Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE Container Significant RAM Consumption Issue 2026-0972-1

An update that solves seven vulnerabilities can now be installed.. # Security update for docker-stable Announcement ID: SUSE-SU-2026:0972-1 Release Date: 2026-03-23T15:21:50Z Rating: important References: * bsc#1253904 Cross-References: * CVE-2024-2365 * CVE-2024-29018 * CVE-2024-41110 * CVE-2025-22868 * CVE-2025-22869 * CVE-2025-30204 * CVE-2025-58181 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-29018 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux EnterpriseServer for SAP Applications 15 SP7 An update that solves seven vulnerabilities can now be installed. ## Description: This update for docker-stable fixes the following issues: * CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption (bsc#1253904). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-972=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-972=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.39.1 * docker-stable-24.0.9_ce-150000.1.39.1 * openSUSE Leap 15.6 (noarch) * docker-stable-zsh-completion-24.0.9_ce-150000.1.39.1 * docker-stable-fish-completion-24.0.9_ce-150000.1.39.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.39.1 * docker-stable-rootless-extras-24.0.9_ce-150000.1.39.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.39.1 * docker-stable-24.0.9_ce-150000.1.39.1 * Containers Module 15-SP7 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.39.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2365.html * https://www.suse.com/security/cve/CVE-2024-29018.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-30204.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://bugzilla.suse.com/show_bug.cgi?id=1253904 . A crucial update for docker-stable addresses multiple issues, focusing on important vulnerabilities.Ensure your systems are patched.. SUSE Docker Security Update Memory Overflow Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2026 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 41 Mupen64plus Moderate Array Overflow Patch 2025-2406078e57

Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2406078e57 2025-11-07 02:35:35.301818+00:00 -------------------------------------------------------------------------------- Name : mupen64plus Product : Fedora 41 Version : 2.6.0 Release : 8.fc41 URL : http://www.mupen64plus.org/ Summary : Nintendo 64 Emulator Description : Mupen64plus is a Nintendo 64 Emulator. This package includes all the plug-ins. -------------------------------------------------------------------------------- Update Information: Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2025 David Auer - 2.6.0-8 - Patch CVE-2025-29366 and CVE-2025-29366 * Thu Jul 24 2025 Fedora Release Engineering - 2.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Fri Jan 17 2025 David Auer - 2.6.0-4 - Fix build on rawhide (42) * Wed Jan 8 2025 David Auer - 2.6.0-3 - Add patch for the plugin search path * Fri Dec 20 2024 David Auer - 2.6.0-2 - Disable debug build - Enable pic build - Add optional build requirment speexdsp - Lib symlink is now relative * Sun Nov 24 2024 David Auer - 2.6.0-1 - Updated to 2.6.0 * Mon Sep 2 2024 Miroslav Such - 2.5-24 - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2392349 - CVE-2025-9688 mupen64plus: Mupen64Plus is_viewer.c write_is_viewer integer overflow [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392349 [ 2 ] Bug #2393063 - CVE-2025-29366 mupen64plus: array overflow in the write_rdram_regs and write_rdram_regs functions [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2393063 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2406078e57' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Mupen64plus on Fedora 41 receives a security patch for an array overflow issue. Update recommended for users.. mupen64plus update,Fedora 41 security,CVE-2025-29366,security patch,linux app security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 07, 2025 Important Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 42: mupen64plus Critical Update for Array Overflow CVE-2025-29366

Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-7a40e176ed 2025-11-07 01:27:09.764867+00:00 -------------------------------------------------------------------------------- Name : mupen64plus Product : Fedora 42 Version : 2.6.0 Release : 8.fc42 URL : http://www.mupen64plus.org/ Summary : Nintendo 64 Emulator Description : Mupen64plus is a Nintendo 64 Emulator. This package includes all the plug-ins. -------------------------------------------------------------------------------- Update Information: Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 29 2025 David Auer - 2.6.0-8 - Patch CVE-2025-29366 and CVE-2025-29366 * Thu Jul 24 2025 Fedora Release Engineering - 2.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2392350 - CVE-2025-9688 mupen64plus: Mupen64Plus is_viewer.c write_is_viewer integer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2392350 [ 2 ] Bug #2393064 - CVE-2025-29366 mupen64plus: array overflow in the write_rdram_regs and write_rdram_regs functions [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2393064 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7a40e176ed' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by theFedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The mupen64plus update fixes critical array overflow issues based on CVE-2025-29366 for Fedora 42 without behavioral changes.. mupen64plus update,Fedora 42 security,array overflow,CVE-2025-29366. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 07, 2025 Critical Fedora
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisoryupdateimportant

Rocky Linux RLSA-2024:4573 Important: Java-21-OpenJDK Security Fix

Important: java-21-openjdk security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:4573", "synopsis": "Important: java-21-openjdk security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for java-21-openjdk.\nThis update affects Rocky Linux 8, Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)\n\n* OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)\n\n* OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)\n\n* OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)\n\n* OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9", "Rocky Linux 8"], "fixes": [{"ticket": "2297961", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2297961", "description": ""}, {"ticket": "2297962", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2297962", "description": ""}, {"ticket": "2297963", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2297963", "description": ""}, {"ticket": "2297976", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2297976", "description": ""}, {"ticket": "2297977", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2297977", "description": ""}], "cves": [{"name": "CVE-2024-21131","sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-21131", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "3.7", "cwe": "UNKNOWN"}, {"name": "CVE-2024-21138", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-21138", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "cvss3BaseScore": "3.7", "cwe": "CWE-835"}, {"name": "CVE-2024-21140", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-21140", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "cvss3BaseScore": "4.8", "cwe": "UNKNOWN"}, {"name": "CVE-2024-21145", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-21145", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "cvss3BaseScore": "4.8", "cwe": "(CWE-125|CWE-787)"}, {"name": "CVE-2024-21147", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-21147", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore": "7.4", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-07-26T12:33:00.041178Z", "rpms": {"Rocky Linux 8": {"nvras": ["java-21-openjdk-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el8.src.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-debugsource-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-debugsource-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-demo-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-demo-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-1:21.0.4.0.7-1.el8.aarch64.rpm","java-21-openjdk-devel-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-devel-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el8.aarch64.rpm","java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-jmods-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-jmods-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-src-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-src-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-src-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-src-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-static-libs-fastdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-static-libs-fastdebug-1:21.0.4.0.7-1.el8.x86_64.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el8.aarch64.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el8.x86_64.rpm"]}, "Rocky Linux 9": {"nvras": ["java-21-openjdk-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el9.src.rpm", "java-21-openjdk-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-debugsource-1:21.0.4.0.7-1.el9.aarch64.rpm","java-21-openjdk-debugsource-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-debugsource-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-debugsource-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-demo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-demo-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-demo-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-demo-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-demo-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-devel-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-devel-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-devel-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-devel-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-devel-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm","java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-headless-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-headless-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-headless-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-headless-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm","java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-javadoc-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-javadoc-zip-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-jmods-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-jmods-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-jmods-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-jmods-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-jmods-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-slowdebug-debuginfo-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-src-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-src-1:21.0.4.0.7-1.el9.ppc64le.rpm","java-21-openjdk-src-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-src-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-src-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-src-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-src-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-src-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-static-libs-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-static-libs-fastdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-static-libs-fastdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-static-libs-fastdebug-1:21.0.4.0.7-1.el9.x86_64.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el9.aarch64.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el9.ppc64le.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el9.s390x.rpm", "java-21-openjdk-static-libs-slowdebug-1:21.0.4.0.7-1.el9.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Java-21-OpenJDK security update resolves critical issues and enhances security for Rocky Linux users.. Java Security Update, Rocky Linux Patch, Critical Fixes, Java Security Advisories. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 26, 2024 Important Rocky Linux
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issueRed Hat

