Oracle Linux Security Advisory ELSA-2024-1825

http://linux.oracle.com/errata/ELSA-2024-1825.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm

aarch64:
java-17-openjdk-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//java-17-openjdk-17.0.11.0.9-2.0.1.el8.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21094




Description of changes:

[17.0.11.0.9-2.0.1]
- Add Oracle vendor bug URL

[1:17.0.11.0.9-2]
- Update to jdk-17.0.11+9 (GA)
- Add openjdk-17.0.11+9.tar.xz to .gitignore
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- Update buildver from 7 to 9
- Update portablerelease from 1 to 3
- Change is_ga from 0 to 1 to enable GA mode for release
- Update tzdata Requires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires fro 2023c to 2023d
- Update sources from openjdk-17.0.11+7-ea.tar.xz to openjdk-17.0.11+9.tar.xz
- Resolves: RHEL-27137
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **

[1:17.0.11.0.7-0.2.ea]
- Update to jdk-17.0.11+7 (EA)
- Sync java-17-openjdk-portable.specfile
- Sync java-17-openjdk-portable.specfile again to mention OPENJDK-2730
- Related: RHEL-27137

[1:17.0.11.0.6-0.2.ea]
- Update to jdk-17.0.11+6 (EA)
- Sync java-17-openjdk-portable.specfile
- Update buildjdkver to match the featurever
- Use featurever macro to specify fips patch
- Explain patchN syntax situation in a comment
- generate_source_tarball.sh: Fix whitespace
- generate_source_tarball.sh: Skip -ga tags
- generate_source_tarball.sh: Get -ea suffix from version-numbers.conf
- generate_source_tarball.sh: Use git archive to generate tarball
- generate_source_tarball.sh: Update version in comment
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Require tzdata 2023d (JDK-8322725)
- generate_source_tarball.sh: Add license
- openjdk_news.sh: Use grep -E instead of egrep
- Remove RH1649512 patch for libjpeg-turbo FAR macro
- Move pcsc-lite-libs patch to in-need-of-upstreaming section
- Related: RHEL-27137


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2024-1825: java-17-openjdk Moderate Security Advisory Updates

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[17.0.11.0.9-2.0.1] - Add Oracle vendor bug URL [1:17.0.11.0.9-2] - Update to jdk-17.0.11+9 (GA) - Add openjdk-17.0.11+9.tar.xz to .gitignore - Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8 - Update buildver from 7 to 9 - Update portablerelease from 1 to 3 - Change is_ga from 0 to 1 to enable GA mode for release - Update tzdata Requires comment to mention that 2024a is not yet in the buildroot - Update tzdata BuildRequires comment to mention that 2024a is not yet in the buildroot - Update tzdata BuildRequires fro 2023c to 2023d - Update sources from openjdk-17.0.11+7-ea.tar.xz to openjdk-17.0.11+9.tar.xz - Resolves: RHEL-27137 - ** This tarball is embargoed until 2024-04-16 @ 1pm PT. ** [1:17.0.11.0.7-0.2.ea] - Update to jdk-17.0.11+7 (EA) - Sync java-17-openjdk-portable.specfile - Sync java-17-openjdk-portable.specfile again to mention OPENJDK-2730 - Related: RHEL-27137 [1:17.0.11.0.6-0.2.ea] - Update to jdk-17.0.11+6 (EA) - Sync java-17-openjdk-portable.specfile - Update buildjdkver to match the featurever - Use featurever macro to specify fips patch - Explain patchN syntax situation in a comment - generate_source_tarball.sh: Fix whitespace - generate_source_tarball.sh: Skip -ga tags - generate_source_tarball.sh: Get -ea suffix from version-numbers.conf - generate_source_tarball.sh: Use git archive to generate tarball - generate_source_tarball.sh: Update version in comment - generate_source_tarball.sh: Remove trailing period in echo - generate_source_tarball.sh: Add indentation instructions for Emacs - Require tzdata 2023d (JDK-8322725) - generate_source_tarball.sh: Add license - openjdk_news.sh: Use grep -E instead of egrep - Remove RH1649512 patch for libjpeg-turbo FAR macro - Move pcsc-lite-libs patch to in-need-of-upstreaming section - Related: RHEL-27137

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates//java-17-openjdk-17.0.11.0.9-2.0.1.el8.src.rpm

x86_64

java-17-openjdk-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm

aarch64

java-17-openjdk-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm

i386

Severity
Related CVEs: CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094

Related News

2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved