CLSA-2023-1689009395

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2023-1689009395
Upstream
Published
2023-07-10T17:16:50Z
Modified
2026-06-04T10:03:24.106497738Z
Summary
Fix of 9 CVEs
Details
  • Backport upstream releases 8u372 to 16.04 LTS
  • CVEs fixed in 8u372:
    • CVE-2023-21930: Improper connection handling during TLS handshake
    • CVE-2023-21937: Missing string checks for NULL characters
    • CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder
    • CVE-2023-21939: Swing HTML parsing issue
    • CVE-2023-21954: Incorrect enqueue of references in garbage collector
    • CVE-2023-21967: Certificate validation issue in TLS session negotiation
    • CVE-2023-21968: Missing check for slash characters in URI-to-path conversion
  • CVEs fixed in 8u362:
    • CVE-2023-21830: Improper restrictions in CORBA deserialization
    • CVE-2023-21843: Soundbank URL remote loading
  • debian/rules: remove IcedTeaPlugin.so reference (LP: #2016396)
  • debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre is set up
  • Drop applied jdk8u-get-datetime-string.patch
References

Affected packages

TuxCare:Ubuntu:16.04
openjdk-8-demo

Package

Name
openjdk-8-demo
Purl
pkg:deb/tuxcare/openjdk-8-demo?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-doc

Package

Name
openjdk-8-doc
Purl
pkg:deb/tuxcare/openjdk-8-doc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jdk

Package

Name
openjdk-8-jdk
Purl
pkg:deb/tuxcare/openjdk-8-jdk?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jdk-headless

Package

Name
openjdk-8-jdk-headless
Purl
pkg:deb/tuxcare/openjdk-8-jdk-headless?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jre

Package

Name
openjdk-8-jre
Purl
pkg:deb/tuxcare/openjdk-8-jre?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jre-headless

Package

Name
openjdk-8-jre-headless
Purl
pkg:deb/tuxcare/openjdk-8-jre-headless?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jre-jamvm

Package

Name
openjdk-8-jre-jamvm
Purl
pkg:deb/tuxcare/openjdk-8-jre-jamvm?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-jre-zero

Package

Name
openjdk-8-jre-zero
Purl
pkg:deb/tuxcare/openjdk-8-jre-zero?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"
openjdk-8-source

Package

Name
openjdk-8-source
Purl
pkg:deb/tuxcare/openjdk-8-source?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u372-ga-0ubuntu1~16.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1689009395.json"