java-11-openjdk-11.0.3.7-0.el7
エラータID: AXSA:2019-3894:02
リリース日:
2019/05/27 Monday - 11:40
題名:
java-11-openjdk-11.0.3.7-0.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2019-2602, CVE-2019-2684 の情報が公開
されておりません。
CVE の情報が公開され次第情報をアップデートいたします
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-2602
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2684
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
追加情報:
N/A
ダウンロード:
SRPMS
- java-11-openjdk-11.0.3.7-0.el7.src.rpm
MD5: b6774a4e9fb66037bc4342fd85c3ab89
SHA-256: 5d6fe6c22aa42631daa924ba20cfc4c074be6a0edf27e4c2c9668b46639773e4
Size: 72.72 MB
Asianux Server 7 for x86_64
- java-11-openjdk-11.0.3.7-0.el7.x86_64.rpm
MD5: 7c574aa508d836b57a0251198fd89612
SHA-256: 72043ff6749f773632da7ae6519becfa31428423b11f56d8877173e54ba963bd
Size: 193.37 kB - java-11-openjdk-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: 5e7a250e7f720faba50bc65a44a796b4
SHA-256: 9a1f374f198659edc6debefdc115852d2a56097931a8244d1a2f939cd5a5ce8e
Size: 197.38 kB - java-11-openjdk-demo-11.0.3.7-0.el7.x86_64.rpm
MD5: e01bbfb10fa749302826c140834138a4
SHA-256: 1acab6abe9b15ce6648477b74e7e12b964c5603a43063413dacf1273ae0fe906
Size: 4.33 MB - java-11-openjdk-demo-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: d2942b9d5cdc98d238d3cb5f1abe777d
SHA-256: 8a9f925bbd853aabb23ee0a0e5b089d40c939602fd79fd83f3dd412c9a53122c
Size: 4.33 MB - java-11-openjdk-devel-11.0.3.7-0.el7.x86_64.rpm
MD5: 79dd1caf9f5a5b8efbff5f9213917c89
SHA-256: 2b1f7d5affccf85465cd4bae33340f85b9df17d3adcb8d8a3a6e9d7a78e58578
Size: 3.36 MB - java-11-openjdk-devel-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: 4c4178b9509ac7ae66e6c94bf6375d0a
SHA-256: b4e0a6a5b175a00d18ca1eb4e69709d91869f14cc3337a6fabfa9da14eb48173
Size: 3.36 MB - java-11-openjdk-headless-11.0.3.7-0.el7.x86_64.rpm
MD5: 4f17e77c5f8a85282a91f20a019bf629
SHA-256: f0a77a737a27b117e3fde633f3fb01652ac74fa75edd57595bfc829bb0849233
Size: 38.23 MB - java-11-openjdk-headless-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: c98148ee6598d8b02cc08dd3636c9121
SHA-256: 16b70114f82a5d40b27630a448574fa06e7178fbd8d20792ede631a0b665d062
Size: 40.03 MB - java-11-openjdk-javadoc-11.0.3.7-0.el7.x86_64.rpm
MD5: 0cc5423f349b7478431e8bf110abb17a
SHA-256: fb182754f2a724fdca1ee536023d68418c0b9bed231e1f3eb615fadc74defddb
Size: 16.06 MB - java-11-openjdk-javadoc-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: f6d833a8ae15632690ac0bd3b08574c5
SHA-256: a37000ffde2920c653204893ffccd40fb0efc9bca11f5f6f361f916ff46ad4a9
Size: 16.06 MB - java-11-openjdk-javadoc-zip-11.0.3.7-0.el7.x86_64.rpm
MD5: 759fe8e5ad71b8cd8810547cdcb7a87e
SHA-256: 71b6635fa6969d777b5b3ccb4f0a7e267536f5bd21312225b4325e223b189bac
Size: 42.23 MB - java-11-openjdk-javadoc-zip-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: 34053a7d1f9d3cfbb1c7ed4e37c35eab
SHA-256: be7121351af17966e1a1e09ce0b9be9222e52cacbc3d7d5a3ddd0f19cbea061c
Size: 42.23 MB - java-11-openjdk-jmods-11.0.3.7-0.el7.x86_64.rpm
MD5: 3f54a818045f4158d3ecb1e6f78a04c1
SHA-256: 0f54659ce9d3da7ede94adadf84f70c3cb1cb5adac26b1e2e1772ee00460ffd0
Size: 302.77 MB - java-11-openjdk-jmods-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: e75c9ab237dd8a5ebc608a88f1bed841
SHA-256: f2662d74bba0de222c6f286bdbdaf8f8a4b6303f6aec01de40f6b60079b777d1
