Fedora 36: java-latest-openjdk 2023-43bce108c7 | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-43bce108c7
2023-02-05 01:52:43.638507
--------------------------------------------------------------------------------

Name        : java-latest-openjdk
Product     : Fedora 36
Version     : 19.0.2.0.7
Release     : 1.rolling.fc36
URL         : https://openjdk.java.net/
Summary     : OpenJDK 19 Runtime Environment
Description :
The OpenJDK 19 runtime environment.

--------------------------------------------------------------------------------
Update Information:

# New in release OpenJDK 19.0.2 (2023-01-17)  ## CVEs Fixed  * CVE-2023-21835 *
CVE-2023-21843  ## Security Fixes    - JDK-8286070: Improve UTF8 representation
- JDK-8286496: Improve Thread labels   - JDK-8287411: Enhance DTLS performance
- JDK-8288516: Enhance font creation   - JDK-8293554: Enhanced DH Key Exchanges
- JDK-8293598: Enhance InetAddress address handling   - JDK-8293717: Objective
view of ObjectView   - JDK-8293734: Improve BMP image handling   - JDK-8293742:
Better Banking of Sounds   - JDK-8295687: Better BMP bounds  ## Major Changes
### JDK-8295687: Better BMP bounds  Loading a linked ICC profile within a BMP
image is now disabled by default. To re-enable it, set the new system property
`sun.imageio.bmp.enabledLinkedProfiles` to `true`.  This new property replaces
the old property, `sun.imageio.plugins.bmp.disableLinkedProfiles`.  ###
JDK-8293742: Better Banking of Sounds  Previously, the SoundbankReader
implementation, `com.sun.media.sound.JARSoundbankReader`, would download a JAR
soundbank from a URL.  This behaviour is now disabled by default. To re-enable
it, set the new system property `jdk.sound.jarsoundbank` to `true`.  ###
JDK-8287411: Enhance DTLS performance  The JDK now exchanges DTLS cookies for
all handshakes, new and resumed. The previous behaviour can be re-enabled by
setting the new system property `jdk.tls.enableDtlsResumeCookie` to `false`.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 26 2023 Andrew Hughes  - 1:19.0.2.0.7-1.rolling
- Revert "Flip the use of in-tree libraries back on by default"
- The transition to bundled libraries is an F37 feature that should not be backported.
* Thu Jan 26 2023 Andrew Hughes  - 1:19.0.2.0.7-1.rolling
- Update to jdk-19.0.2 release
- Update release notes to 19.0.2
- Drop JDK-8293834 (CLDR update for Kyiv) which is now upstream
- Drop JDK-8294357 (tzdata2022d), JDK-8295173 (tzdata2022e) & JDK-8296108 (tzdata2022f) local patches which are now upstream
- Drop JDK-8296715 (CLDR update for 2022f) which is now upstream
- Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag
- Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases
* Thu Jan 19 2023 Fedora Release Engineering  - 1:19.0.1.0.10-3.rolling.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 16 2022 Andrew Hughes  - 1:19.0.1.0.10-3.rolling
- Update in-tree tzdata & CLDR to 2022g with JDK-8296108, JDK-8296715 & JDK-8297804
- Update TestTranslations.java to test the new America/Ciudad_Juarez zone
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-43bce108c7' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 36: java-latest-openjdk 2023-43bce108c7

February 5, 2023
# New in release OpenJDK 19.0.2 (2023-01-17) ## CVEs Fixed * CVE-2023-21835 * CVE-2023-21843 ## Security Fixes - JDK-8286070: Improve UTF8 representation - JDK-8286496: Improve Th...

Summary

The OpenJDK 19 runtime environment.

Update Information:

# New in release OpenJDK 19.0.2 (2023-01-17) ## CVEs Fixed * CVE-2023-21835 * CVE-2023-21843 ## Security Fixes - JDK-8286070: Improve UTF8 representation - JDK-8286496: Improve Thread labels - JDK-8287411: Enhance DTLS performance - JDK-8288516: Enhance font creation - JDK-8293554: Enhanced DH Key Exchanges - JDK-8293598: Enhance InetAddress address handling - JDK-8293717: Objective view of ObjectView - JDK-8293734: Improve BMP image handling - JDK-8293742: Better Banking of Sounds - JDK-8295687: Better BMP bounds ## Major Changes ### JDK-8295687: Better BMP bounds Loading a linked ICC profile within a BMP image is now disabled by default. To re-enable it, set the new system property `sun.imageio.bmp.enabledLinkedProfiles` to `true`. This new property replaces the old property, `sun.imageio.plugins.bmp.disableLinkedProfiles`. ### JDK-8293742: Better Banking of Sounds Previously, the SoundbankReader implementation, `com.sun.media.sound.JARSoundbankReader`, would download a JAR soundbank from a URL. This behaviour is now disabled by default. To re-enable it, set the new system property `jdk.sound.jarsoundbank` to `true`. ### JDK-8287411: Enhance DTLS performance The JDK now exchanges DTLS cookies for all handshakes, new and resumed. The previous behaviour can be re-enabled by setting the new system property `jdk.tls.enableDtlsResumeCookie` to `false`.

Change Log

* Thu Jan 26 2023 Andrew Hughes - 1:19.0.2.0.7-1.rolling - Revert "Flip the use of in-tree libraries back on by default" - The transition to bundled libraries is an F37 feature that should not be backported. * Thu Jan 26 2023 Andrew Hughes - 1:19.0.2.0.7-1.rolling - Update to jdk-19.0.2 release - Update release notes to 19.0.2 - Drop JDK-8293834 (CLDR update for Kyiv) which is now upstream - Drop JDK-8294357 (tzdata2022d), JDK-8295173 (tzdata2022e) & JDK-8296108 (tzdata2022f) local patches which are now upstream - Drop JDK-8296715 (CLDR update for 2022f) which is now upstream - Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag - Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases * Thu Jan 19 2023 Fedora Release Engineering - 1:19.0.1.0.10-3.rolling.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Dec 16 2022 Andrew Hughes - 1:19.0.1.0.10-3.rolling - Update in-tree tzdata & CLDR to 2022g with JDK-8296108, JDK-8296715 & JDK-8297804 - Update TestTranslations.java to test the new America/Ciudad_Juarez zone

References

Fedora Update Notification FEDORA-2023-43bce108c7 2023-02-05 01:52:43.638507 Name : java-latest-openjdk Product : Fedora 36 Version : 19.0.2.0.7 Release : 1.rolling.fc36 URL : https://openjdk.java.net/ Summary : OpenJDK 19 Runtime Environment Description : The OpenJDK 19 runtime environment.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-43bce108c7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : java-latest-openjdk
Product : Fedora 36
Version : 19.0.2.0.7
Release : 1.rolling.fc36
URL : https://openjdk.java.net/
Summary : OpenJDK 19 Runtime Environment

Related News

Vali Cyber Introduces SecurityPerf, Revolutionizing Linux Security

Ubuntu 20.04.6 LTS Released with Major Secure Boot Fix

Linux 6.3-rc3 Adding Protection From Malicious Guests Hammering AMD's Secure Processor

Fedora 10: The GNU/Linux Desktop Steps Forward

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy