CLSA-2022:1667495676

[CLSA-2022:1667495676] java-1.8.0-openjdk: Fix of 4 CVEs

Type:

security

Severity:

Moderate

Release date:

2022-11-03

Description:

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08. That fixes following CVEs:
- CVE-2022-21619: Improper handling of long NTLM client hostnames
- CVE-2022-21624: Insufficient randomization of JNDI DNS port numbers
- CVE-2022-21626: Excessive memory allocation in X.509 certificate parsing
- CVE-2022-21628: HttpServer no connection count limit
- Update tzdata requirement to 2022c to match JDK-8292579
- Adapt rh1860986-disable_tlsv1.3_in_fips_mode.patch to new sources
- Improve security properties test to check both enabled and disabled behaviour
- Add test to ensure timezones can be translated

Updated packages:

java-1.8.0-openjdk-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:0d63278787b4361402dea75cf0e3724da2b57e56
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:cd37c5c0c307d0b9ca8f72c220ffa4a38046c3de
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:02b1843257fcda0f813b023f3242f3540b5e2bf8
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:c183fc0aa55ec6e98cc169f27fa4e3e7bcd0dc5a
java-1.8.0-openjdk-demo-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:ad5898246be466a058e4696941f18e656f7f56f4
java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:43047a5de7a868555bd53dd378070271933f72bd
java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:833cbcdd3e5eb86df0785d941f49c56289baf3ec
java-1.8.0-openjdk-devel-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:f7e41911f1c13a53843022b79394ad758283e92f
java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:1900b6d293d8110cb2165630e82fca4962cd1299
java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:a34cecaaa8202d905371f6996c967e5707b0ce8c
java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:6b5082aa30898799da6553c0011656a9aa544927
java-1.8.0-openjdk-headless-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:984110533b61fa0f2768ae28708ec0678ed05546
java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:5346e0ec049a553882ee3679ed8dc9bbea8a7ac4
java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:0d1da41bb78a1fee08deeb3d6f907e44b2203c78
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-1.el8.tuxcare.els1.noarch.rpm
sha:d8dabd16bc1353e4208443241f1394f301589402
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-1.el8.tuxcare.els1.noarch.rpm
sha:99efbc66ae4be73241c3a8a354a1afe9165344f5
java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:fe1a7123ccdc24c050e0dbe6b4fd37b48513f4a7
java-1.8.0-openjdk-src-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:96ff8b8e0b3fc56986ecbb4530d7deedea6890e7
java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:293604b91607dcdb62295d94c8038250864c511e
java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-1.el8.tuxcare.els1.x86_64.rpm
sha:9f99c9084310382ca0780185d219fe1006c217ad

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.