Hi,
How do patch these ?
Qualys ID: 376252
Title:
Oracle Java Standard Edition (SE) Critical Patch Update - January 2022 (CPUJAN2022)
Solution:
"The vendor has released updates to resolve these issues.
Customers are advised to refer to vendor advisory Oracle Critical Patch Update Advisory - January 2022 (The vendor has released updates to resolve these issues.
<P>
https://www.oracle.com/security-alerts/ ... pendixJAVA)"
File found in server:
/usr/lib/jvm/jre1.8.0_192/bin/java
/usr/lib/jvm/jre1.8.0_60/bin/java
How do we remediate ?
CVE-2022-21299 - Oracle Java Standard Edition (SE) Critical Patch Update - January 2022 (CPUJAN2022)
Re: CVE-2022-21299 - Oracle Java Standard Edition (SE) Critical Patch Update - January 2022 (CPUJAN2022)
You'll need to update your Oracle supplied Java runtime packages. CentOS 7 doesn;t supply any files that match that path:
Code: Select all
[root@centos7 ~]# yum provides '/usr/lib/jvm/jre1.8.0_*/bin/java'
Loaded plugins: priorities
188 packages excluded due to repository priority protections
No matches found
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke