Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
OracleLinux
ELSA-2022-5736
History
Jul 28, 2022 - 12:00 a.m.
java-17-openjdk security, bug fix, and enhancement update
Vulners
Oraclelinux
java-17-openjdk security, bug fix, and enhancement update
2022-07-28
00:00:00
linux.oracle.com
28
0.002 Low
EPSS
Percentile
53.4%
JSON
[1:17.0.4.0.8-0.2.ea]
Revert the following changes until copy-java-configs has adapted to relative symlinks:
Move cacerts replacement to install section and retain original of this and tzdb.dat
Run tests on the installed image, rather than the build image
Introduce variables to refer to the static library installation directories
Use relative symlinks so they work within the image
Run debug symbols check during build stage, before the install strips them
The move of turning on system security properties is retained so we don’t ship with them off
Related: rhbz#2084779
[1:17.0.4.0.8-1]
Update to jdk-17.0.4.0+8
Update release notes to 17.0.4.0+8
Need to include the ‘.S’ suffix in debuginfo checks after JDK-8284661
Print release file during build, which should now include a correct SOURCE value from .src-rev
Update tarball script with IcedTea GitHub URL and .src-rev generation
Include script to generate bug list for release notes
Update tzdata requirement to 2022a to match JDK-8283350
Move EA designator check to prep so failures can be caught earlier
Make EA designator check non-fatal while upstream is not maintaining it
Explicitly require crypto-policies during build and runtime for system security properties
Make use of the vendor version string to store our version & release rather than an upstream release date
Include a test in the RPM to check the build has the correct vendor information.
Rebase FIPS patches from fips-17u branch and simplify by using a single patch from that repository
RH2094027: SunEC runtime permission for FIPS
RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
RH2090378: Revert to disabling system security properties and FIPS mode support together
Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
Enable system security properties in the RPM (now disabled by default in the FIPS repo)
Improve security properties test to check both enabled and disabled behaviour
Run security properties test with property debugging on
Turn on system security properties as part of the build’s install section
Move cacerts replacement to install section and retain original of this and tzdb.dat
Run tests on the installed image, rather than the build image
Introduce variables to refer to the static library installation directories
Use relative symlinks so they work within the image
Run debug symbols check during build stage, before the install strips them
Resolves: rhbz#2084779
Resolves: rhbz#2099919
Resolves: rhbz#2107943
Resolves: rhbz#2107941
Resolves: rhbz#2106523
[1:17.0.4.0.1-0.2.ea]
Fix issue where CheckVendor.java test erroneously passes when it should fail.
Add proper quoting so ‘&’ is not treated as a special character by the shell.
Related: rhbz#2084779
[1:17.0.3.0.7-2]
RH2007331: SecretKey generate/import operations don’t add the CKA_SIGN attribute in FIPS mode
Resolves: rhbz#2105395
Affected Package
OS
Version
Architecture
Package
Version
Filename
oracle linux
9
src
java-17-openjdk
< 17.0.4.0.8-2.el9_0
java-17-openjdk-17.0.4.0.8-2.el9_0.src.rpm
oracle linux
9
aarch64
java-17-openjdk
< 17.0.4.0.8-2.el9_0
java-17-openjdk-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-demo
< 17.0.4.0.8-2.el9_0
java-17-openjdk-demo-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-demo-fastdebug
< 17.0.4.0.8-2.el9_0
java-17-openjdk-demo-fastdebug-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-demo-slowdebug
< 17.0.4.0.8-2.el9_0
java-17-openjdk-demo-slowdebug-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-devel
< 17.0.4.0.8-2.el9_0
java-17-openjdk-devel-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-devel-fastdebug
< 17.0.4.0.8-2.el9_0
java-17-openjdk-devel-fastdebug-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-devel-slowdebug
< 17.0.4.0.8-2.el9_0
java-17-openjdk-devel-slowdebug-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-fastdebug
< 17.0.4.0.8-2.el9_0
java-17-openjdk-fastdebug-17.0.4.0.8-2.el9_0.aarch64.rpm
oracle linux
9
aarch64
java-17-openjdk-headless
< 17.0.4.0.8-2.el9_0
