CLSA-2024-1706696899

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1706696899
Upstream
  • CVE-2023-22067
Published
2024-01-31T10:28:23Z
Modified
2026-06-01T00:33:22.164561718Z
Summary
java-1.8.0-openjdk: Fix of 8 CVEs
Details
  • Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs:
  • CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
  • CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
  • CVE-2024-20921: Range check loop optimization issue
  • CVE-2024-20926: Arbitrary Java code execution in Nashorn
  • CVE-2024-20945: Logging of digital signature private keys
  • CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
  • CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392)
  • CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392)
  • Adapt pr2462 patch to the new sources
References

Affected packages

TuxCare:CentOS:8.5
java-1.8.0-openjdk

Package

Name
java-1.8.0-openjdk
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-accessibility

Package

Name
java-1.8.0-openjdk-accessibility
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-accessibility-fastdebug

Package

Name
java-1.8.0-openjdk-accessibility-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-accessibility-slowdebug

Package

Name
java-1.8.0-openjdk-accessibility-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-accessibility-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-demo

Package

Name
java-1.8.0-openjdk-demo
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-demo-fastdebug

Package

Name
java-1.8.0-openjdk-demo-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-demo-slowdebug

Package

Name
java-1.8.0-openjdk-demo-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-devel

Package

Name
java-1.8.0-openjdk-devel
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-devel-fastdebug

Package

Name
java-1.8.0-openjdk-devel-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-devel-slowdebug

Package

Name
java-1.8.0-openjdk-devel-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-fastdebug

Package

Name
java-1.8.0-openjdk-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-headless

Package

Name
java-1.8.0-openjdk-headless
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-headless-fastdebug

Package

Name
java-1.8.0-openjdk-headless-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-headless-slowdebug

Package

Name
java-1.8.0-openjdk-headless-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-javadoc

Package

Name
java-1.8.0-openjdk-javadoc
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-javadoc-zip

Package

Name
java-1.8.0-openjdk-javadoc-zip
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc-zip?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-slowdebug

Package

Name
java-1.8.0-openjdk-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-src

Package

Name
java-1.8.0-openjdk-src
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-src-fastdebug

Package

Name
java-1.8.0-openjdk-src-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src-fastdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"
java-1.8.0-openjdk-src-slowdebug

Package

Name
java-1.8.0-openjdk-src-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src-slowdebug?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.402.b06-1.el8.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1706696899.json"