Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:1441: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
  • CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
  • CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
  • CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
  • CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Red Hat Security Data
#vulnerability#linux#red_hat#apache#java

Synopsis

Important: java-11-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
  • OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
  • OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
  • OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
  • OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

Fixes

  • BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
  • BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
  • BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
  • BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
  • BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

CVEs

  • CVE-2022-21426
  • CVE-2022-21434
  • CVE-2022-21443
  • CVE-2022-21476
  • CVE-2022-21496

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

x86_64

java-11-openjdk-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c37fd22174478d5f1c3db3e8bec32fed8c467921ac3fa13dab34bf3c492de6a1

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 835fe9302e30bf14cf384999d02016bd5a3b6e9f1afaecc295a851a465012580

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 8732cc49cc76d237efb2e50276c163c5e4938dd2bb91c73d68248a287ea5c9cf

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2675f38f573a9215017b70beda83bb5d70f6b8a0e0b3ab53ea00ecbf85d809f3

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 62ad0ea7e2243cab36edfd125a0b1aab244619deb68702645b8d86a4fb06c616

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: dddf94950364af1d15fe9d360f1a7bff29278231abc387ee69a2cffaa547be6b

java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 296839e8040413d3e1b2485d2942cde00b22791b0ea5a63927817186c42a944e

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: faf3354db8b923c5064c34d21dd1074f275e64b7778c015f3e655d709a747a3f

java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: b36c87d9ebe4212edc41bbd7559b23863dea73bccb3fae91ddf2a261c60dc9d9

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2f16975b0ddd9ade0e18443c3af0db955382dc619ae76c80bfd91afe4ab625df

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 3e0fe1b5fc6058ab1f51c82f28796b72a3b64c4722097871837e591b7c1590eb

java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d680de522cee4e55ecb6ceea02a922e712ecb68f38468b47917e1bcd90799135

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66693bc3b5fc35cda5dabdd1a3181e6e1d62cb2d7034ad1ef5bf4a48f5e82cab

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 76d62bc8d100ab8584e1feaecb77d80720c2b385023667699b38850303cae0cd

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 6286b15328f805f3ce05406fd2fb3e7f1a671dede2206b47cdff854a3ff4dc94

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ff1d680001ab1de193aa403cfe770d9cc091bc0cf0b86c068e626ee7e0fafdc4

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ac1dd1e4693f7b0a6e2c7418380f5768eed295cbfa75c36c288500e440e8d169

java-11-openjdk-src-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 77e7cd32b56ac93dcf660ec65856e79e459ad69ace50cacb8838bd1ef39e66d5

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c43410eed4d73e683769c0377f31da6469e389914edc333f6a2d2c24b223065a

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

x86_64

java-11-openjdk-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c37fd22174478d5f1c3db3e8bec32fed8c467921ac3fa13dab34bf3c492de6a1

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 835fe9302e30bf14cf384999d02016bd5a3b6e9f1afaecc295a851a465012580

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 8732cc49cc76d237efb2e50276c163c5e4938dd2bb91c73d68248a287ea5c9cf

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2675f38f573a9215017b70beda83bb5d70f6b8a0e0b3ab53ea00ecbf85d809f3

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 62ad0ea7e2243cab36edfd125a0b1aab244619deb68702645b8d86a4fb06c616

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: dddf94950364af1d15fe9d360f1a7bff29278231abc387ee69a2cffaa547be6b

java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 296839e8040413d3e1b2485d2942cde00b22791b0ea5a63927817186c42a944e

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: faf3354db8b923c5064c34d21dd1074f275e64b7778c015f3e655d709a747a3f

java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: b36c87d9ebe4212edc41bbd7559b23863dea73bccb3fae91ddf2a261c60dc9d9

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2f16975b0ddd9ade0e18443c3af0db955382dc619ae76c80bfd91afe4ab625df

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 3e0fe1b5fc6058ab1f51c82f28796b72a3b64c4722097871837e591b7c1590eb

java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d680de522cee4e55ecb6ceea02a922e712ecb68f38468b47917e1bcd90799135

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66693bc3b5fc35cda5dabdd1a3181e6e1d62cb2d7034ad1ef5bf4a48f5e82cab

