Mageia: 2021-0542 Moderate: OpenJDK Java Security Fixes

mageia

December 8, 2021

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit

Summary

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565) OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567) OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550) OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556) OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559) OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561) OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564) OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578) OpenJDK: Excessive memory al......

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=29590

- https://access.redhat.com/errata/RHSA-2021:3893

- https://access.redhat.com/errata/RHSA-2021:3891

- https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixJAVA

- https://www.cve.org/CVERecord?id=CVE-2021-35550

- https://www.cve.org/CVERecord?id=CVE-2021-35556

- https://www.cve.org/CVERecord?id=CVE-2021-35559

- https://www.cve.org/CVERecord?id=CVE-2021-35561

- https://www.cve.org/CVERecord?id=CVE-2021-35564

- https://www.cve.org/CVERecord?id=CVE-2021-35565

- https://www.cve.org/CVERecord?id=CVE-2021-35567

- https://www.cve.org/CVERecord?id=CVE-2021-35578

- https://www.cve.org/CVERecord?id=CVE-2021-35586

- https://www.cve.org/CVERecord?id=CVE-2021-35588

- https://www.cve.org/CVERecord?id=CVE-2021-35603

Topics Covered

security advisory TLS Java OpenJDK Security Fix Mageia Weak Ciphers

Resolution

SRPMS

- 8/core/java-1.8.0-openjdk-1.8.0.312.b07-2.1.mga8

- 8/core/java-11-openjdk-11.0.13.0.8-2.1.mga8

Severity

important

Lowest

Low

Medium

High

Critical

Publication date: 08 Dec 2021

URL: https://advisories.mageia.org/MGASA-2021-0542.html

Type: security

CVE: CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603

Topics Covered

security advisory TLS Java OpenJDK Security Fix Mageia Weak Ciphers

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2021-0542 Moderate: OpenJDK Java Security Fixes

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2021-0542 Moderate: OpenJDK Java Security Fixes

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!