java-17-openjdk-headless-17.0.4.0.8-2.el9_0.aarch64.rpm
Rows per page:
10
1-10 of 48
1
Related
nessus 69
suse 4
openvas 33
amazon 4
redhat 21
osv 12
kaspersky 1
oraclelinux 7
rocky 3
almalinux 5
fedora 8
debian 2
altlinux 1
redos 1
broadcom 1
ibm 20
f5 1
cloudlinux 1
centos 2
rosalinux 1
ubuntu 2
nessus
nessus
69
SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2022:2898-1)
2022-08-26 00:00:00
Amazon Linux 2022 : (ALAS2022-2022-121)
2022-09-06 00:00:00
Amazon Linux 2022 : (ALAS2022-2022-113)
2022-09-06 00:00:00
suse
suse
4
Security update for java-1_8_0-ibm (important)
2022-08-31 00:00:00
Security update for java-17-openjdk (important)
2022-08-03 00:00:00
Security update for java-11-openjdk (important)
2022-08-09 00:00:00
openvas
openvas
33
SUSE: Security Advisory (SUSE-SU-2022:2898-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-5192-1)
2022-07-28 00:00:00
Fedora: Security Advisory for java-17-openjdk (FEDORA-2022-64431bccec)
2022-08-04 00:00:00
amazon
amazon
4
Important: java-17-amazon-corretto
2022-07-19 01:19:00
Important: java-11-amazon-corretto
2022-07-19 01:18:00
Important: java-1.8.0-openjdk
2022-09-01 21:09:00
redhat
redhat
21
(RHSA-2022:5757) Important: OpenJDK 17.0.4 security update for Windows Builds
2022-07-28 15:42:22
(RHSA-2022:5758) Important: OpenJDK 17.0.4 Security Update for Portable Linux Builds
2022-07-28 15:42:33
(RHSA-2022:5726) Important: java-17-openjdk security, bug fix, and enhancement update
2022-07-26 17:15:53
osv
osv
12
Important: java-17-openjdk security, bug fix, and enhancement update
2022-07-26 17:15:53
Important: java-17-openjdk security, bug fix, and enhancement update
2022-07-27 00:00:00
openjdk-17 - security update
2022-07-26 00:00:00
kaspersky
kaspersky
KLA12588 Multiple vulnerabilities in Oracle Java SE and GraalVM
2022-07-19 00:00:00
oraclelinux
oraclelinux
7
java-17-openjdk security, bug fix, and enhancement update
2022-07-27 00:00:00
java-1.8.0-openjdk security, bug fix, and enhancement update
2022-07-25 00:00:00
java-1.8.0-openjdk security, bug fix, and enhancement update
2022-07-25 00:00:00
rocky
rocky
java-17-openjdk security, bug fix, and enhancement update
2022-07-26 17:15:53
java-1.8.0-openjdk security, bug fix, and enhancement update
2022-07-25 13:45:21
java-11-openjdk security, bug fix, and enhancement update
2022-07-21 13:41:28
almalinux
almalinux
5
Important: java-17-openjdk security, bug fix, and enhancement update
2022-07-27 00:00:00
Important: java-1.8.0-openjdk security, bug fix, and enhancement update
2022-07-25 00:00:00
Important: java-11-openjdk security, bug fix, and enhancement update
2022-07-25 00:00:00
fedora
fedora
8
[SECURITY] Fedora 36 Update: java-17-openjdk-17.0.4.0.8-1.fc36
2022-07-28 01:28:22
[SECURITY] Fedora 35 Update: java-17-openjdk-17.0.4.0.8-1.fc35
2022-08-03 01:49:33
[SECURITY] Fedora 35 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc35
2022-08-03 01:49:31
debian
debian
[SECURITY] [DSA 5192-1] openjdk-17 security update
2022-07-26 20:13:06
[SECURITY] [DSA 5188-1] openjdk-11 security update
2022-07-22 20:58:41
altlinux
altlinux
Security fix for the ALT Linux 10 package java-11-openjdk version 0:11.0.16.0.8-alt1_1jpp11
2022-08-05 00:00:00
redos
redos
ROS-20240522-05
2024-05-22 00:00:00
broadcom
broadcom
Oracle Java SE Multiple Vulnerabilities (July 2022 CPU update) CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-25647 CVE-2022-34169
2023-08-29 00:00:00
ibm
ibm
20
Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2022-10-11 15:36:52
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility
2022-09-22 14:50:48
Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime
2022-09-07 10:52:48
f5
f5
K85932552 : OpenJDK vulnerabilities CVE-2022-21540, CVE-2022-21541, and CVE-2022-21549
2022-08-17 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540
2022-08-04 18:46:36
centos
centos
java security update
2022-08-02 19:14:32
java security update
2022-08-02 19:13:38
rosalinux
rosalinux
Advisory ROSA-SA-2023-2138
2023-04-04 15:18:16
ubuntu
ubuntu
OpenJDK 8 vulnerabilities
2022-08-04 00:00:00
OpenJDK vulnerabilities
2022-08-04 00:00:00
0.002 Low
EPSS
Percentile
53.4%
JSON
Related for ELSA-2022-5736
nessus
69
suse
4
openvas
33
amazon
4
redhat
21
osv
12
kaspersky
1
oraclelinux
7
rocky
3
almalinux
5
fedora
8
debian
2
altlinux
1
redos
1
broadcom
1
ibm
20
f5
1
cloudlinux
1
centos
2
rosalinux
1
ubuntu
2