New Search

RHSA-2015:0809 -- java-1.8.0-openjdk security update (Important)

oval:org.mitre.oval:def:29136

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw leading to a buffer overflow was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 6
  • CentOS Linux 7
  • CentOS Linux 6
  • Red Hat Enterprise Linux 7
Class:
patch
Reference(s):
  • RHSA-2015:0809
  • CESA-2015:0809-CentOS 7
  • CESA-2015:0809-CentOS 6
  • CVE-2005-1080
  • CVE-2015-0460
  • CVE-2015-0469
  • CVE-2015-0470
  • CVE-2015-0477
  • CVE-2015-0478
  • CVE-2015-0480
  • CVE-2015-0488
Product(s):
  • java-1.8.0-openjdk