Описание
Security update for java-1_8_0-openj9
This update for java-1_8_0-openj9 fixes the following issues:
Update to OpenJDK 8u372 build 07 with OpenJ9 0.38.0 virtual machine.
CVE-2023-21930: Unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1210628). CVE-2023-21937: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). (bsc#1210631). CVE-2023-21938: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). (bsc#1210632). CVE-2023-21939: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). (bsc#1210634). CVE-2023-21954: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). (bsc#1210635). CVE-2023-21967: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). (bsc#1210636). CVE-2023-21968: Fixed ulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries) (bsc#1210637). CVE-2023-2597: Fixed buffer overflow in shared cache implementation (bsc#1211615).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP5
openSUSE Leap 15.4
openSUSE Leap 15.5
Ссылки
- Link for SUSE-SU-2023:3305-1
- E-Mail link for SUSE-SU-2023:3305-1
- SUSE Security Ratings
- SUSE Bug 1210628
- SUSE Bug 1210631
- SUSE Bug 1210632
- SUSE Bug 1210634
- SUSE Bug 1210635
- SUSE Bug 1210636
- SUSE Bug 1210637
- SUSE Bug 1211615
- SUSE CVE CVE-2023-21930 page
- SUSE CVE CVE-2023-21937 page
- SUSE CVE CVE-2023-21938 page
- SUSE CVE CVE-2023-21939 page
- SUSE CVE CVE-2023-21954 page
- SUSE CVE CVE-2023-21967 page
- SUSE CVE CVE-2023-21968 page
- SUSE CVE CVE-2023-2597 page
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21930
- SUSE Bug 1210628
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21937
- SUSE Bug 1210631
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21938
- SUSE Bug 1210632
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21939
- SUSE Bug 1210634
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21954
- SUSE Bug 1210635
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21967
- SUSE Bug 1210636
Описание
unknown
Затронутые продукты
Ссылки
- CVE-2023-21968
- SUSE Bug 1210637
Описание
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
Затронутые продукты
Ссылки
- CVE-2023-2597
- SUSE Bug 1211615