[CLSA-2022:1654174568] Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21496, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21434
Type:
security
Severity:
Important
Release date:
2022-06-02
Description:
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler - CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions - CVE-2022-21443: Missing check for negative ObjectIdentifier - Remove patch files from previous change due to their presence in newer versions
Updated packages:
  • java-1.8.0-openjdk-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:1e535711d2f91e99a267a60997f7cbbf40595ad0
  • java-1.8.0-openjdk-src-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:b8f88c555b2d0c1603bd8991de7e491f115dd847
  • java-1.8.0-openjdk-javadoc-debug-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm
    sha:1c625cc5121ae560207810df716c43a422c170d2
  • java-1.8.0-openjdk-src-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:fdd3f80e49c5e98ef5e5b86c56e98c06d9b4fdac
  • java-1.8.0-openjdk-headless-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:533a38c388a06826aa786662db2a83d7b7b6b498
  • java-1.8.0-openjdk-demo-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:dd0b14a22a26ed4b6e451f8420f5a818acb39157
  • java-1.8.0-openjdk-devel-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:b11b0cd84dbee3e93c3013881301aa791d5d1d60
  • java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm
    sha:f3ba30157e53a63145594080a0903e48a81b3f81
  • java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:3957953a47514c8eb8f0e7011bd53c20e79bfc4c
  • java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:58b9652bc66bec40bf591dc0e82e2c231cc419a4
  • java-1.8.0-openjdk-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:3fb2bfbb7d2d7cde178abe5fdb251ae8ba98a659
  • java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
    sha:c9a513eef7bc9b601f2f52bdff2cbab1edd36111
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.