[CLSA-2024:1706697909] java-1.8.0-openjdk: Fix of 8 CVEs
Type:
security
Severity:
Important
Release date:
2024-01-31 10:45:12 UTC
Description:
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392) - CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392) - Adapt pr2462 patch to the new sources
Updated packages:
  • java-1.8.0-openjdk-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:85913ca770c2a4bd762ab598de87d8a35024c2b0
  • java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:06eea02a61a8eec347bd873db92934654d8037d5
  • java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:d40b0c31750e8ae5337fee586d1996e85be4d38c
  • java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:01fa2bf195f829d6ba09aa7643504338ec51c405
  • java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:cdadceaf7bf8f3278717d169ce0003c2d57d0f1c
  • java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:37ea9da58caff81b2a8475f4b28d9cb48cea1b95
  • java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:12b31184a25f2082aa58ea55f4d32041bdc7beb2
  • java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:8dc5e3696732f0241b0825a1700e88a383aa4e4e
  • java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
    sha:cad7ce4d962969cbf26f4603b6d3bf870eb131b6
  • java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
    sha:c64105712268e6333641cdcb1a2624b65e899795
  • java-1.8.0-openjdk-src-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:5dee3368c8289316b1a3cc998524c51dbaffee9e
  • java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:9dae1d92cb9b966879e4d9c4a8ea4215e8003f72
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.