CLSA-2023:1688674204

[CLSA-2023:1688674204] java-1.8.0-openjdk: Fix of 7 CVEs

Type:

security

Severity:

Important

Release date:

2023-07-06

Description:

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs:
- CVE-2023-21930: Improper connection handling during TLS handshake (8294474)
- CVE-2023-21937: Missing string checks for NULL characters (8296622)
- CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304)
- CVE-2023-21939: Swing HTML parsing issue (8296832)
- CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191)
- CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310)
- CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667)
- Update tzdata requirement to 2023c to match JDK-8305113
- Include JDK-8271199 fix from the upcoming jdk8u382 in advance

Updated packages:

java-1.8.0-openjdk-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:6595e7d5f8a60e54760468c065de83ab03a41bc4
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:de777836d8a3feaab8462646134415636b0a98df
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:ae839050254b6f4d3b4a9ee4d88519c2d5c03f82
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:8ea13b4e8e5011b0d602b41933fec1c4376f7d19
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:0e76759bd681b2f812f443b241b0086ef5cb2a5f
java-1.8.0-openjdk-demo-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:3247780b7c11df9c250f32950bd7cac3b9a341d4
java-1.8.0-openjdk-demo-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:01a2b55cf0a0e7776b017947eed6d29b8d53ff7f
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:211544cbb29cc2c070efe259a4b65173e8ff8e9f
java-1.8.0-openjdk-devel-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:97be03977024725bfae3f10ab52dd494c404c8d2
java-1.8.0-openjdk-devel-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:9a7f185aa6506b1c0ac8b68df20f5c5de42fb70e
java-1.8.0-openjdk-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:ccaf81194c8fef192eec60d716d445a19e24b058
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:f30e66a535390dc118d9f30f4f611a1907e54ed6
java-1.8.0-openjdk-headless-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:15afaf48f0d738647600aac47938875e3f0aef14
java-1.8.0-openjdk-headless-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:80eaac5fbf6cf9d1a47964df4ff48635be1d2d6c
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8.tuxcare.els1.noarch.rpm
sha:ec95f099a9f132f492b9c989c3fceb7f431b224d
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8.tuxcare.els1.noarch.rpm
sha:5e76799ecfa50964c0c37b7b0c6209f4e5cad4d7
java-1.8.0-openjdk-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:44193a061061623a2cea502f44317087ca87fd8c
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:20871965a46b890aa3086267b744e8d758ea0d49
java-1.8.0-openjdk-src-fastdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:6b3a4a0443279559b96a4d126b5ef94633de6eae
java-1.8.0-openjdk-src-slowdebug-1.8.0.372.b07-1.el8.tuxcare.els1.x86_64.rpm
sha:ab6a4640a918aee3408fd65fb4458b3e5a7cb900

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.