Описание
ELSA-2023-5744: java-11-openjdk security and bug fix update (MODERATE)
[1:11.0.21.0.9-2.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]
- Update to jdk-11.0.21+9 (GA)
- Update release notes to 11.0.21+9
- OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
- OpenJDK: Additional zip64 files validation (8313765) (RHBZ#2237170)
- OpenJDK: Print an exception when encountering null addresses while producing thread dumps (8243210)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
java-11-openjdk
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-javadoc
11.0.21.0.9-2.0.1.el9
java-11-openjdk-javadoc-zip
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs-slowdebug
11.0.21.0.9-2.0.1.el9
Oracle Linux x86_64
java-11-openjdk
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-demo-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-devel-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-headless-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-javadoc
11.0.21.0.9-2.0.1.el9
java-11-openjdk-javadoc-zip
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-jmods-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-src-slowdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs-fastdebug
11.0.21.0.9-2.0.1.el9
java-11-openjdk-static-libs-slowdebug
11.0.21.0.9-2.0.1.el9
Связанные CVE
Связанные уязвимости
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Thi...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This v
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...
