[CLSA-2023:1703612003] Fix CVE(s): CVE-2022-40433, CVE-2023-22067, CVE-2023-22081
Type:
security
Severity:
Moderate
Release date:
2023-12-26 17:33:31 UTC
Description:
* Backport upstream releases 8u392 to 16.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * Drop applied CVE-2022-40433.patch (changes are already in the sources)
Updated packages:
  • openjdk-8-demo_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:576355e4a8fb2c3973d05e4ac7b264d2f2336200
  • openjdk-8-doc_8u392-ga-0ubuntu1~16.04+tuxcare.els1_all.deb
    sha:c07146d7af983657f0b6b55db3e9c6f9a6810afb
  • openjdk-8-jdk_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:471f051e1f99d41b42bbdfbc46fe9a4ea0d02846
  • openjdk-8-jdk-headless_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:9387a3ba5698c1283e49e34839a63dfd2cb5eff7
  • openjdk-8-jre_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:ed03de09514cd39b5d1c55d0352a873510796a54
  • openjdk-8-jre-headless_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:4c18af9e0c61d459b53714bf7bc219e1d2560d10
  • openjdk-8-jre-jamvm_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:673cfe7d2a862b1de80adb3d44afcb60acd9e13f
  • openjdk-8-jre-zero_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb
    sha:6423e41d03c2988c16a015c58961676479b35e82
  • openjdk-8-source_8u392-ga-0ubuntu1~16.04+tuxcare.els1_all.deb
    sha:51a76415c52b6e998292789220499719a05461ee
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.