Описание
ELSA-2023-5736: java-11-openjdk security and bug fix update (MODERATE)
[1:11.0.21.0.9-1.0.1]
- link atomic for ix86 build
[1:11.0.21.0.9-1]
- Update to jdk-11.0.21+9 (GA)
- Update release notes to 11.0.21+9
- Remove system crypto policy patch which doesn't belong on RHEL 7 with no system policies
- Update generate_tarball.sh to be closer to upstream vanilla script inc. no more ECC removal
- Update bug URL for RHEL to point to the Red Hat customer portal
- Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball
- Apply all patches using -p1
- Drop local backport of JDK-8243210 which is upstream from 11.0.21+2
- Add missing JFR alternative ghost
- Move jcmd to the headless package
- Replace -mstackrealign with -mincoming-stack-boundary=2 -mpreferred-stack-boundary=4 on x86_32 for stack alignment
- Disable the serviceability agent on Zero architectures even when the architecture itself is supported
- ** This tarball is embargoed until 2023-10-17 @ 1pm PT. **
- Resolves: RHEL-12217
- Resolves: RHEL-12910
- Resolves: RHEL-12913
- Resolves: RHEL-11320
- Resolves: RHEL-13227
- Resolves: RHEL-13217
[1:11.0.21.0.9-1]
- For non debug subpackages, ghosted all alternatives (rhbz1649776)
- For non system JDKs, if-outed versionless provides.
- Aligned versions to be %{epoch}:%{version}-%{release} instead of chaotic
- Related: RHEL-11320
[1:11.0.20.1.1-1]
- Update to jdk-11.0.20.1+1 (GA)
- Update release notes to 11.0.20.1+1
- Add backport of JDK-8312489 already upstream in 11.0.22 (see OPENJDK-2095)
- Add backport of JDK-8243210 already upstream in 11.0.21 (see RH2229269)
- Update openjdk_news script to specify subdirectory last
- Add missing discover_trees script required by openjdk_news
- Synchronise runtime and buildtime tzdata requirements
- Update README.md to match the version in later RHEL releases
- Resolves: rhbz#2236229
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
java-11-openjdk
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-demo
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-devel
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-headless
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-javadoc
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-javadoc-zip
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-jmods
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-src
11.0.21.0.9-1.0.1.el7_9
Oracle Linux x86_64
java-11-openjdk
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-demo
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-devel
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-headless
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-javadoc
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-javadoc-zip
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-jmods
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-src
11.0.21.0.9-1.0.1.el7_9
java-11-openjdk-static-libs
11.0.21.0.9-1.0.1.el7_9
Связанные CVE
Связанные уязвимости
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Thi...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...