Red Hat Enterprise Linux 8.4: RHSA-2023-4172-01 moderate: OpenJDK Issues

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: RHSA-2023:4172-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:4172 Issue date: 2023-07-19 CVE Names: CVE-2023-22045 CVE-2023-22049 ==================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream AUS (v.8.4) - noarch, x86_64 Red Hat Enterprise Linux AppStream E4S (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream TUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score,acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2221645 - CVE-2023-22045 OpenJDK: array indexing integer overflow issue (8304468) 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) 6. Package List: Red Hat Enterprise Linux AppStream AUS(v.8.4): Source: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.src.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el8_4.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.el8_4.noarch.rpm x86_64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.x86_64.rpm Red Hat Enterprise Linux AppStream E4S(v.8.4): Source: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.src.rpm aarch64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.aarch64.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el8_4.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.el8_4.noarch.rpm ppc64le: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.x86_64.rpm Red Hat Enterprise Linux AppStream TUS(v.8.4): Source: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.src.rpm aarch64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.aarch64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.aarch64.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el8_4.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.el8_4.noarch.rpm ppc64le: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_4.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.s390x.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_4.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-22045 https://access.redhat.com/security/cve/CVE-2023-22049 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJkuIhJAAoJENzjgjWX9erEMnoQAJcMIIoJfHvtRoIbT9M6znPs hdaJzmAPjUovFUF+t9A6nOWeu1iBmiE3k70mx2gZuMqXLFVCUJeu0U41wc8EAbar GSSaHhf6T6zKEtzHPEKzqPWiyAKcKYn16RxMZOcDcHUEHSX8SKyjIsWF0dVoeDQB xWOwAYjYkKHNZzO2uKm/KnjYKBY1xu8KpRkjUsFWNKqPjTjl+TJjL1kv4eD/tDkT lGuO+Rb1vXYG/Mm6kghsab4vjTBzbs7dmGXGCXk0AcIxSbY/3b6WleALHrpSIe7c 2uH0am43Lij0oXuB2bSyyRrGKQquAjQ0dsOYfK/d8/DB/y338XK486TifBeoWdQI +udXfjMBxwU9S+GHGbxup4KRer7WpMShu3Ol/MDaZyDVGPzdQcJCUNFhfW+ixffw ms/JinPeNAewrJ47bMtWRl5ShTcvK97c6ImQqP7TI+oiufqfJQJjtApv2Js+ZBVR P/dbMQelF2Eu3jTEYW/Z7pKOQKbOq7lCjkvy/cJ+GGcSEq70kod1Znp6MZl2Z73Y 9mHk4TcqQiQ7G2O/2VwUBhql56TXPJJt3xJk0zsS/WrHXkGihCh4+jaMZB5ly6t5 umLZhLM56Z1ogGv0F8h5nOuQRCUnng+r9/Xsu6XAnBxH27L7e41mV+4jLfe6NT8N xoVbLSnn+qiv7Oee/2Z2 =Y/WM -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important patch release for java-1.8.0-openjdk issued on Red Hat Enterprise Linux 8.4, addressing severe vulnerabilities.. Java Update, OpenJDK Security, Red Hat Advisory, Java Fixes, Linux Updates. . LinuxSecurity.com Team

Calendar 2 Jul 20, 2023 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise LinuxModerate

