USN-7096-1 caused some minor regressions in OpenJDK 8.
Software Description:
- openjdk-8: Open Source Java implementation
Details:
USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced
several minor regressions. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Andy Boothe discovered that the Networking component of OpenJDK 8 did not
properly handle access under certain circumstances. An unauthenticated
attacker could possibly use this issue to cause a denial of service.
(CVE-2024-21208)
It was discovered that the Hotspot component of OpenJDK 8 did not properly
handle vectorization under certain circumstances. An unauthenticated
attacker could possibly use this issue to access unauthorized resources
and expose sensitive information. (CVE-2024-21210, CVE-2024-21235)
It was discovered that the Serialization component of OpenJDK 8 did not
properly handle deseriali...
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 openjdk-8-jdk 8u442-b06~us1-0ubuntu1~24.10 openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~24.10 openjdk-8-jre 8u442-b06~us1-0ubuntu1~24.10 openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~24.10 openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~24.10 Ubuntu 24.04 LTS openjdk-8-jdk 8u442-b06~us1-0ubuntu1~24.04 openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~24.04 openjdk-8-jre 8u442-b06~us1-0ubuntu1~24.04 openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~24.04 openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~24.04 Ubuntu 22.04 LTS openjdk-8-jdk 8u442-b06~us1-0ubuntu1~22.04 openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~22.04 openjdk-8-jre 8u442-b06~us1-0ubuntu1~22.04 openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~22.04 openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~22.04 Ubuntu 20.04 LTS openjdk-8-jdk 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~20.04 Ubuntu 18.04 LTS openjdk-8-jdk 8u442-b06~us1-0ubuntu1~18.04 Available with Ubuntu Pro openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~18.04 Available with Ubuntu Pro openjdk-8-jre 8u442-b06~us1-0ubuntu1~18.04 Available with Ubuntu Pro openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~18.04 Available with Ubuntu Pro openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~18.04 Available with Ubuntu Pro Ubuntu 16.04 LTS openjdk-8-jdk 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro openjdk-8-jdk-headless 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro openjdk-8-jre 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro openjdk-8-jre-headless 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro openjdk-8-jre-jamvm 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro openjdk-8-jre-zero 8u442-b06~us1-0ubuntu1~16.04 Available with Ubuntu Pro This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart Java applications to make all the necessary changes.
https://ubuntu.com/security/notices/USN-7096-2
https://ubuntu.com/security/notices/USN-7096-1
https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/2097400
Get the latest Linux and open source security news straight to your inbox.