RLSA-2022:7007

Опубликовано: 20 окт. 2022

Источник: rocky

Оценка: Moderate

Описание

Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
java-1.8.0-openjdk	x86_64	2.el9_0	java-1.8.0-openjdk-1.8.0.352.b08-2.el9_0.x86_64.rpm
java-1.8.0-openjdk-demo	x86_64	2.el9_0	java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el9_0.x86_64.rpm
java-1.8.0-openjdk-devel	x86_64	2.el9_0	java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el9_0.x86_64.rpm
java-1.8.0-openjdk-headless	x86_64	2.el9_0	java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el9_0.x86_64.rpm
java-1.8.0-openjdk-javadoc	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el9_0.noarch.rpm
java-1.8.0-openjdk-javadoc	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el9_0.noarch.rpm
java-1.8.0-openjdk-javadoc	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el9_0.noarch.rpm
java-1.8.0-openjdk-javadoc	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el9_0.noarch.rpm
java-1.8.0-openjdk-javadoc-zip	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el9_0.noarch.rpm
java-1.8.0-openjdk-javadoc-zip	noarch	2.el9_0	java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el9_0.noarch.rpm