RHSA-2015:0069High

Red Hat Security Advisory: java-1.8.0-openjdk security update

Published
January 21, 2015
Last Modified
June 27, 2026

🔗 CVE IDs covered (14)

📋 Description

CVE-2014-3566 — SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-6549 — OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314) CVE-2014-6585 — ICU: font parsing OOB read (OpenJDK 2D, 8055489) CVE-2014-6587 — OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) CVE-2014-6591 — ICU: font parsing OOB read (OpenJDK 2D, 8056276) CVE-2014-6593 — OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555) CVE-2014-6601 — OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982) CVE-2015-0383 — OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807) CVE-2015-0395 — OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125) CVE-2015-0407 — OpenJDK: directory information leak via file chooser (Swing, 8055304) CVE-2015-0408 — OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309) CVE-2015-0410 — OpenJDK: DER decoder infinite loop (Security, 8059485) CVE-2015-0412 — OpenJDK: insufficient code privileges checks (JAX-WS, 8054367) CVE-2015-0437 — OpenJDK: code generation issue (Hotspot, 8064524)

🔗 References (18)