CLSA-2023-1703610997

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2023-1703610997
Upstream
  • CVE-2022-40433
  • CVE-2023-22067
Published
2023-12-26T17:16:45Z
Modified
2026-06-04T10:03:16.701981361Z
Summary
Fix of 5 CVEs
Details
  • Backport upstream releases 8u392 to 18.04 LTS
  • CVEs fixed in 8u392:
    • CVE-2023-22067: IOR deserialization issue in CORBA
    • CVE-2023-22081: Certificate path validation issue
  • CVEs fixed in 8u382:
    • CVE-2023-22045: OpenJDK incorrectly handled array accesses.
    • CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings.
  • Drop applied CVE-2022-40433.patch (changes are already in the sources)
References

Affected packages

TuxCare:Ubuntu:18.04
openjdk-8-demo

Package

Name
openjdk-8-demo
Purl
pkg:deb/tuxcare/openjdk-8-demo?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-doc

Package

Name
openjdk-8-doc
Purl
pkg:deb/tuxcare/openjdk-8-doc?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-jdk

Package

Name
openjdk-8-jdk
Purl
pkg:deb/tuxcare/openjdk-8-jdk?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-jdk-headless

Package

Name
openjdk-8-jdk-headless
Purl
pkg:deb/tuxcare/openjdk-8-jdk-headless?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-jre

Package

Name
openjdk-8-jre
Purl
pkg:deb/tuxcare/openjdk-8-jre?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-jre-headless

Package

Name
openjdk-8-jre-headless
Purl
pkg:deb/tuxcare/openjdk-8-jre-headless?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-jre-zero

Package

Name
openjdk-8-jre-zero
Purl
pkg:deb/tuxcare/openjdk-8-jre-zero?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"
openjdk-8-source

Package

Name
openjdk-8-source
Purl
pkg:deb/tuxcare/openjdk-8-source?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703610997.json"