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 76d62bc8d100ab8584e1feaecb77d80720c2b385023667699b38850303cae0cd

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 6286b15328f805f3ce05406fd2fb3e7f1a671dede2206b47cdff854a3ff4dc94

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ff1d680001ab1de193aa403cfe770d9cc091bc0cf0b86c068e626ee7e0fafdc4

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ac1dd1e4693f7b0a6e2c7418380f5768eed295cbfa75c36c288500e440e8d169

java-11-openjdk-src-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 77e7cd32b56ac93dcf660ec65856e79e459ad69ace50cacb8838bd1ef39e66d5

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c43410eed4d73e683769c0377f31da6469e389914edc333f6a2d2c24b223065a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

s390x

java-11-openjdk-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: b3dd1977e0c2e862a4c579af86f4ca42fdc3f3e5e828e9929a4a0cf0f3eca50a

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 13532f75096e8f8f277b75a22767df2f06805277a847059cf07f98bbe78239db

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 08ae7b18828026500264c3739071969a5f386cdfdb2b72619a1784d32f321921

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: ab8fd068690cc70ab7d89b454d2e28a41bf6ad32fe751620af40bddf2a48fa9c

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 08e9328c29573e61dd7a52c77cdc7292813f0c93cf76d52adedfdc6c7ccf7ed5

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 14edf911f95b57ad8bfde9776db9ce3af35d6816e4def3189c2246cab222cf40

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: bd07db96d80d05c317018e45cbd094459e5803838deea54e3cfc7769983bc935

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 5104333a714bf181db239172cbf61a1847d43ea6955486dc08468bd3041c284a

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 56f954a84c6d73c3153ea520ac14be6da818f417b59548093a51cce31fe6e0ba

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 3eaabb3fae64e6a954bb9f150fc99333384a5aaec6030f2639700911d43da43b

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: f037e26dd4065e6a7982367da19e65f47b192f67db7ce69dbc2abc86ed18a0b4

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 09a85085b12b4580ff2bc54399c18338f4abb60fdce4fcc5ec5258ae09911fb0

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 295d17aa4fd6196a89d06c45a83462e40a3693689f8b3f01d116be8fab73fec8

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 8a8f6db676c36ebca0ebbb0bfdbf42fc1af6228b52b7b6e720f2a11951f722b7

java-11-openjdk-src-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: c5068c58c615ee32d4bcc145d0a80e89b2d9a6a7ae0e55436d3e5e1104dd191f

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: c076cae57035bf953d60530d22b91ee999cf7a30c8bf64e1df37c021aeea3961

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

ppc64le

java-11-openjdk-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 0824499f087d3d66a9c4369da725ba85bcea4ac1d19768de0a330a0380c852c6

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f3948f16f6bcdc9c08e4a17daa0d3f36aa2f1a3ba885c7dd144db98eaa31dbae

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 6fab082dc03ad1a6fb3beb0923163dbb5a0881efd6588474570a16a4a340a9cd

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 49ca8204ecb435e573abf4c96587cf7375550c0826c9c6b11ee95290224c9895

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 8fe80dbffc8b895587a718a9208ba9ba27444f01be25daefe4c3ae215674726b

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 3aeb80553e1072ac968626f251c6ce6d592e4b049e82d46a3c7b76f7760eac92

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d56058253cf2cf90c2b3261ba1b992bbf66b9e310aecc8a3ffe302c01eea0b60

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 41a317e71247bc909f01852883e2aa19465a5c8009d5fd8450c69fa6c29bb45a

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 8f4feef06f6ab954a0ef909ced0d00cccfeacade75b3102952fac625a40d4cc7

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f8144ddc3b9056b63aec32bba12820d8f3d5872c7534003ad406fd9febedd4ca

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d51c39f1ab6741135cde5f74fcaa6bf2959a8909b4527580f61728c8e22d2879

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d97fad22986fb5c86b081828816448fddf171b42c5339c870b8536d6c0a7765c

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f0457628b6b0ed9c0710e13241425c4a8db42029f4f5f1c881a7ba30cc33f17b

