Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
OracleLinux
ELSA-2023-4159
History
Jul 26, 2023 - 12:00 a.m.
java-17-openjdk security and bug fix update
Vulners
Oraclelinux
java-17-openjdk security and bug fix update
2023-07-26
00:00:00
linux.oracle.com
57
openjdk
security update
zip
aes
uri-to-path
http client
array indexing.
0.002 Low
EPSS
Percentile
56.7%
JSON
[1:17.0.8.0.7-2.0.1]
OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036)
OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041)
OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049)
harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193)
OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006)
OpenJDK: modulo operator array indexing issue (8304460) (CVE-2023-22044)
OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045)
Add Oracle vendor bug URL [Orabug: 34340155]
[1:17.0.8.0.6-0.1.ea]
Update to jdk-17.0.8+6 (EA)
Sync the copy of the portable specfile with the latest update
Resolves: rhbz#2217716
[1:17.0.8.0.1-0.1.ea]
Update to jdk-17.0.8+1 (EA)
Update release notes to 17.0.8+1
Switch to EA mode
Drop local inclusion of JDK-8274864 & JDK-8305113 as they are included in 17.0.8+1
Bump bundled LCMS version to 2.15 as in jdk-17.0.8+1.
Bump bundled HarfBuzz version to 7.0.1 as in jdk-17.0.8+1
Use tapsets from the misc tarball
Introduce ‘prelease’ for the portable release versioning, to handle EA builds
Make sure root installation directory is created first
Use in-place substitution for all but the first of the tapset changes
Related: rhbz#2217716
[1:17.0.7.0.7-4]
Introduce vm_variant global for consistency with future JDK builds
Related: rhbz#2203412
[1:17.0.7.0.7-4]
Exclude classes_nocoops.jsa on i686 and arm32
Related: rhbz#2203412
[1:17.0.7.0.7-4]
Following JDK-8005165, class data sharing can be enabled on all JIT architectures
Related: rhbz#2203412
[1:17.0.7.0.7-4]
Fix packaging of CDS archives
Resolves: rhbz#2203412
Affected Package
OS
Version
Architecture
Package
Version
Filename
oracle linux
8
src
java-17-openjdk
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-17.0.8.0.7-2.0.1.el8.src.rpm
oracle linux
8
aarch64
java-17-openjdk
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-demo
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-demo-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-demo-fastdebug
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-demo-fastdebug-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-demo-slowdebug
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-demo-slowdebug-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-devel
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-devel-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-devel-fastdebug
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-devel-fastdebug-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-devel-slowdebug
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-devel-slowdebug-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-fastdebug
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-fastdebug-17.0.8.0.7-2.0.1.el8.aarch64.rpm
oracle linux
8
aarch64
java-17-openjdk-headless
< 17.0.8.0.7-2.0.1.el8
java-17-openjdk-headless-17.0.8.0.7-2.0.1.el8.aarch64.rpm
Rows per page:
10
1-10 of 48
1
Related
nessus 65
osv 13
openvas 24
redhat 30
oraclelinux 7
ubuntu 3
almalinux 6
debian 3
amazon 2
kaspersky 1
ibm 38
mageia 1
cloudlinux 1
rocky 2
f5 1
debiancve 1
cvelist 1
nessus
nessus
65
RHEL 8 : java-17-openjdk (RHSA-2023:4171)
2023-07-20 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : OpenJDK vulnerabilities (USN-6263-1)
2023-07-31 00:00:00
RHEL 9 : java-17-openjdk (RHSA-2023:4169)
2023-07-20 00:00:00
osv
osv
13
Moderate: java-17-openjdk security and bug fix update
2023-07-20 00:00:00
openjdk-lts, openjdk-17 regression
2023-08-30 10:45:56
openjdk-8, openjdk-lts, openjdk-17 vulnerabilities
2023-08-01 07:53:27
openvas
openvas
24
Ubuntu: Security Advisory (USN-6272-1)
2023-08-04 00:00:00
openSUSE: Security Advisory for java (SUSE-SU-2023:3023-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2990-1)
2023-07-27 00:00:00
redhat
redhat
30
(RHSA-2023:4169) Moderate: java-17-openjdk security update
2023-07-19 16:35:44
(RHSA-2023:4211) Moderate: OpenJDK 17.0.8 Security Update for Windows Builds
2023-07-20 11:59:16
(RHSA-2023:4210) Moderate: OpenJDK 17.0.8 Security Update for Portable Linux Builds
2023-07-20 11:59:21
oraclelinux
oraclelinux
7
java-17-openjdk security and bug fix update
2023-07-28 00:00:00
java-11-openjdk security and bug fix update
2023-07-28 00:00:00
java-11-openjdk security and bug fix update
2023-07-21 00:00:00
ubuntu
ubuntu
OpenJDK regression
2023-08-30 00:00:00
OpenJDK vulnerabilities
2023-08-01 00:00:00
OpenJDK 20 vulnerabilities
2023-08-03 00:00:00
almalinux
almalinux
6
Moderate: java-17-openjdk security and bug fix update
2023-07-20 00:00:00
Moderate: java-11-openjdk security and bug fix update
2023-07-20 00:00:00
Moderate: java-17-openjdk security and bug fix update
2023-07-20 00:00:00
debian
debian
[SECURITY] [DSA 5458-1] openjdk-17 security update
2023-07-25 18:52:56
[SECURITY] [DSA 5478-1] openjdk-11 security update
2023-08-16 18:26:38
[SECURITY] [DLA 3571-1] openjdk-11 security update
2023-09-19 07:45:23
amazon
amazon
Medium: java-17-amazon-corretto
2023-07-17 17:39:00
Medium: java-11-amazon-corretto
2023-07-17 17:39:00
kaspersky
kaspersky
KLA51006 Multiple vulnerabilities in Oracle Java SE and GraalVM
2023-07-18 00:00:00
ibm
ibm
38
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-22036, CVE-2023-22006, CVE-2023-22041, CVE-2023-22049 and CVE-2023-22045)
2024-04-09 19:59:29
Security Bulletin: Multiple security vulnerabilities in Java affect IBM Robotic Process Automation
2023-11-22 20:50:55
Security Bulletin: IBM Operational Decision Manager September 2023 - Multiple CVEs addressed
2023-09-28 07:41:45
mageia
mageia
Updated java packages fix security vulnerabilities
2023-09-30 22:15:40
cloudlinux
cloudlinux
java-1.8.0-openjdk: Fix of 2 CVEs
2023-08-03 16:57:30
rocky
rocky
java-1.8.0-openjdk security and bug fix update
2023-08-08 12:34:57
java-1.8.0-openjdk security and bug fix update
2023-08-08 12:34:39
f5
f5
K000135718 : OpenJDK vulnerabilities CVE-2023-22006, CVE-2023-22043, and CVE-2023-22045
2023-08-03 00:00:00
debiancve
debiancve
CVE-2023-22044
2023-07-18 21:15:14
cvelist
cvelist
CVE-2023-22044
2023-07-18 20:18:28
0.002 Low
EPSS
Percentile
56.7%
JSON
Related for ELSA-2023-4159
nessus
65
osv
13
openvas
24
redhat
30
oraclelinux
7
ubuntu
3
almalinux
6
debian
3
amazon
2
kaspersky
1
ibm
38
mageia
1
cloudlinux
1
rocky
2
f5
1
debiancve
1
cvelist
1