Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

openSUSE Leap 15.4/15.5 Important: Java-1_8_0-Openj9 Update Security Fixes

opensuse
Calendar Grey August 14, 2023
Dist Opensuse Esm H88
Keep up to date with the essential patch for java-1_8_0-openj9 that resolves various concerns aimed at boosting both security and efficiency.
This update for java-1_8_0-openj9 fixes the following issues: Update to OpenJDK 8u372 build 07 with OpenJ9 0.38.0 virtual machine.

Description

This update for java-1_8_0-openj9 fixes the following issues:

Update to OpenJDK 8u372 build 07 with OpenJ9 0.38.0 virtual machine.

CVE-2023-21930: Unauthenticated attacker with network access via TLS to

compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1210628).

CVE-2023-21937: Fixed vulnerability in the Oracle Java SE, Oracle GraalVM

Enterprise Edition product of Oracle Java SE (component: Networking).

(bsc#1210631). CVE-2023-21938: Fixed vulnerability in the Oracle Java SE, Oracle

GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).

(bsc#1210632). CVE-2023-21939: Fixed vulnerability in the Oracle Java SE, Oracle

GraalVM Enterprise Edition product of Oracle Java SE (component: Swing).

(bsc#1210634). CVE-2023-21954: Fixed vulnerability in the Oracle Java SE, Oracle

GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).

(bsc#1210635). CVE-2023-21967: Fixed vulnerability in the Oracle Java SE, Oracle

GraalVM Enterprise...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue buffer overflow important important fix Java update openSUSE TLS issue java-1_8_0-openj9 Oracle patch

Patch

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation

methods like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch openSUSE-SLE-15.4-2023-3305=1

* openSUSE Leap 15.5

zypper in -t patch openSUSE-SLE-15.5-2023-3305=1

* SUSE Package Hub 15 15-SP5

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3305=1

Package List

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)

* java-1_8_0-openj9-accessibility-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-debuginfo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-devel-debuginfo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-demo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-debugsource-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-demo-debuginfo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-headless-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-devel-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-headless-debuginfo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-src-1.8.0.372-150200.3.33.2

* openSUSE Leap 15.4 (noarch)

* java-1_8_0-openj9-javadoc-1.8.0.372-150200.3.33.2

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)

* java-1_8_0-openj9-accessibility-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-debuginfo-1.8.0.372-150200.3.33.2

* java-1_8_0-openj9-devel-debuginfo-1.8.0.372-150200.3.33.2

*...

Read the Full Advisory

References

* #1210628

* #1210631

* #1210632

* #1210634

* #1210635

* #1210636

* #1210637

* #1211615

## References:

* https://www.suse.com/security/cve/CVE-2023-21930.html

* https://www.suse.com/security/cve/CVE-2023-21937.html

* https://www.suse.com/security/cve/CVE-2023-21938.html

* https://www.suse.com/security/cve/CVE-2023-21939.html

* https://www.suse.com/security/cve/CVE-2023-21954.html

* https://www.suse.com/security/cve/CVE-2023-21967.html

* https://www.suse.com/security/cve/CVE-2023-21968.html

* https://www.suse.com/security/cve/CVE-2023-2597.html

* https://bugzilla.suse.com/show_bug.cgi?id=1210628

* https://bugzilla.suse.com/show_bug.cgi?id=1210631

* https://bugzilla.suse.com/show_bug.cgi?id=1210632

* https://bugzilla.suse.com/show_bug.cgi?id=1210634

* https://bugzilla.suse.com/show_bug.cgi?id=1210635

* https://bugzilla.suse.com/show_bug.cgi?id=1210636

* https://bugzilla.suse.com/show_bug.cgi?id=1210637

* https://bugzilla.suse.com/show_bug.cgi?id=1211615

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3305-1
Rating: important

Topics%20covered

Topics Covered

security advisory security issue buffer overflow important important fix Java update openSUSE TLS issue java-1_8_0-openj9 Oracle patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here