Scientific Linux Security Update : java-11-openjdk on SL7.x x86_64
Medium Nessus Plugin ID 119209
Synopsis
The remote Scientific Linux host is missing one or more security updates.
Description
Security Fix(es) :
- OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169)
- OpenJDK: Unrestricted access to scripting engine (Scripting, 8202936) (CVE-2018-3183)
- OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177) (CVE-2018-3149)
- OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests (Security, 8194534) (CVE-2018-3136)
- OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902) (CVE-2018-3139)
- OpenJDK: Multi-Release attribute read from outside of the main manifest attributes (Utility, 8199171) (CVE-2018-3150)
- OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613) (CVE-2018-3180)
Solution
Update the affected packages.