Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE: 2023:3287-1 critical: Java-11-OpenJDK security issues

opensuse
Calendar Grey August 11, 2023
Dist Opensuse Esm H88
This crucial notification outlines necessary security enhancements for python-3.8, bolstering system defenses against vulnerabilities.
This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 (July 2023 CPU):

Description

This update for java-11-openjdk fixes the following issues:

Updated to jdk-11.0.20+8 (July 2023 CPU):

* CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473).

* CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474).

* CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475).

* CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479).

* CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481).

* CVE-2023-22049: Fixed vulnerability in the libraries component

(bsc#1213482).

* CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module

(bsc#1207922).

* JDK-8298676: Enhanced Look and Feel

* JDK-8300285: Enhance TLS data handling

* JDK-8300596: Enhance Jar Signature validation

* JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1

* JDK-8302475: Enhance HTTP client file downloading

* JDK-8302483: Enhance ZIP performance

* JDK-8303376: Better...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory critical issue update critical fix important fix security issues Java update system vulnerabilities openSUSE java-11-openjdk Java-11-OpenJDK

Patch

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation

methods like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch openSUSE-SLE-15.4-2023-3287=1

* openSUSE Leap 15.5

zypper in -t patch openSUSE-SLE-15.5-2023-3287=1

* Basesystem Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3287=1

* Basesystem Module 15-SP5

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3287=1

* SUSE Package Hub 15 15-SP4

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3287=1

* SUSE Package Hub 15 15-SP5

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3287=1

* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1

zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3287=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2

zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3287=1

*...

Read the Full Advisory

Package List

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)

* java-11-openjdk-demo-11.0.20.0-150000.3.99.1

* java-11-openjdk-src-11.0.20.0-150000.3.99.1

* java-11-openjdk-devel-11.0.20.0-150000.3.99.1

* java-11-openjdk-headless-11.0.20.0-150000.3.99.1

* java-11-openjdk-11.0.20.0-150000.3.99.1

* java-11-openjdk-jmods-11.0.20.0-150000.3.99.1

* openSUSE Leap 15.4 (noarch)

* java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)

* java-11-openjdk-demo-11.0.20.0-150000.3.99.1

* java-11-openjdk-src-11.0.20.0-150000.3.99.1

* java-11-openjdk-devel-11.0.20.0-150000.3.99.1

* java-11-openjdk-headless-11.0.20.0-150000.3.99.1

* java-11-openjdk-11.0.20.0-150000.3.99.1

* java-11-openjdk-jmods-11.0.20.0-150000.3.99.1

* openSUSE Leap 15.5 (noarch)

* java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1

* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)

* java-11-openjdk-demo-11.0.20.0-150000.3.99.1

* java-11-openjdk-headless-11.0.20.0-150000.3.99.1

*...

Read the Full Advisory

References

* #1207922

* #1213473

* #1213474

* #1213475

* #1213479

* #1213481

* #1213482

## References:

* https://www.suse.com/security/cve/CVE-2023-22006.html

* https://www.suse.com/security/cve/CVE-2023-22036.html

* https://www.suse.com/security/cve/CVE-2023-22041.html

* https://www.suse.com/security/cve/CVE-2023-22044.html

* https://www.suse.com/security/cve/CVE-2023-22045.html

* https://www.suse.com/security/cve/CVE-2023-22049.html

* https://www.suse.com/security/cve/CVE-2023-25193.html

* https://bugzilla.suse.com/show_bug.cgi?id=1207922

* https://bugzilla.suse.com/show_bug.cgi?id=1213473

* https://bugzilla.suse.com/show_bug.cgi?id=1213474

* https://bugzilla.suse.com/show_bug.cgi?id=1213475

* https://bugzilla.suse.com/show_bug.cgi?id=1213479

* https://bugzilla.suse.com/show_bug.cgi?id=1213481

* https://bugzilla.suse.com/show_bug.cgi?id=1213482

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3287-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical issue update critical fix important fix security issues Java update system vulnerabilities openSUSE java-11-openjdk Java-11-OpenJDK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here