Size: 169.72 MB - java-11-openjdk-src-11.0.3.7-0.el7.x86_64.rpm
MD5: 3026e496e174a9eb08e04fca50f5a0ac
SHA-256: 73ed5b64af759af767256f69bd7a45dc3ee492a04ae95877d0962ed18987b60b
Size: 50.02 MB - java-11-openjdk-src-debug-11.0.3.7-0.el7.x86_64.rpm
MD5: 5fb4195e869c9de17919497c5eab4d3f
SHA-256: 0dffc945b99cbb1ac6b521f4ae716f35cd8e8e4875451cef5d7683e0b357c0f7
Size: 50.02 MB - java-11-openjdk-11.0.3.7-0.el7.i686.rpm
MD5: 2df18b71604d2c3649f08fac23b4e986
SHA-256: e4f6dfb389e9148c3a24471b0b9497806b29889a8a453d896ce6e44d545e92a7
Size: 188.92 kB - java-11-openjdk-debug-11.0.3.7-0.el7.i686.rpm
MD5: 8968225f5cd920bc360045b14b1b0043
SHA-256: a7e2cf1e469f1f915f1f8706f70422831042b00ed7eafd6ad041a57b01b1ac3f
Size: 190.40 kB - java-11-openjdk-demo-11.0.3.7-0.el7.i686.rpm
MD5: 420e7b20544c20f4c089e9744ce56146
SHA-256: 3a17112ddda7928e898e2fa8d1f94228e9ebb8a4cbe8e74f5382cdc72294124b
Size: 4.32 MB - java-11-openjdk-demo-debug-11.0.3.7-0.el7.i686.rpm
MD5: 2f2b37f8ae5049f809ac5d115ede6bf1
SHA-256: 4bc2540f919d0307ccc3712afe7a0a53a70d8d2495cfc28903b5ffabcbeeba35
Size: 4.32 MB - java-11-openjdk-devel-11.0.3.7-0.el7.i686.rpm
MD5: 57fccf68a9c62e91c4ab0e57d94f75e8
SHA-256: a1f58cd7189b40e5748bf93b63fbe3720fd26214e06e6e3bb9d7f475e5b4b043
Size: 3.34 MB - java-11-openjdk-devel-debug-11.0.3.7-0.el7.i686.rpm
MD5: 835ad420ef421fb24a94f09df25b6729
SHA-256: 7b94a40cead03b9d31e304ee16f0041547f43b8e0dbef087bd8bc2f63533bae0
Size: 3.34 MB - java-11-openjdk-headless-11.0.3.7-0.el7.i686.rpm
MD5: 6b4cc93f90504cc6f7de915f1492e01b
SHA-256: b881ede703e0057137ab92daeff9eb00130201b5a3ee528e709809b22fde1ac3
Size: 34.31 MB - java-11-openjdk-headless-debug-11.0.3.7-0.el7.i686.rpm
MD5: de18337dc19ba8ebfb89b46f9fc965ed
SHA-256: 4a83ad78dac25702226a6e1ff7a5be349f437932c098ff8317d62b2d66e8c2eb
Size: 35.75 MB - java-11-openjdk-javadoc-11.0.3.7-0.el7.i686.rpm
MD5: c449894efe9bac4fedd776f489396a5c
SHA-256: 2e41526f356b4993bb4c1b2826c9f43cd61c0b85219d6921041ee10d0f8f4b3c
Size: 16.06 MB - java-11-openjdk-javadoc-debug-11.0.3.7-0.el7.i686.rpm
MD5: b5f3dc2e2990561bb584d0c242b1cef1
SHA-256: 48ddc41667370a9d78c7cab05dd4ce934db95144617630f3e29f2b510d51cfb1
Size: 16.06 MB - java-11-openjdk-javadoc-zip-11.0.3.7-0.el7.i686.rpm
MD5: 031424ba2b782e07acfc9ddf0fab7a9e
SHA-256: 8d2b6ba515f05abb1c022513be32a7324af09871cf4180e1266e3a8fa6cf6b9c
Size: 42.26 MB - java-11-openjdk-javadoc-zip-debug-11.0.3.7-0.el7.i686.rpm
MD5: af66a90cd1cee609b50f131ddda7dbce
SHA-256: 0dbbffa6476329656754f865415c9b591dd74bc716a37161d6a6fb23d63511ca
Size: 42.26 MB - java-11-openjdk-jmods-11.0.3.7-0.el7.i686.rpm
MD5: d3905387b696189dc8e66f10e8530a62
SHA-256: 7168c87fb9051c1bfe0815367f4de70bb6afd616e7010afcad04acf00f845376
Size: 252.53 MB - java-11-openjdk-jmods-debug-11.0.3.7-0.el7.i686.rpm
MD5: 5e3395bb0ff322e625653253f79748c0
SHA-256: 64537108ac11fa72319910f2f4c0a9f6de0d91862168ca3abc2dc985125e10c0
Size: 145.53 MB - java-11-openjdk-src-11.0.3.7-0.el7.i686.rpm
MD5: d05211cc92579e018458b842e0e4343a
SHA-256: 604145e4934e227659263868c9c3e55e8d1cf9244b767b3b3e4bf8ae3283e55f
Size: 45.28 MB - java-11-openjdk-src-debug-11.0.3.7-0.el7.i686.rpm
MD5: d171bd573e98f8f615f78fd30d10ecb3
SHA-256: fa22a4c4115d58c5711abc9b7c394e6e75b606e492e27fb97cd6f59384960629
Size: 45.28 MB
English