/errata/RHSA-2019:0775
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698
SRPMS
6/core
- java-1.8.0-openjdk-1.8.0.212-1.b04.1.mga6