Synopsis: Moderate: java-1.8.0-openjdk security update
Advisory ID:       SLSA-2019:1811-1
Issue Date:        2019-07-22
CVE Numbers:       CVE-2019-2769
                   CVE-2019-2816
                   CVE-2019-2842
                   CVE-2019-2786
                   CVE-2019-2745
                   CVE-2019-2762
--

Security Fix(es):

* OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography
(Security, 8208698) (CVE-2019-2745)

* OpenJDK: Insufficient checks of suppressed exceptions in deserialization
(Utilities, 8212328) (CVE-2019-2762)

* OpenJDK: Unbounded memory allocation during deserialization in
Collections (Utilities, 8213432) (CVE-2019-2769)

* OpenJDK: Missing URL format validation (Networking, 8221518)
(CVE-2019-2816)

* OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)
(CVE-2019-2842)

* OpenJDK: Insufficient restriction of privileges in AccessController
(Security, 8216381) (CVE-2019-2786)
--

SL6
  x86_64
    java-1.8.0-openjdk-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-debuginfo-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-debug-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-demo-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-demo-debug-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-devel-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-devel-debug-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-headless-debug-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-src-1.8.0.222.b10-0.el6_10.x86_64.rpm
    java-1.8.0-openjdk-src-debug-1.8.0.222.b10-0.el6_10.x86_64.rpm
  i386
    java-1.8.0-openjdk-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-debuginfo-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-debug-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-demo-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-demo-debug-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-devel-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-devel-debug-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-headless-debug-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-src-1.8.0.222.b10-0.el6_10.i686.rpm
    java-1.8.0-openjdk-src-debug-1.8.0.222.b10-0.el6_10.i686.rpm
  noarch
    java-1.8.0-openjdk-javadoc-1.8.0.222.b10-0.el6_10.noarch.rpm
    java-1.8.0-openjdk-javadoc-debug-1.8.0.222.b10-0.el6_10.noarch.rpm

- Scientific Linux Development Team