Red Hat 8.6: RHSA-2023-4173-01 Moderate: Java OpenJDK Security Fix

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: RHSA-2023:4173-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:4173 Issue date: 2023-07-19 CVE Names: CVE-2023-22045 CVE-2023-22049 ==================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v.8.6) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2221645 - CVE-2023-22045 OpenJDK: array indexing integer overflow issue (8304468) 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.6): Source: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_6.src.rpm aarch64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_6.aarch64.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el8_6.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.el8_6.noarch.rpm ppc64le: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_6.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.s390x.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_6.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.382.b05-1.el8_6.x86_64.rpm Red Hat CodeReady Linux Builder EUS(v.8.6): aarch64: java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-1.el8_6.aarch64.rpm ppc64le: java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-1.el8_6.ppc64le.rpm x86_64: java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-1.el8_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-22045 https://access.redhat.com/security/cve/CVE-2023-22049 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJkuIgeAAoJENzjgjWX9erEudkP/2i7Dv0o6KwH1iusAR+YeNGK XpMG2DBtyF2Vq/XtiKumRQFyoe+v6aQM9AJ2ncc5UdgTiI616ec+mZFbMV+6B7Kf 5OfTvJFkjdVsAWSWVWQ8EeWuSxinTsy2t1ZUheD+MrS1AFFsrM3dLhdzF2Rk8jwd XrIB27RD4IwGa1ZAV48js+yATAQ47OCKETEsKOP2uQ+FbDoHh9NUoGRH0DxiKk4k o7o94Q7CaxKpdWIvXTnSoDk8+Ys2umPoX6zLpPOb5+9+DyoiUsZ/KRNl8CTwExKy dQBoo1EaTxywGle1Zp6OQRJFtVi+o3r8blDOukF/octIEjCj6pWkwaP/vymT4NKQ dug6Y3lyNVR12Owo08/6wgMGD3mwjtW3ekp09MRG0WyokIFSclT3dYrPrf/njzP5 eYs3EJaCgFd7AzIVh5Ewy3IN6vHe1UoRjJ+q+8WB4RiNjwateS+TcNwLfOSzzTGp IkB+8VYX3TA2NUFe32gkzD1qym6krhTA7Ug9CoRajD3hSBf8q1ESmFPFoMvzRAl2 Sxz/q+7TC2rQ2AKnSEu7eVvqDrlARs3yZ8mssoUj6DwQjej0WKXvluCEVDwDzWj8 1l06ngzBMPKJBA+Y22F/bS2Zdg9bxsDJqk21Iammt/GUZJRJ3REDlNJ+OwNEC+O/ jLKiXirtcPUXDavGtPRd =tPFX -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Update for java-1.8.0-openjdk classified as Moderate by Red Hat, rectifying concerns such as buffer overflow and URI management.. Java Update, Red Hat Security, Enterprise Linux, Security Advisory, OpenJDK. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 20, 2023 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramedium severity

Fedora 30 glibc FEDORA-2020-7f625c5ea8 Moderate: Stack Corruption Issues

This update incorporates fixes from the upstream glibc 2.29 stable release branch, including 3 fixes for medium severity security vulnerabilities. (CVE-2020-10029, CVE-2020-1752, CVE-2020-1751). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-7f625c5ea8 2020-04-09 17:43:21.961400 --------------------------------------------------------------------------------Name : glibc Product : Fedora 30 Version : 2.29 Release : 29.fc30 URL : Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. --------------------------------------------------------------------------------Update Information: This update incorporates fixes from the upstream glibc 2.29 stable release branch, including 3 fixes for medium severity security vulnerabilities. (CVE-2020-10029, CVE-2020-1752, CVE-2020-1751) --------------------------------------------------------------------------------ChangeLog: * Tue Mar 24 2020 Patsy Franklin - 2.29-29 - Auto-sync with upstream branch release/2.29/master, commit a318448f7aca169f7795d9d300c525d96f914af0. - Fix array overflow in backtrace on PowerPC (bug 25423) - Fix use-after-free in glob when expanding ~user (bug 25414) - math/test-sinl-pseudo: Use stack protector only if available - Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (bug 25487). - riscv: Do not use __has_include__ --------------------------------------------------------------------------------References: [ 1 ] Bug #1810671 - CVE-2020-10029 glibc: stackcorruption from crafted input in cosl, sinl, sincosl, and tanl functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1810671 [ 2 ] Bug #1811586 - CVE-2020-1752 glibc: use-after-free in glob() function when expanding ~user [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1811586 [ 3 ] Bug #1811589 - CVE-2020-1751 glibc: array overflow in backtrace functions for powerpc [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1811589 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-7f625c5ea8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This Debian patch resolves four medium priority glibc issues related to buffer overflow and stack corruption.. Fedora Update, glibc Fixes, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Apr 09, 2020 Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantglibc

