Several security issues were fixed in OpenJDK.
Software Description:
- openjdk-8: Open Source Java implementation
- openjdk-lts: Open Source Java implementation
Details:
Varnavas Papaioannou discovered that the FTP client implementation in
OpenJDK accepted alternate server IP addresses when connecting with FTP
passive mode. An attacker controlling an FTP server that an application
connects to could possibly use this to expose sensitive information
(rudimentary port scans). This issue only affected Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2341)
Markus Loewe discovered that OpenJDK did not properly handle JAR files
containing multiple manifest files. An attacker could possibly use
this to bypass JAR signature verification. This issue only affected
Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
21.04. (CVE-2021-2369)
Huixin Ma discovered that the Hotspot VM in OpenJDK did not properly
perform range check elimination in so...
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: openjdk-11-jre 11.0.13+8-0ubuntu1~21.10 openjdk-11-jre-headless 11.0.13+8-0ubuntu1~21.10 openjdk-11-jre-zero 11.0.13+8-0ubuntu1~21.10 openjdk-8-jre 8u312-b07-0ubuntu1~21.10 openjdk-8-jre-headless 8u312-b07-0ubuntu1~21.10 openjdk-8-jre-zero 8u312-b07-0ubuntu1~21.10 Ubuntu 21.04: openjdk-11-jre 11.0.13+8-0ubuntu1~21.04 openjdk-11-jre-headless 11.0.13+8-0ubuntu1~21.04 openjdk-11-jre-zero 11.0.13+8-0ubuntu1~21.04 openjdk-8-jre 8u312-b07-0ubuntu1~21.04 openjdk-8-jre-headless 8u312-b07-0ubuntu1~21.04 openjdk-8-jre-zero 8u312-b07-0ubuntu1~21.04 Ubuntu 20.04 LTS: openjdk-11-jre 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-headless 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-zero 11.0.13+8-0ubuntu1~20.04 openjdk-8-jre 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-headless 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-zero 8u312-b07-0ubuntu1~20.04 Ubuntu 18.04 LTS: openjdk-11-jre 11.0.13+8-0ubuntu1~18.04 openjdk-11-jre-headless 11.0.13+8-0ubuntu1~18.04 openjdk-11-jre-zero 11.0.13+8-0ubuntu1~18.04 openjdk-8-jre 8u312-b07-0ubuntu1~18.04 openjdk-8-jre-headless 8u312-b07-0ubuntu1~18.04 openjdk-8-jre-zero 8u312-b07-0ubuntu1~18.04 Ubuntu 16.04 ESM: openjdk-8-jre 8u312-b07-0ubuntu1~16.04 openjdk-8-jre-headless 8u312-b07-0ubuntu1~16.04 openjdk-8-jre-zero 8u312-b07-0ubuntu1~16.04 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5202-1
CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-35550,
CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564,
CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586,
CVE-2021-35588, CVE-2021-35603
Get the latest Linux and open source security news straight to your inbox.