ALSA-2022:5709

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/9/ALSA-2022-5709.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2022:5709.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2022:5709

Related

Published

2022-07-25T00:00:00Z

Modified

2023-09-15T13:41:48Z

Summary

Important: java-1.8.0-openjdk security, bug fix, and enhancement update

Details

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). (BZ#2084776) Security Fix(es): * OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169) * OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540) * OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * rh1991003 patch breaks sun.security.pkcs11.wrapper.PKCS11.getInstance() [almalinux-9, openjdk-8] (BZ#2099916) * SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode [almalinux-9, openjdk-8] (BZ#2107956) * Revert to disabling system security properties and FIPS mode support together [almalinux-9, openjdk-8] (BZ#2107958)

References

Affected packages

AlmaLinux:9 / java-1.8.0-openjdk

Package

Name: java-1.8.0-openjdk

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-demo

Package

Name: java-1.8.0-openjdk-demo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-demo-fastdebug

Package

Name: java-1.8.0-openjdk-demo-fastdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-demo-slowdebug

Package

Name: java-1.8.0-openjdk-demo-slowdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-devel

Package

Name: java-1.8.0-openjdk-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-devel-fastdebug

Package

Name: java-1.8.0-openjdk-devel-fastdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-devel-slowdebug

Package

Name: java-1.8.0-openjdk-devel-slowdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-fastdebug

Package

Name: java-1.8.0-openjdk-fastdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-headless

Package

Name: java-1.8.0-openjdk-headless

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-headless-fastdebug

Package

Name: java-1.8.0-openjdk-headless-fastdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-headless-slowdebug

Package

Name: java-1.8.0-openjdk-headless-slowdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-javadoc

Package

Name: java-1.8.0-openjdk-javadoc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-javadoc-zip

Package

Name: java-1.8.0-openjdk-javadoc-zip

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-slowdebug

Package

Name: java-1.8.0-openjdk-slowdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-src

Package

Name: java-1.8.0-openjdk-src

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-src-fastdebug

Package

Name: java-1.8.0-openjdk-src-fastdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0

AlmaLinux:9 / java-1.8.0-openjdk-src-slowdebug

Package

Name: java-1.8.0-openjdk-src-slowdebug

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.8.0.342.b07-1.el9_0