First published: Tue Apr 14 2015(Updated: )
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime<br>Environment and the OpenJDK 8 Java Software Development Kit.<br>An off-by-one flaw, leading to a buffer overflow, was found in the font<br>parsing code in the 2D component in OpenJDK. A specially crafted font file<br>could possibly cause the Java Virtual Machine to execute arbitrary code,<br>allowing an untrusted Java application or applet to bypass Java sandbox<br>restrictions. (CVE-2015-0469)<br>A flaw was found in the way the Hotspot component in OpenJDK handled<br>phantom references. An untrusted Java application or applet could use this<br>flaw to corrupt the Java Virtual Machine memory and, possibly, execute<br>arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460)<br>A flaw was found in the way the JSSE component in OpenJDK parsed X.509<br>certificate options. A specially crafted certificate could cause JSSE to<br>raise an exception, possibly causing an application using JSSE to exit<br>unexpectedly. (CVE-2015-0488)<br>Multiple flaws were discovered in the Beans and Hotspot components in<br>OpenJDK. An untrusted Java application or applet could use these flaws to<br>bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470)<br>A directory traversal flaw was found in the way the jar tool extracted JAR<br>archive files. A specially crafted JAR archive could cause jar to overwrite<br>arbitrary files writable by the user running jar when the archive was<br>extracted. (CVE-2005-1080, CVE-2015-0480)<br>It was found that the RSA implementation in the JCE component in OpenJDK<br>did not follow recommended practices for implementing RSA signatures.<br>(CVE-2015-0478)<br>The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat<br>Product Security.<br>All users of java-1.8.0-openjdk are advised to upgrade to these updated<br>packages, which resolve these issues. All running instances of OpenJDK Java<br>must be restarted for the update to take effect.<br>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-openjdk-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-accessibility-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-accessibility-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-debuginfo-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-debuginfo-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-demo-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-demo-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-devel-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-devel-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-headless-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-headless-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-javadoc-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-javadoc-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-src-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-src-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-debuginfo-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-debuginfo-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-demo-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-demo-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-devel-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-devel-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-javadoc-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-javadoc-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-src-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-src-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-debuginfo-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-debuginfo-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-demo-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-demo-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-devel-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-devel-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-src-1.8.0.45-28.b13.el6_6 | 1.8.0-openjdk-src-1.8.0.45-28.b13.el6_6 |
redhat/java | <1.8.0-openjdk-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-accessibility-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-accessibility-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-debuginfo-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-debuginfo-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-demo-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-demo-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-devel-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-devel-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-headless-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-headless-1.8.0.45-30.b13.el7_1 |
redhat/java | <1.8.0-openjdk-src-1.8.0.45-30.b13.el7_1 | 1.8.0-openjdk-src-1.8.0.45-30.b13.el7_1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.