[CLSA-2024:1706698228] java-1.8.0-openjdk: Fix of 8 CVEs
Type:
security
Severity:
Important
Release date:
2024-01-31 10:50:31 UTC
Description:
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392) - CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392) - Adapt pr2462 patch to the new sources
Updated packages:
  • java-1.8.0-openjdk-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:8fd7f45a0d4d811d019c28fb88dfb53606067b49
  • java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:ffb704c0f7a77caa96e4a0fbdf76d1fe5b81000c
  • java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:d074035c651b13193f063df0fc17e91f70078f8b
  • java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:792344b9fdcb511ff203ad08bfa4eac967d847a9
  • java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:ae071e9d1300f22d67d3fc2578e068d73318af04
  • java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:11d0a26137a60764a24285d6fa07f8d48709e02a
  • java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:e71fac9ecbc3eb9839df634fa0ecd4a9245dcd03
  • java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:015bbd09d0f8252ca0af85d97b790fba95f3c60b
  • java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
    sha:466ae3ecc3f207ee8655e5b1e11571f987666625
  • java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
    sha:20d747317b94f854d018ec0b0f0c19c3a2381d35
  • java-1.8.0-openjdk-src-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:60d1e3339d7c17a27ad1420bbec179a96ea2f9bf
  • java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
    sha:2eabc83583424c92c6643520b54c8ea2ecc86e39
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.