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: fbba3ab50a6689bb6603e282e38838535a261d69c767abe4000e9282720c6f18

java-11-openjdk-src-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: fa8357973eee5d3b81171dafdf8cf68601c7025869d03040819ebd27b60c0907

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f6da5e97efa16f258e0505a5fdb37441859edb889de74e0673627ac551126f60

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

x86_64

java-11-openjdk-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c37fd22174478d5f1c3db3e8bec32fed8c467921ac3fa13dab34bf3c492de6a1

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 835fe9302e30bf14cf384999d02016bd5a3b6e9f1afaecc295a851a465012580

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 8732cc49cc76d237efb2e50276c163c5e4938dd2bb91c73d68248a287ea5c9cf

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2675f38f573a9215017b70beda83bb5d70f6b8a0e0b3ab53ea00ecbf85d809f3

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 62ad0ea7e2243cab36edfd125a0b1aab244619deb68702645b8d86a4fb06c616

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: dddf94950364af1d15fe9d360f1a7bff29278231abc387ee69a2cffaa547be6b

java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 296839e8040413d3e1b2485d2942cde00b22791b0ea5a63927817186c42a944e

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: faf3354db8b923c5064c34d21dd1074f275e64b7778c015f3e655d709a747a3f

java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: b36c87d9ebe4212edc41bbd7559b23863dea73bccb3fae91ddf2a261c60dc9d9

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2f16975b0ddd9ade0e18443c3af0db955382dc619ae76c80bfd91afe4ab625df

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 3e0fe1b5fc6058ab1f51c82f28796b72a3b64c4722097871837e591b7c1590eb

java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d680de522cee4e55ecb6ceea02a922e712ecb68f38468b47917e1bcd90799135

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66693bc3b5fc35cda5dabdd1a3181e6e1d62cb2d7034ad1ef5bf4a48f5e82cab

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 76d62bc8d100ab8584e1feaecb77d80720c2b385023667699b38850303cae0cd

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 6286b15328f805f3ce05406fd2fb3e7f1a671dede2206b47cdff854a3ff4dc94

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ff1d680001ab1de193aa403cfe770d9cc091bc0cf0b86c068e626ee7e0fafdc4

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ac1dd1e4693f7b0a6e2c7418380f5768eed295cbfa75c36c288500e440e8d169

java-11-openjdk-src-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 77e7cd32b56ac93dcf660ec65856e79e459ad69ace50cacb8838bd1ef39e66d5

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c43410eed4d73e683769c0377f31da6469e389914edc333f6a2d2c24b223065a

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

aarch64

java-11-openjdk-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 09965d031ec417329ce9eb5f24c68ed73f4d1709ce0973f6028259acdb24fb05

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: ef4bf50ef97bc4cd950f60626c4a1c332ff2d0a9230d524ee98d926a975fb584

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 5338fc02410f43f37b39c78ff6d993f5c2b72cca9bb6486f4154d6f453735d8b

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 153f37edd52bff517e931c1cdaffcb753b61981e0b93f985e2a6369b4a55c166

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 17f7cb1ac9397d08fcc719e8b5cb678ac2568744d48144f1866d019cfe7138e6

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 410a025b3ed0414e474cca1c08b418074354ed76b0121f12b5dd8b3c83b7448c

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: a08ec63bfd8b8462e2ce8397a2a262a5268cfd41b7d97914fe5a8852fff63467

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 0ee67ada6307003ff39a3692c57614c7041eadb3c6e0b5553779c5e228328ff0

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 7dcb8a103a9625f0af9af9815b021df5b9f6f9b1b4f3c63d4527daffd3d24ed1

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: f86112334805ad6f36d827fb67bb4ee38f8b11b9d479b4f5505edeed50acde49

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: eda95719537f438ecc4669d8d6a360120489778d055ae837bfde863dc2414783

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 7efd34c8b231e94526e489bb131d0e5970973428db4e9f13ee216e3be13176a6

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 1066d618d763cb94c3b1aea0d3a2023738993532e9ca69e3fcbe50ce96a6b3b4

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: a1ee9bc88d15e493eacf5fe9f38b4774a2491a29a120dd2a002d469e9f215610

java-11-openjdk-src-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 2769fa1b5cfc71ac8e777d6dfa4ab2eda175da5c36512448a789e02dfef15f4e

