Test Kennung:	1.3.6.1.4.1.25623.1.0.883121
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for java CESA-2019:3128 centos7
Zusammenfassung:	The remote host is missing an update for the 'java'; package(s) announced via the CESA-2019:3128 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'java' package(s) announced via the CESA-2019:3128 advisory. Vulnerability Insight: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) (CVE-2019-2987) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'java' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-2945 Bugtraq: 20191021 [SECURITY] [DSA 4546-1] openjdk-11 security update (Google Search) https://seclists.org/bugtraq/2019/Oct/31 Bugtraq: 20191021 [SECURITY] [DSA 4548-1] openjdk-8 security update (Google Search) https://seclists.org/bugtraq/2019/Oct/27 Debian Security Information: DSA-4546 (Google Search) https://www.debian.org/security/2019/dsa-4546 Debian Security Information: DSA-4548 (Google Search) https://www.debian.org/security/2019/dsa-4548 http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html RedHat Security Advisories: RHSA-2019:3134 https://access.redhat.com/errata/RHSA-2019:3134 RedHat Security Advisories: RHSA-2019:3135 https://access.redhat.com/errata/RHSA-2019:3135 RedHat Security Advisories: RHSA-2019:3136 https://access.redhat.com/errata/RHSA-2019:3136 RedHat Security Advisories: RHSA-2019:3157 https://access.redhat.com/errata/RHSA-2019:3157 RedHat Security Advisories: RHSA-2019:3158 https://access.redhat.com/errata/RHSA-2019:3158 RedHat Security Advisories: RHSA-2019:4109 https://access.redhat.com/errata/RHSA-2019:4109 RedHat Security Advisories: RHSA-2019:4110 https://access.redhat.com/errata/RHSA-2019:4110 RedHat Security Advisories: RHSA-2019:4113 https://access.redhat.com/errata/RHSA-2019:4113 RedHat Security Advisories: RHSA-2019:4115 https://access.redhat.com/errata/RHSA-2019:4115 RedHat Security Advisories: RHSA-2020:0006 https://access.redhat.com/errata/RHSA-2020:0006 RedHat Security Advisories: RHSA-2020:0046 https://access.redhat.com/errata/RHSA-2020:0046 SuSE Security Announcement: openSUSE-SU-2019:2557 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html SuSE Security Announcement: openSUSE-SU-2019:2565 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html SuSE Security Announcement: openSUSE-SU-2019:2687 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html https://usn.ubuntu.com/4223-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-2949 Common Vulnerability Exposure (CVE) ID: CVE-2019-2962 Common Vulnerability Exposure (CVE) ID: CVE-2019-2964 Common Vulnerability Exposure (CVE) ID: CVE-2019-2973 Common Vulnerability Exposure (CVE) ID: CVE-2019-2975 Common Vulnerability Exposure (CVE) ID: CVE-2019-2978 Common Vulnerability Exposure (CVE) ID: CVE-2019-2981 Common Vulnerability Exposure (CVE) ID: CVE-2019-2983 Common Vulnerability Exposure (CVE) ID: CVE-2019-2987 Common Vulnerability Exposure (CVE) ID: CVE-2019-2988 Common Vulnerability Exposure (CVE) ID: CVE-2019-2989 Common Vulnerability Exposure (CVE) ID: CVE-2019-2992 Common Vulnerability Exposure (CVE) ID: CVE-2019-2999
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.