Hi All, We are currently on OpenJDK 1.7.0_161 and OpenJDK 1.7.0_161 is impacted by CVE-2018-2794 & CVE-2018-2814 It seems we do NOT have an ETA for the fix. I could see RH already posted a fix for OpenJDK 1.8 here - https://clicktime.symantec.com/a/1/OXdEaLeTBZV355U3VoZGXHSsHP8TO8kMoHYzvixKBl0=?d=0qyCwIvjugxbrmipQQff1sa2wWRMHVRUUuh0XUv5ESqzaTOxkR6ung_ezofkaQmI9oOdk_0br_664pT84q32Qtq17tbclsFpZqurBZxvOQdDnicXWPwO3X7cQo8-JMiYoLRuTt_QbkxY1E9QQ2nD5BUNDquBzNM45qyY7_kQCtBQZUMocX9BHVGIP87nBkhXrbPd6vEeNUefyjNt5bHUlCle552uxZgZ1RV5Ml5vmriyuUwrIN7MDZGmupBBrNqveUYWOvBEOWDdv1eeX9l8sds65djharjDD7C2Usi__S-AIip3ceSDyJJYKmrKU00e9vnHsPiaGfq6eODpZCL8szX8WcKf0_2MroeNyuzFK6xx6T2w5fh9UmXlbB-L90anhbTD_oWywwiMVF0ttO2CdVNCMELMQBKXpCEEL6lR3A%3D%3D&u=https%3A%2F%2Flwn.net%2FArticles%2F752395%2F Can you please find out when the fix for OpenJDK 1.7 would be available ? If this is getting delayed, can you help to back port this fix ? Regards, Shagun -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20180502/611b3556/attachment-0007.html>