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: bf4caa4b002f1dc8d565a5309f34a82e2f8b31f2126d6cf6bc301f3409d69740

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

ppc64le

java-11-openjdk-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 0824499f087d3d66a9c4369da725ba85bcea4ac1d19768de0a330a0380c852c6

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f3948f16f6bcdc9c08e4a17daa0d3f36aa2f1a3ba885c7dd144db98eaa31dbae

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 6fab082dc03ad1a6fb3beb0923163dbb5a0881efd6588474570a16a4a340a9cd

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 49ca8204ecb435e573abf4c96587cf7375550c0826c9c6b11ee95290224c9895

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 8fe80dbffc8b895587a718a9208ba9ba27444f01be25daefe4c3ae215674726b

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 3aeb80553e1072ac968626f251c6ce6d592e4b049e82d46a3c7b76f7760eac92

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d56058253cf2cf90c2b3261ba1b992bbf66b9e310aecc8a3ffe302c01eea0b60

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 41a317e71247bc909f01852883e2aa19465a5c8009d5fd8450c69fa6c29bb45a

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 8f4feef06f6ab954a0ef909ced0d00cccfeacade75b3102952fac625a40d4cc7

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f8144ddc3b9056b63aec32bba12820d8f3d5872c7534003ad406fd9febedd4ca

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d51c39f1ab6741135cde5f74fcaa6bf2959a8909b4527580f61728c8e22d2879

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d97fad22986fb5c86b081828816448fddf171b42c5339c870b8536d6c0a7765c

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f0457628b6b0ed9c0710e13241425c4a8db42029f4f5f1c881a7ba30cc33f17b

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: fbba3ab50a6689bb6603e282e38838535a261d69c767abe4000e9282720c6f18

java-11-openjdk-src-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: fa8357973eee5d3b81171dafdf8cf68601c7025869d03040819ebd27b60c0907

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f6da5e97efa16f258e0505a5fdb37441859edb889de74e0673627ac551126f60

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

SRPM

java-11-openjdk-11.0.15.0.9-2.el8_4.src.rpm

SHA-256: 7fb3724957f402872e0345064649c32700efb459e3ef0af8650312268cd545cb

x86_64

java-11-openjdk-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c37fd22174478d5f1c3db3e8bec32fed8c467921ac3fa13dab34bf3c492de6a1

java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 835fe9302e30bf14cf384999d02016bd5a3b6e9f1afaecc295a851a465012580

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 8732cc49cc76d237efb2e50276c163c5e4938dd2bb91c73d68248a287ea5c9cf

java-11-openjdk-demo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2675f38f573a9215017b70beda83bb5d70f6b8a0e0b3ab53ea00ecbf85d809f3

java-11-openjdk-devel-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 62ad0ea7e2243cab36edfd125a0b1aab244619deb68702645b8d86a4fb06c616

java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: dddf94950364af1d15fe9d360f1a7bff29278231abc387ee69a2cffaa547be6b

java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 296839e8040413d3e1b2485d2942cde00b22791b0ea5a63927817186c42a944e

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: faf3354db8b923c5064c34d21dd1074f275e64b7778c015f3e655d709a747a3f

java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: b36c87d9ebe4212edc41bbd7559b23863dea73bccb3fae91ddf2a261c60dc9d9

java-11-openjdk-headless-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2f16975b0ddd9ade0e18443c3af0db955382dc619ae76c80bfd91afe4ab625df

java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 3e0fe1b5fc6058ab1f51c82f28796b72a3b64c4722097871837e591b7c1590eb

java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d680de522cee4e55ecb6ceea02a922e712ecb68f38468b47917e1bcd90799135

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66693bc3b5fc35cda5dabdd1a3181e6e1d62cb2d7034ad1ef5bf4a48f5e82cab

java-11-openjdk-javadoc-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 76d62bc8d100ab8584e1feaecb77d80720c2b385023667699b38850303cae0cd

java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 6286b15328f805f3ce05406fd2fb3e7f1a671dede2206b47cdff854a3ff4dc94

java-11-openjdk-jmods-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ff1d680001ab1de193aa403cfe770d9cc091bc0cf0b86c068e626ee7e0fafdc4

