Oracle Linux Security Advisory ELSA-2023-0208 https://linux.oracle.com/errata/ELSA-2023-0208.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm aarch64: java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm SRPMS: https://oss.oracle.com/ol8/SRPMS-updates//java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm Related CVEs: CVE-2023-21830 CVE-2023-21843 Description of changes: [1:1.8.0.362.b09-2] - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 (GA) - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz#2163595 [1:1.8.0.362.b08-2] - Update to shenandoah-jdk8u352-b08 (GA) - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes in older releases. - Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete - Patch was broken by inclusion of "JDK-8293554: Enhanced DH Key Exchanges" - Patch was added for a specific corner case of a 4096-bit DH key on a Fedora host that no longer exists - Fedora now appears to be using RSA and the JDK now supports ECC in preference to large DH keys - Resolves: rhbz#2160111 [1:1.8.0.362.b07-0.2.ea] - Update to shenandoah-jdk8u362-b07 (EA) - Update release notes for shenandoah-8u362-b07. - Switch to EA mode for 8u362 pre-release builds. - Drop JDK-8195607/PR3776/RH1760437 now this is upstream - Require tzdata 2022g due to inclusion of JDK-8296108, JDK-8296715 & JDK-8297804 - Drop tzdata patches for 2022d & 2022e (JDK-8294357 & JDK-8295173) which are now upstream - Update TestTranslations.java to test the new America/Ciudad_Juarez zone - Drop JDK-8255559/RH2124390 patch which is now upstream - Resolves: rhbz#2159910 [1:1.8.0.352.b08-3] - Add backport of JDK-8255559 to fix file descriptor leak in XML code - Resolves: rhbz#2139705 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata