CVE-2021-2163 log

Severity Medium
Remote Yes
Type Insufficient validation
A security issue was found in the way the Libraries component of OpenJDK enforced constraints defined in the jdk.jar.disabledAlgorithms security property. Verification of a JAR filed signed using a disabled algorithm could succeed in certain cases, leading to bypass of the intended security restrictions. The issue is fixed in versions 16.0.1, 11.0.11, 8u291 and 7u301.
Group Package Affected Fixed Severity Status Ticket
AVG-1850 jdk7-openjdk, jre7-openjdk-headless 7.u261_2.6.22-1 Medium Unknown
AVG-1849 jdk8-openjdk, jre8-openjdk-headless 8.u282-1 8.u292-1 Medium Fixed
AVG-1848 jdk11-openjdk, jre11-openjdk-headless 11.0.10.u9-1 11.0.11.u9-1 Medium Fixed
AVG-1847 jdk-openjdk, jre-openjdk-headless 15.0.2.u7-1 16.0.1.u9-1 Medium Fixed