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ac1dd1e4693f7b0a6e2c7418380f5768eed295cbfa75c36c288500e440e8d169

java-11-openjdk-src-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 77e7cd32b56ac93dcf660ec65856e79e459ad69ace50cacb8838bd1ef39e66d5

java-11-openjdk-static-libs-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: c43410eed4d73e683769c0377f31da6469e389914edc333f6a2d2c24b223065a

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4

SRPM

x86_64

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 8732cc49cc76d237efb2e50276c163c5e4938dd2bb91c73d68248a287ea5c9cf

java-11-openjdk-demo-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66ba6b4a0242bbbe3967e84fbf0654d79096cc68f1bf232c4e5d8b8f7429ba23

java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 2364114e6116efa2e2947de330786b71a4c541962b91488e2f51cb7b78e3f184

java-11-openjdk-devel-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 5d1407823235ddf942c7b172ef71887e7cbc63edca3a112bc34061cbd1d3410a

java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 296839e8040413d3e1b2485d2942cde00b22791b0ea5a63927817186c42a944e

java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ed3092fdc0064d47a223f4dee021ea10554f0cf3a39f6e53cabded947187cc47

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: faf3354db8b923c5064c34d21dd1074f275e64b7778c015f3e655d709a747a3f

java-11-openjdk-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 83b07356bc0cd96d57e1e764be57195ea4ed2d0f825f776f5188a7b9f96e2323

java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: b36c87d9ebe4212edc41bbd7559b23863dea73bccb3fae91ddf2a261c60dc9d9

java-11-openjdk-headless-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 439c9d08bbbd5987a1545aa102e31f95293a471599672cca2976dda364aa0964

java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d680de522cee4e55ecb6ceea02a922e712ecb68f38468b47917e1bcd90799135

java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 7e3c4f2ff14034b12fe6defe36bd02a351f9a9c40dafb75df5e629c72f35f2c3

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 66693bc3b5fc35cda5dabdd1a3181e6e1d62cb2d7034ad1ef5bf4a48f5e82cab

java-11-openjdk-jmods-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 29dd81cf81ba2efcfe90167c36ace23e0ecc4b38752b1eea1e736309a8e156dc

java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 7427966ee507d3c0e750de817311f0d7f900269d121b6d6e4dd29d671f933f95

java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: bc3dc51474b01a6b0ccb5b9a8fe6c51d847d36c19067c46e51f3369c0c50473f

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: ac1dd1e4693f7b0a6e2c7418380f5768eed295cbfa75c36c288500e440e8d169

java-11-openjdk-src-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 72b5fade9e093527f336ae6b95ecded6c9c97069a3561f819b1aaed519ed8256

java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: e4ddf1934babcaade321b43ab8a2d4d35aba89df70bafa3b5dfba7f9e81268ed

java-11-openjdk-static-libs-fastdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: d55abc8eb0a88a6bd460ef939ab54a3c8371d4a791ab5ceade53229c72b76569

java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_4.x86_64.rpm

SHA-256: 6758a09bc3a0b36324d07f6931dcfaaf76843e3d4605dd22b9341e0ade868fc2

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4

SRPM

ppc64le

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 6fab082dc03ad1a6fb3beb0923163dbb5a0881efd6588474570a16a4a340a9cd

java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 9876baa0b42bc3bb6171d8a6dba0aea8d031f3d53887143f0ac830e2417ef38d

java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 78ab6592a7e8495a24e7c5ad9605f717cf6c42ce43bb23e84ad573b3b1dd2df5

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: d56058253cf2cf90c2b3261ba1b992bbf66b9e310aecc8a3ffe302c01eea0b60

java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: c95104283866f8cf6264d8335ad4420a57772ed59b192d553ebc09b61c7c213a

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: f8144ddc3b9056b63aec32bba12820d8f3d5872c7534003ad406fd9febedd4ca

java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: a7f1ca3226074b6076896d0a312dddbba9beebe603fb8f41f1e876f48df70c8e

java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: 87c51e39379c4823f4da5a5570677c2b668f1f42c78f5475fc84032713be40d1

