Oracle Linux Security Advisory ELSA-2023-5753

http://linux.oracle.com/errata/ELSA-2023-5753.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm

aarch64:
java-17-openjdk-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//java-17-openjdk-17.0.9.0.9-2.0.1.el9.src.rpm

Related CVEs:

CVE-2023-22025
CVE-2023-22081




Description of changes:

[1:17.0.9.0.9-2.0.1]
- Update to jdk-17.0.9+9 (GA)
- Update release notes to 17.0.9+9
- OpenJDK: memory corruption issue on x86_64 with AVX-512 (JDK-8317121) (CVE-2023-22025)
- OpenJDK: certificate path validation issue during client authentication (JDK-8309966) (CVE-2023-22081)
- OpenJDK: Additional zip64 files validation (JDK-8313765) (RHBZ#2237170)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2023-5753: java-17-openjdk Moderate Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1:17.0.9.0.9-2.0.1] - Update to jdk-17.0.9+9 (GA) - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x86_64 with AVX-512 (JDK-8317121) (CVE-2023-22025) - OpenJDK: certificate path validation issue during client authentication (JDK-8309966) (CVE-2023-22081) - OpenJDK: Additional zip64 files validation (JDK-8313765) (RHBZ#2237170)

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates//java-17-openjdk-17.0.9.0.9-2.0.1.el9.src.rpm

x86_64

java-17-openjdk-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-demo-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-devel-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-headless-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-javadoc-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-javadoc-zip-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-jmods-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-src-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-static-libs-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-demo-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-demo-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-devel-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-devel-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-headless-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-headless-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-jmods-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-jmods-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-src-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-src-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-static-libs-fastdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm java-17-openjdk-static-libs-slowdebug-17.0.9.0.9-2.0.1.el9.x86_64.rpm

aarch64

java-17-openjdk-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-demo-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-devel-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-headless-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-javadoc-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-javadoc-zip-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-jmods-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-src-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-static-libs-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-demo-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-demo-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-devel-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-devel-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-headless-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-headless-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-jmods-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-jmods-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-src-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-src-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-static-libs-fastdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm java-17-openjdk-static-libs-slowdebug-17.0.9.0.9-2.0.1.el9.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-22025 CVE-2023-22081