CLSA-2022:1667494847

[CLSA-2022:1667494847] java-1.8.0-openjdk: Fix of 4 CVEs

Type:

security

Severity:

None

Release date:

2022-11-03

Description:

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08. That fixes following CVEs:
- CVE-2022-21619: Improper handling of long NTLM client hostnames
- CVE-2022-21624: Insufficient randomization of JNDI DNS port numbers
- CVE-2022-21626: Excessive memory allocation in X.509 certificate parsing
- CVE-2022-21628: HttpServer no connection count limit
- Update tzdata requirement to 2022c to match JDK-8292579
- Adapt rh1860986-disable_tlsv1.3_in_fips_mode.patch to new sources
- Improve security properties test to check both enabled and disabled behaviour
- Add test to ensure timezones can be translated

Updated packages:

java-1.8.0-openjdk-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:ab8ab8b098371148d06f403b6f68776c6046426d
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:df3fe3d33c95ffe4e94d7c4ff3c343abec607435
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:dfd04d37e0886139d883dc0ecfa207b4ada2e1d3
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:2109d2c6bdfd628bd5e2c131874cf1c544945a7f
java-1.8.0-openjdk-demo-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:d2eadd92dde11f4a1cbe3dbac298cd6c19271064
java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:b8e06689deea56752b70e75804525bb3bc5f3d5f
java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:dfcafcd62bb1f6799b8d08184d3a1b0e2de5ba56
java-1.8.0-openjdk-devel-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:92eacd525c27e8161b6372a8daf0b9bdd4c903c5
java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:43a5989b72fd12d6d376723a335b91a679cb9627
java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:cb84499d2013fe8113618f0845165d052ed230f4
java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:34600c549d4166c2608890a384d546b1479302c3
java-1.8.0-openjdk-headless-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:2259b5721d04ff3b7ca1f19027ea2b2a222e8f2a
java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:2234c58fe0650068a9c179f88ad734726a93d468
java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:e51ea72012064e2ad1724a9ebea56c4821893f68
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-1.el8.tuxcare.els1.noarch.rpm
sha:86c8ea4df66aea32768c42d9178454fefa458e53
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-1.el8.tuxcare.els1.noarch.rpm
sha:15a76337e89d9b05f016093846934a2b05b76c8a
java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:8e7e0c8c305365bcb335856d383f4bac66526c75
java-1.8.0-openjdk-src-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:ef88360f935f4f78a12646c6ddbf3702620afc49
java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:6db2f69039fc01e15980cf8430e9a1bcea8465e8
java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:e3dd7f06d705b185905790593211b3b2bd525473

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.