Advisories ยป MGASA-2020-0309

Updated java-1.8.0-openjdk packages fix security vulnerability

Publication date: 31 Jul 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-14583 , CVE-2020-14593 , CVE-2020-14556 , CVE-2020-14578 , CVE-2020-14579 , CVE-2020-14621 , CVE-2020-14577


Bypass of boundary checks in nio.Buffer via concurrent access.

Incomplete bounds checks in Affine Transformations. (CVE-2020-14593)

Incorrect handling of access control context in ForkJoinPool.

Unexpected exception raised by DerInputStream. (CVE-2020-14578)

Unexpected exception raised by DerValue.equals(). (CVE-2020-14579)

XML validation manipulation due to incomplete application of the
use-grammar-pool-only feature. (CVE-2020-14621)

HostnameChecker does not ensure X.509 certificate names are in
normalized form. (CVE-2020-14577)