{"id":"MGASA-2020-0182","summary":"Updated java-1.8.0-openjdk packages fix security vulnerabilities","details":"Updated java-1.8.0-openjdk packages fix security vulnerabilities:\n\nMisplaced regular expression syntax error check in RegExpScanner (Scripting,\n8223898) (CVE-2020-2754)\n\nIncorrect handling of empty string nodes in regular expression Parser\n(Scripting, 8223904) (CVE-2020-2755)\n\nIncorrect handling of references to uninitialized class descriptors during\ndeserialization (Serialization, 8224541) (CVE-2020-2756)\n\nUncaught InstantiationError exception in ObjectStreamClass (Serialization,\n8224549) (CVE-2020-2757)\n\nUnexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory\n(Security, 8231415) (CVE-2020-2773)\n\nRe-use of single TLS session for new connections (JSSE, 8234408)\n(CVE-2020-2781)\n\nCRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server,\n8234825) (CVE-2020-2800)\n\nIncorrect bounds checks in NIO Buffers (Libraries, 8234841)\n(CVE-2020-2803)\n\nIncorrect type checks in MethodType.readObject() (Libraries, 8235274)\n(CVE-2020-2805)\n\nRegular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n","modified":"2026-04-16T00:10:27.514446895Z","published":"2020-04-24T17:03:35Z","upstream":["CVE-2020-2754","CVE-2020-2755","CVE-2020-2756","CVE-2020-2757","CVE-2020-2773","CVE-2020-2781","CVE-2020-2800","CVE-2020-2803","CVE-2020-2805","CVE-2020-2830"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0182.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26520"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2020:1512"}],"affected":[{"package":{"name":"java-1.8.0-openjdk","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/java-1.8.0-openjdk?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0.252-1.b09.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0182.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}