[El-errata] ELSA-2022-0185 Moderate: Oracle Linux 8 java-11-openjdk security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jan 25 23:54:59 UTC 2022


Oracle Linux Security Advisory ELSA-2022-0185

http://linux.oracle.com/errata/ELSA-2022-0185.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-11-openjdk-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-demo-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-devel-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-headless-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-javadoc-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-jmods-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-src-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-static-libs-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-demo-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-demo-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-devel-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-devel-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-headless-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-headless-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-jmods-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-jmods-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-src-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-src-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-static-libs-fastdebug-11.0.14.0.9-2.el8_5.x86_64.rpm
java-11-openjdk-static-libs-slowdebug-11.0.14.0.9-2.el8_5.x86_64.rpm

aarch64:
java-11-openjdk-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-demo-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-devel-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-headless-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-javadoc-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-jmods-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-src-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-static-libs-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-demo-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-demo-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-devel-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-devel-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-headless-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-headless-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-jmods-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-jmods-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-src-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-src-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-static-libs-fastdebug-11.0.14.0.9-2.el8_5.aarch64.rpm
java-11-openjdk-static-libs-slowdebug-11.0.14.0.9-2.el8_5.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/java-11-openjdk-11.0.14.0.9-2.el8_5.src.rpm

Related CVEs:

CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366




Description of changes:

[1:11.0.14.0.9-2]
- Fix FIPS issues in native code and with initialisation of java.security.Security
- Related: rhbz#2039366

[1:11.0.14.0.9-1]
- Update to jdk-11.0.14.0+9
- Update release notes to 11.0.14.0+9
- Switch to GA mode for final release.
- This tarball is embargoed until 2022-01-18 @ 1pm PT.
- Resolves: rhbz#2039366

[1:11.0.14.0.8-0.1.ea]
- Update to jdk-11.0.14.0+8
- Update release notes to 11.0.14.0+8
- Switch to EA mode for 11.0.14 pre-release builds.
- Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le.
- Rename blacklisted.certs to blocked.certs following JDK-8253866
- Rebase RH1996182 login patch and drop redundant security policy extension after JDK-8269034
- Related: rhbz#2039366

[1:11.0.14.0.8-0.1.ea]
- Replaced hardcoded 11 by featurever where appropriate
- Fixed comment of `for slowdebug` to correct `any debug`
- Related: rhbz#2039366




More information about the El-errata mailing list