Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 8 MGASA-2021-0298 Moderate: Java-OpenJDK Security Update Details

mageia
Calendar Grey June 28, 2021
Dist Mageia Esm H88
Mageia 8 sec update MGASA-2021-0298 resolves critical java-openjdk issues and enhancements. Discover the details!
For java-1.8.0 ## Security fixes - JDK-8227467: Better class method invocations - JDK-8244473: Contextualize registration for JNDI - JDK-8244543: Enhanced handling of abstract cla...

Summary

For java-1.8.0 ## Security fixes - JDK-8227467: Better class method invocations - JDK-8244473: Contextualize registration for JNDI - JDK-8244543: Enhanced handling of abstract classes - JDK-8249906, CVE-2021-2163: Enhance opening JARs - JDK-8250568, CVE-2021-2161: Less ambiguous processing - JDK-8253799: Make lists of normal filenames ## Other significant changes - JDK-8236730: Weak Named Curves in TLS, CertPath, and Signed JAR Disabled by Default - JDK-8244286: Tools Warn If Weak Algorithms Are Used - JDK-8256490: Disable TLS 1.0 and 1.1 - JDK-8242147: New System Properties to Configure the TLS Signature Schemes - JDK-8177368: Several incorporation steps are silently failing when an error should be reported.
For java-11 ## Security fixes - JDK-8244473: Contextualize registration for JNDI - JDK-8244543: Enhanced handling of abstract classes - JDK-8249906, CVE-2021-2163: Enhance opening JARs - JDK-8250568, CVE-2021-2161: Less ambiguous processing - JDK-8253799: Make lists of nor...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=29145

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/

- https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA

- https://www.cve.org/CVERecord?id=CVE-2021-2161

- https://www.cve.org/CVERecord?id=CVE-2021-2163

Topics%20covered

Topics Covered

security advisory security fix TLS Java Mageia JNDI contextualization

Resolution

SRPMS

- 8/core/java-11-openjdk-11.0.11.0.9-0.1.mga8

- 8/core/copy-jdk-configs-4.0-1.mga8

- 8/core/java-1.8.0-openjdk-1.8.0.292.b10-1.1.mga8

Publication date: 28 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0298.html
Type: security
CVE: CVE-2021-2161, CVE-2021-2163

Topics%20covered

Topics Covered

security advisory security fix TLS Java Mageia JNDI contextualization

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here