SUSE Linux Enterprise Server: SUSE-SU-2020:0832-1 Important Stack Overflow

An update that solves three vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for glibc ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0832-1 Rating: important References: #1149332 #1157893 #1158996 #1165784 #1167631 Cross-References: CVE-2020-10029 CVE-2020-1751 CVE-2020-1752 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has two fixes is now available. Description: This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution (bsc#1167631). - CVE-2020-1751: Fixed an array overflow in backtrace for PowerPC (bsc#1158996). - CVE-2020-10029: Fixed a stack buffer overflow during range reduction (bsc#1165784). - Use 'posix_spawn' on popen preventing crash caused by 'subprocess'. (bsc#1149332, BZ #22834) - Fix handling of needles crossing a page, preventing incorrect results to return during the cross page boundary search. (bsc#1157893, BZ #25226) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-832=1 - SUSE Linux Enterprise SoftwareDevelopment Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-832=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-832=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-832=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): glibc-debuginfo-2.22-100.21.5 glibc-debugsource-2.22-100.21.5 glibc-devel-static-2.22-100.21.5 - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch): glibc-info-2.22-100.21.5 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): glibc-debuginfo-2.22-100.21.5 glibc-debugsource-2.22-100.21.5 glibc-devel-static-2.22-100.21.5 - SUSE Linux Enterprise Software Development Kit 12-SP4 (noarch): glibc-info-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): glibc-2.22-100.21.5 glibc-debuginfo-2.22-100.21.5 glibc-debugsource-2.22-100.21.5 glibc-devel-2.22-100.21.5 glibc-devel-debuginfo-2.22-100.21.5 glibc-locale-2.22-100.21.5 glibc-locale-debuginfo-2.22-100.21.5 glibc-profile-2.22-100.21.5 nscd-2.22-100.21.5 nscd-debuginfo-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): glibc-32bit-2.22-100.21.5 glibc-debuginfo-32bit-2.22-100.21.5 glibc-devel-32bit-2.22-100.21.5 glibc-devel-debuginfo-32bit-2.22-100.21.5 glibc-locale-32bit-2.22-100.21.5 glibc-locale-debuginfo-32bit-2.22-100.21.5 glibc-profile-32bit-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP5 (noarch): glibc-html-2.22-100.21.5 glibc-i18ndata-2.22-100.21.5 glibc-info-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): glibc-2.22-100.21.5 glibc-debuginfo-2.22-100.21.5 glibc-debugsource-2.22-100.21.5 glibc-devel-2.22-100.21.5 glibc-devel-debuginfo-2.22-100.21.5 glibc-locale-2.22-100.21.5 glibc-locale-debuginfo-2.22-100.21.5 glibc-profile-2.22-100.21.5 nscd-2.22-100.21.5 nscd-debuginfo-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP4 (s390x x86_64): glibc-32bit-2.22-100.21.5 glibc-debuginfo-32bit-2.22-100.21.5 glibc-devel-32bit-2.22-100.21.5 glibc-devel-debuginfo-32bit-2.22-100.21.5 glibc-locale-32bit-2.22-100.21.5 glibc-locale-debuginfo-32bit-2.22-100.21.5 glibc-profile-32bit-2.22-100.21.5 - SUSE Linux Enterprise Server 12-SP4 (noarch): glibc-html-2.22-100.21.5 glibc-i18ndata-2.22-100.21.5 glibc-info-2.22-100.21.5 References: https://www.suse.com/security/cve/CVE-2020-10029.html https://www.suse.com/security/cve/CVE-2020-1751.html https://www.suse.com/security/cve/CVE-2020-1752.html https://bugzilla.suse.com/1149332 https://bugzilla.suse.com/1157893 https://bugzilla.suse.com/1158996 https://bugzilla.suse.com/1165784 https://bugzilla.suse.com/1167631 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Important patch for glibc addresses various security flaws on SUSE platforms. Prompt measures advised.. SUSE Linux Security Update, glibc fixes, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 31, 2020 Important SuSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here