CLSA-2024:1706698462

[CLSA-2024:1706698462] java-1.8.0-openjdk: Fix of 6 CVEs

Type:

security

Severity:

Important

Release date:

2024-01-31 10:54:25 UTC

Description:

- Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs:
- CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
- CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
- CVE-2024-20921: Range check loop optimization issue
- CVE-2024-20926: Arbitrary Java code execution in Nashorn
- CVE-2024-20945: Logging of digital signature private keys
- CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
- Remove JDK-8312489 patch which is already in the sources

Updated packages:

java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:985a45c8261c59abac4a44948037a6cc2d56e620
java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:ef4381e2d45cad05764579260dc995563441e132
java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:8160994f0cd9bad149e5a90fc0cb17d9140cf4ed
java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:0fcc4e0970849055e2282c3bc8114065c7107037
java-1.8.0-openjdk-accessibility-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:4479fe7464c92190454afd066e277023d919f6fc
java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:9e86d9d96f9e181378702495a2bf70164acd85c6
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:a0485fe0478294ff032f4c14e6c477ac3994fb8b
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:c04b4d849b0ea094fee35a171ba4a44c7370d725
java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:887249dcbe96685426c54e90c41f0027c8c3e504
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:1261c82741d6eb32f635f4e1780c024f8089575f
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:52ec594951a776a02f0df7053dc5a7571b88258f
java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:b7a0efd04304fc2a8b1bcbcb0a819b6f08df4039
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:d74e69ba4033f60f66a6c655947de5ea1504ec86
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:ba1beebb093fff1eb59ed81ff287cfa8a6bda89e
java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:1e7d15c7b51cf0c3a6112f1f6888a340f23a9ea5
java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
sha:00fae0753cef9a26e8b57febffe45c478c351c09
java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
sha:e6d9837df19a63c42b250d29cfe55e637375df0f
java-1.8.0-openjdk-javadoc-zip-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
sha:ea34729369f2f754d4106fc50b4c3e102189ed0f
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
sha:5ae85d29e6f1f326df3edb4f86c9329bdd0c0125
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
sha:23a9388afe4eb4bfbe36f1ae237eb28d2fc9441c
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:f840b1b5df6ba65175fedc433c404160f18e3762
java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
sha:ab2e31664231ea3bf64774767b18ad387d490a11

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.