[El-errata] ELSA-2024-1817 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Apr 22 13:55:40 UTC 2024 

Oracle Linux Security Advisory ELSA-2024-1817

http://linux.oracle.com/errata/ELSA-2024-1817.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094




Description of changes:

[1:1.8.0.412.b08-1]
- Update to shenandoah-jdk8u412-b08 (GA)
- Update release notes for shenandoah-8u412-b08.
- Complete release note for Certainly roots
- Switch to GA mode.
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Related: RHEL-30926

[1:1.8.0.412.b07-0.1.ea]
- Update to shenandoah-jdk8u412-b07 (EA)
- Update release notes for shenandoah-8u412-b07.
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- Resolves: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Turn off xz multi-threading on i686 as it fails with an out of memory error
- Normalise whitespace
- Move to upstream tag style (shenandoah8ux-by) in preparation for eventually moving back to official sources
- generate_source_tarball.sh: Rename JCONSOLE_JS_PATCH{,_DEFAULT} to JCONSOLE_PATCH{,_DEFAULT} for brevity
- generate_source_tarball.sh: Adapt OPENJDK_LATEST logic to work with 8u Shenandoah fork
- generate_source_tarball.sh: Adapt version logic to work with 8u
- generate_source_tarball.sh: Add quoting for SCRIPT_DIR and JCONSOLE_PATCH (SC2086)
- generate_source_tarball.sh: Update examples in header for clarity
- generate_source_tarball.sh: Create directory in TMPDIR when using WITH_TEMP
- generate_source_tarball.sh: Only add --depth=1 on non-local repositories
- Move maintenance scripts to a scripts subdirectory
- icedtea_sync.sh: Update with a VCS mode that retrieves sources from a Mercurial repository
- jconsole.desktop.in: Restored by running icedtea_sync.sh
- policytool.desktop.in: Likewise.
- Restore IcedTea sources correctly in spec file
- discover_trees.sh: Set compile-command and indentation instructions for Emacs
- discover_trees.sh: shellcheck: Do not use -o (SC2166)
- discover_trees.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- discover_trees.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: Add authorship
- icedtea_sync.sh: Set compile-command and indentation instructions for Emacs
- icedtea_sync.sh: shellcheck: Double-quote variable references (SC2086)
- icedtea_sync.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: Set compile-command and indentation instructions for Emacs
- openjdk_news.sh: shellcheck: Double-quote variable references (SC2086)
- openjdk_news.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: shellcheck: Remove deprecated egrep usage (SC2196)
- generate_source_tarball.sh: Handle an existing checkout
- generate_source_tarball.sh: Sync indentation with java-21-openjdk version
- generate_source_tarball.sh: Support using a subdirectory via TO_COMPRESS
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Invoke xz in multi-threaded mode
- generate_source_tarball.sh: Add WITH_TEMP environment variable
- generate_source_tarball.sh: Multithread xz on all available cores
- generate_source_tarball.sh: Add OPENJDK_LATEST environment variable
- generate_source_tarball.sh: Update comment about tarball naming
- generate_source_tarball.sh: Reformat comment header
- generate_source_tarball.sh: Reformat and update help output
- generate_source_tarball.sh: Do a shallow clone, for speed
- generate_source_tarball.sh: Eliminate some removal prompting
- generate_source_tarball.sh: Make tarball reproducible
- generate_source_tarball.sh: Prefix temporary directory with temp-
- generate_source_tarball.sh: Remove temporary directory exit conditions
- generate_source_tarball.sh: Set compile-command in Emacs
- generate_source_tarball.sh: Remove REPO_NAME from FILE_NAME_ROOT
- generate_source_tarball.sh: Move PROJECT_NAME and REPO_NAME checks
- generate_source_tarball.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- generate_source_tarball.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: shellcheck: Do not use -a (SC2166)
- generate_source_tarball.sh: shellcheck: Do not use $ on arithmetic variables (SC2004)
- Use backward-compatible patch syntax
- generate_source_tarball.sh: Ignore -ga tags with OPENJDK_LATEST
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Use long-style argument to grep
- generate_source_tarball.sh: Add license
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Remove -T0 argument from systemtap tar invocation
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Update to shenandoah-jdk8u412-b01 (EA)
- Update release notes for shenandoah-8u412-b01.
- Switch to EA mode.
- Related: RHEL-30926

More information about the El-errata mailing list