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: fbba3ab50a6689bb6603e282e38838535a261d69c767abe4000e9282720c6f18

java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: a5d449ff3122aa4cc6028535d035e76d8d1e83ac34f4b29b33a0a87b57da4572

java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_4.ppc64le.rpm

SHA-256: b206a19672bbbd48bb34dec2759ae9814b95caee7a85a819c8a307538c7e6b6f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4

SRPM

s390x

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 08ae7b18828026500264c3739071969a5f386cdfdb2b72619a1784d32f321921

java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 4b18391b1c10498ca9153de0e82da249b49473e3b3df118b2dfdd186d63e1d97

java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 27e267506af8a885b181a36972a8ba184b57ce2f48fbe927a86dbe89b2d8086d

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: bd07db96d80d05c317018e45cbd094459e5803838deea54e3cfc7769983bc935

java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: e601eb2fa338d8fcf16de7a110f74edebd1f48f26b5c5f270c941caf6e8ea6ca

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 3eaabb3fae64e6a954bb9f150fc99333384a5aaec6030f2639700911d43da43b

java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: e0d34b4b7e5ec0bef185166933fc3285427c32046c4b9548d91734c2ba007edb

java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 5d4316bfc32f6750e28bd2e5aca9e2a9b19d3143801e10876f93714852c3ccea

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 8a8f6db676c36ebca0ebbb0bfdbf42fc1af6228b52b7b6e720f2a11951f722b7

java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 241a4de465fc704b8bb274ed14cef76f6aee457725dbec69bd5257b00f81b752

java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_4.s390x.rpm

SHA-256: 3872df2e1e94a8138c93ebaffe0c88cc3181a42f91aa976c7939623d5a680a94

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4

SRPM

aarch64

java-11-openjdk-debugsource-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 5338fc02410f43f37b39c78ff6d993f5c2b72cca9bb6486f4154d6f453735d8b

java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: d7ac6f21d0115b59d1b3e634a453e0d8a73ddc28c743605eeb4063c8413fcf85

java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 028075789bd4ee3e2badd5144497da10d98054f12e80f2d30c7f455ad7e59ae8

java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: a08ec63bfd8b8462e2ce8397a2a262a5268cfd41b7d97914fe5a8852fff63467

java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 5ca0a872c1c4bc2d28447d20f3fe1d45043f48c47d5f6d6d603040127411f5ed

java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: f86112334805ad6f36d827fb67bb4ee38f8b11b9d479b4f5505edeed50acde49

java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: c673309838d4264994cfe3fc428f901bfbcec5a42d87e54b97eee3d5989560cd

java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: c3c3ac435289484b56ac7a3c60bc8f5e8192b625301de548aab771ff26983882

java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: a1ee9bc88d15e493eacf5fe9f38b4774a2491a29a120dd2a002d469e9f215610

java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 7920f94012bbbff7d276263784c26d2c8a558965e67b184052ff7568a7d16320

java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_4.aarch64.rpm

SHA-256: 90ff69c88d38c2178cead7712b0de1363841100caf50acd81ccb261876a53def

Related news

RHSA-2022:1461: Red Hat Security Advisory: Logging Subsystem 5.4 - Red Hat OpenShift Security and Bug update

Logging Subsystem 5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to MITM attacks * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter

CVE-2022-24874: Build software better, together

acs commons is an open source framework for AEM projects. ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html` endpoint via the `a` and `b` GET parameters. User input submitted via these parameters is not validated or sanitized. An attacker must provide a link to someone with access to AEM Author, and could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. The exploitation of this issue requires user interaction in order to be successful. This issue has been resolved in 5.2.0. There are no known workarounds for this issue.

RHSA-2022:1478: Red Hat Security Advisory: Satellite 6.9.9 Async Bug Fix Update

Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect

CVE-2022-24865: Fix must change password (#5638) · humhub/humhub@eb83de2

HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit `eb83de20`. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. There are no known workarounds for this issue.

RHSA-2022:1389: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml...

RHSA-2022:1390: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml2: Use-after-free in xmlXIncludeDoProcess() in xinc...

CVE-2022-24861: fix some security bug (#103) · vran-dev/databasir@ca22a8f

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.

