First published: Sun Oct 13 2019(Updated: )
A NULL pointer dereference flaw was discovered in the DrawGlyphList class in the 2D component in OpenJDK. A specially crafted font file could use this flaw to cause a Java application to crash.
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-openjdk-1:1.8.0.232.b09-1.el6_10 | 1.8.0-openjdk-1:1.8.0.232.b09-1.el6_10 |
redhat/java | <1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el6_10 | 1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el6_10 |
redhat/java | <1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el6_10 | 1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el6_10 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el6_10 | 1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el6_10 |
redhat/java | <11-openjdk-1:11.0.5.10-0.el7_7 | 11-openjdk-1:11.0.5.10-0.el7_7 |
redhat/java | <1.8.0-openjdk-1:1.8.0.232.b09-0.el7_7 | 1.8.0-openjdk-1:1.8.0.232.b09-0.el7_7 |
redhat/java | <1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el7_7 | 1.7.0-openjdk-1:1.7.0.241-2.6.20.0.el7_7 |
redhat/java | <1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.4.55-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el7 |
redhat/java | <1.8.0-openjdk-1:1.8.0.232.b09-0.el8_0 | 1.8.0-openjdk-1:1.8.0.232.b09-0.el8_0 |
redhat/java | <11-openjdk-1:11.0.5.10-0.el8_0 | 11-openjdk-1:11.0.5.10-0.el8_0 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.0-3.el8_1 | 1.8.0-ibm-1:1.8.0.6.0-3.el8_1 |
Oracle JDK | =1.7.0-update231 | |
Oracle JDK | =1.8.0-update221 | |
Oracle JDK | =11.0.4 | |
Oracle JDK | =13.0.0 | |
Oracle JRE | =1.7.0-update231 | |
Oracle JRE | =1.8.0-update221 | |
Oracle JRE | =11.0.4 | |
Oracle JRE | =13.0.0 | |
Redhat Satellite | =5.8 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Eus | =7.7 | |
Redhat Enterprise Linux Eus | =8.1 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.7 | |
Redhat Enterprise Linux Server Tus | =7.7 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.50.2 | |
Netapp E-series Santricity Storage Manager | ||
Netapp E-series Santricity Unified Manager | ||
Netapp E-series Santricity Web Services Proxy | ||
NetApp OnCommand Workflow Automation | ||
Netapp Snapmanager Oracle | ||
Netapp Snapmanager Sap | ||
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =15.1 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =19.04 | |
Canonical Ubuntu Linux | =19.10 | |
IBM Cognos Controller 10.4.2 | <=IBM Cognos Controller 10.4.2 | |
IBM Cognos Controller 10.4.1 | <=IBM Cognos Controller 10.4.1 | |
IBM Cognos Controller 10.4.0 | <=IBM Cognos Controller 10.4.0 | |
debian/openjdk-11 | 11.0.24+8-2~deb11u1 11.0.25~5ea-1 | |
debian/openjdk-8 | 8u422-b05-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)