Ubuntu 22.10: 5719-1 Critical: OpenJDK DoS And Spoofing Attacks
ubuntu
November 9, 2022
Several security issues were fixed in OpenJDK.
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: openjdk-11-jdk 11.0.17+8-1ubuntu2 openjdk-11-jre 11.0.17+8-1ubuntu2 openjdk-11-jre-headless 11.0.17+8-1ubuntu2 openjdk-11-jre-zero 11.0.17+8-1ubuntu2 openjdk-17-jdk 17.0.5+8-2ubuntu1 openjdk-17-jre 17.0.5+8-2ubuntu1 openjdk-17-jre-headless 17.0.5+8-2ubuntu1 openjdk-17-jre-zero 17.0.5+8-2ubuntu1 openjdk-19-jdk 19.0.1+10-1 openjdk-19-jre 19.0.1+10-1 openjdk-19-jre-headless 19.0.1+10-1 openjdk-19-jre-zero 19.0.1+10-1 openjdk-8-jdk 8u352-ga-1~22.10 openjdk-8-jre 8u352-ga-1~22.10 openjdk-8-jre-headless 8u352-ga-1~22.10 openjdk-8-jre-zero 8u352-ga-1~22.10 Ubuntu 22.04 LTS: openjdk-11-jdk 11.0.17+8-1ubuntu2~22.04 openjdk-11-jre 11.0.17+8-1ubuntu2~22.04 openjdk-11-jre-headless 11.0.17+8-1ubuntu2~22.04 openjdk-11-jre-zero 11.0.17+8-1ubuntu2~22.04 openjdk-17-jdk 17.0.5+8-2ubuntu1~22.04 openjdk-17-jre 17.0.5+8-2ubuntu1~22.04 openjdk-17-jre-headless 17.0.5+8-2ubuntu1~22.04 openjdk-17-jre-zero 17.0.5+8-2ubuntu1~22.04 openjdk-19-jdk 19.0.1+10-1ubuntu1~22.04 openjdk-19-jre 19.0.1+10-1ubuntu1~22.04 openjdk-19-jre-headless 19.0.1+10-1ubuntu1~22.04 openjdk-19-jre-zero 19.0.1+10-1ubuntu1~22.04 openjdk-8-jdk 8u352-ga-1~22.04 openjdk-8-jre 8u352-ga-1~22.04 openjdk-8-jre-headless 8u352-ga-1~22.04 openjdk-8-jre-zero 8u352-ga-1~22.04 Ubuntu 20.04 LTS: openjdk-11-jdk 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-headless 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-zero 11.0.17+8-1ubuntu2~20.04 openjdk-17-jdk 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-headless 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-zero 17.0.5+8-2ubuntu1~20.04 openjdk-8-jdk 8u352-ga-1~20.04 openjdk-8-jre 8u352-ga-1~20.04 openjdk-8-jre-headless 8u352-ga-1~20.04 openjdk-8-jre-zero 8u352-ga-1~20.04 Ubuntu 18.04 LTS: openjdk-11-jdk 11.0.17+8-1ubuntu2~18.04 openjdk-11-jre 11.0.17+8-1ubuntu2~18.04 openjdk-11-jre-headless 11.0.17+8-1ubuntu2~18.04 openjdk-11-jre-zero 11.0.17+8-1ubuntu2~18.04 openjdk-17-jdk 17.0.5+8-2ubuntu1~18.04 openjdk-17-jre 17.0.5+8-2ubuntu1~18.04 openjdk-17-jre-headless 17.0.5+8-2ubuntu1~18.04 openjdk-17-jre-zero 17.0.5+8-2ubuntu1~18.04 openjdk-8-jdk 8u352-ga-1~18.04 openjdk-8-jre 8u352-ga-1~18.04 openjdk-8-jre-headless 8u352-ga-1~18.04 openjdk-8-jre-zero 8u352-ga-1~18.04 Ubuntu 16.04 ESM: openjdk-8-jdk 8u352-ga-1~16.04 openjdk-8-jre 8u352-ga-1~16.04 openjdk-8-jre-headless 8u352-ga-1~16.04 openjdk-8-jre-zero 8u352-ga-1~16.04 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-5719-1
CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626,
CVE-2022-21628, CVE-2022-39399
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
November 09, 2022
Package Information
https://launchpad.net/ubuntu/+source/openjdk-17/17.0.5+8-2ubuntu1 https://launchpad.net/ubuntu/+source/openjdk-17/17.0.5+8-2ubuntu1~22.04 ubuntu1~22.04 https://launchpad.net/ubuntu/+source/openjdk-8/8u352-ga-1~22.04 ~22.04 https://launchpad.net/ubuntu/+source/openjdk-17/17.0.5+8-2ubuntu1~20.04 ~20.04 https://launchpad.net/ubuntu/+source/openjdk-17/17.0.5+8-2ubuntu1~18.04 ~18.04
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!