CVE-2022-24871: Shopware 6 - Security Updates

Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue.

CVE-2022-0540: Jira Security Advisory 2022-04-20 | Atlassian Support

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

CVE-2022-24862: Build software better, together

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF.

CVE-2022-26133: [BSERV-13173] Bitbucket Data Center - Java Deserialization Vulnerability In Hazelcast - CVE-2022-26133

SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.

CVE-2022-24864: Remove presale join endpoint by DanielVF · Pull Request #617 · OriginProtocol/origin-website

Origin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the [email protected]. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient’s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.

CVE-2022-24799: fix: Improve message rendering (#12748) · wireapp/wire-webapp@d144552

wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receives and views such a malicious message, arbitrary code is injected and executed in the context of the victim. This allows the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-03-30-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-03-30-production.0-v0.29.2-0-d144552 or wire-server 2022-03-30 (chart/4.8.0), so that their applications are no longer affected. There are no known workarounds for this issue. ### Patches * The issue has been fixed in wire-webapp **2022-03-30-production.0** an...

RHSA-2022:1455: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c

RHSA-2022:1440: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...

RHSA-2022:1463: Red Hat Security Advisory: Red Hat Single Sign-On 7.5.2 security update on RHEL 8

New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

RHSA-2022:1462: Red Hat Security Advisory: Red Hat Single Sign-On 7.5.2 security update on RHEL 7

New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

Oracle releases massive Critical Patch Update containing 520 security patches

Oracle's April Critical Patch UPdate contains 520 new security patches. We spell out some of the most important vulnerabilities. The post Oracle releases massive Critical Patch Update containing 520 security patches appeared first on Malwarebytes Labs.

RHSA-2022:1469: Red Hat Security Advisory: Red Hat Single Sign-On 7.5.2 security update

A security update is now available for Red Hat Single Sign-On 7.5 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

RHSA-2022:1363: Red Hat Security Advisory: OpenShift Container Platform 4.9.29 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty

RHSA-2022:1442: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...

RHSA-2022:1445: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21449: OpenJDK: Improper E...

RHSA-2022:1443: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...

RHSA-2022:1336: Red Hat Security Advisory: OpenShift Container Platform 4.7.49 security update

Red Hat OpenShift Container Platform release 4.7.49 is now available with updates to packages and images that fix several bugs and add enhancements. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.49. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0711: haproxy: Denial of service via set-cookie2 header

RHSA-2022:1444: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) *...

RHSA-2022:1370: Red Hat Security Advisory: OpenShift Container Platform 4.8.37 security and extras update

Red Hat OpenShift Container Platform release 4.8.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.37. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty

RHSA-2022:1357: Red Hat Security Advisory: OpenShift Container Platform 4.10.10 security and extras update

Red Hat OpenShift Container Platform release 4.10.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty

CVE-2022-27629: MicroPayments – Paid Author Subscriptions, Content, Downloads, Membership

Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors.

CVE-2022-24826: Build software better, together

On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended progra...

CVE-2021-3101: Build software better, together

Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.

CVE-2022-24858: Upgrade Guide (v4) | NextAuth.js

next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already have a `redirect` callback, make sure that you match the incoming `url` origin against the `baseUrl`.

CVE-2022-21496: Oracle Critical Patch Update Advisory - April 2022

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service ...

CVE-2022-21498: Oracle Critical Patch Update Advisory - April 2022

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).

CVE-2022-1187: Changeset 2702715 for wp-youtube-live – WordPress Plugin Repository

The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21.

CVE-2022-28222: Reflected XSS in Spam protection, AntiSpam, FireWall by CleanTalk

The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`

CVE-2022-1186: Changeset 2701343 for be-popia-compliant – WordPress Plugin Repository

The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5.

CVE-2022-1329: Changeset 2708766 for elementor/trunk/core/app/modules/onboarding/module.php – WordPress Plugin Repository

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.

CVE-2022-24825: Build software better, together

Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later.

Rethinking Cyber-Defense Strategies in the Public-Cloud Age

Exploring what's next for public-cloud security, including top risks and how to implement better risk management.

CVE-2022-25648: Command Injection in git | CVE-2022-25648 | Snyk

The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.