| Errata ID | 189 |
|---|---|
| Date | 2019-07-24 |
| Source package | openjdk-8 |
| Fixed in version | 8u222-b10-1~deb9u1 |
| Description | This update addresses the following issues: * Side-channel attack risks in Elliptic Curve (EC) cryptography (CVE-2019-2745) * Insufficient checks of suppressed exceptions in deserialization (CVE-2019-2762) * Unbounded memory allocation during deserialization in Collections (CVE-2019-2769) * Insufficient restriction of privileges in AccessController (CVE-2019-2786) * Missing URL format validation (CVE-2019-2816) * Missing array bounds check in crypto providers (CVE-2019-2842) |
| Additional notes | |
| CVE ID | CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 |
| UCS Bug number | #49889 |
