Debian LTS: DLA-2737-1: openjdk-8 security update | LinuxSecurity.com

Advisories

-------------------------------------------------------------------------
Debian LTS Advisory DLA-2737-1                [email protected]
https://www.debian.org/lts/security/                  Roberto C. Sánchez
August 09, 2021                               https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : openjdk-8
Version        : 8u302-b08-1~deb9u1
CVE ID         : CVE-2021-2341 CVE-2021-2369 CVE-2021-2388

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in bypass of sandbox restrictions, incorrect validation of
signed Jars or information disclosure.

Thanks to Thorsten Glaser and ⮡ tarent for contributing the updated
packages to address these vulnerabilities.

For Debian 9 stretch, these problems have been fixed in version
8u302-b08-1~deb9u1.

We recommend that you upgrade your openjdk-8 packages.

For the detailed security status of openjdk-8 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-8

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-2737-1: openjdk-8 security update

August 9, 2021
Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in bypass of sandbox restrictions, incorrect validation of signed Jars or information disclosure

Summary

Severity
Package : openjdk-8
Version : 8u302-b08-1~deb9u1
CVE ID : CVE-2021-2341 CVE-2021-2369 CVE-2021-2388

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.