[El-errata] ELSA-2024-8124 Moderate: Oracle Linux 8 java-17-openjdk security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Oct 21 21:15:12 UTC 2024
Oracle Linux Security Advisory ELSA-2024-8124
http://linux.oracle.com/errata/ELSA-2024-8124.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
java-17-openjdk-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-demo-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-devel-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-headless-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-src-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.13.0.11-3.0.1.el8.x86_64.rpm
aarch64:
java-17-openjdk-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-demo-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-devel-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-headless-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-src-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.13.0.11-3.0.1.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//java-17-openjdk-17.0.13.0.11-3.0.1.el8.src.rpm
Related CVEs:
CVE-2023-48161
CVE-2024-21208
CVE-2024-21210
CVE-2024-21217
CVE-2024-21235
Description of changes:
[17.0.13.0.11-3.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]
[1:17.0.13.0.11-3]
- Correct version suffix in "Update to jdk-17.0.13+11 (GA)" changelog entry
- Related: RHEL-58781
[1:17.0.13.0.11-2]
- Update to jdk-17.0.13+11 (GA)
- Update .gitignore to ignore openjdk-17.0.13+11.tar.xz
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- Set buildver to 11
- Set is_ga to 1
- Update sources to openjdk-17.0.13+11.tar.xz
- Resolves: RHEL-58781
- ** This tarball is embargoed until 2024-10-15 @ 1pm PT. **
[1:17.0.13.0.10-0.2.ea]
- Vary portablesuffix depending on whether we are on RHEL ('el8') or CentOS ('el9')
- Set rpmrelease to 2
- Related: RHEL-58781
[1:17.0.13.0.10-0.1.ea]
- Update to jdk-17.0.13+10 (EA)
- Update .gitignore to ignore openjdk-17.0.13+10-ea.tar.xz
- Sync java-17-openjdk-portable.specfile from openjdk-portable-centos-9
- Set buildver to 10
- Update sources to openjdk-17.0.13+10-ea.tar.xz
- Related: RHEL-58781
[1:17.0.13.0.9-0.1.ea]
- Update to jdk-17.0.13+9 (EA)
- Update .gitignore to ignore openjdk-17.0.13+9-ea.tar.xz
- Sync java-17-openjdk-portable.specfile from openjdk-portable-centos-9
- Set buildver to 9
- Set rpmrelease to 1
- Set portablerelease to 1
- Update sources to openjdk-17.0.13+9-ea.tar.xz
- Related: RHEL-58781
[1:17.0.13.0.1-0.4.ea]
- Set rpmrelease to 4
- Set portablerelease to 2
- Related: RHEL-58781
[1:17.0.13.0.1-0.3.ea]
- Synchronize java-17-openjdk-portable.specfile
- Set rpmrelease to 3
- Related: RHEL-58781
[1:17.0.13.0.1-0.2.ea]
- Update to jdk-17.0.13+1 (EA)
- Update .gitignore to ignore openjdk-17.0.13+1-ea.tar.xz
- Synchronize java-17-openjdk-portable.specfile
- Set updatever to 13
- Set buildver to 1
- Set is_ga to 0
- Update sources to openjdk-17.0.13+1-ea.tar.xz
- Related: RHEL-58781
- Remove 0001-8332174-Remove-2-unpaired-RLO-Unicode-characters-in-.patch
- Remove unicode section from rpminspect.yml, fixed instead by
https://gitlab.cee.redhat.com/osci/rpminspect-data-redhat/-/merge_requests/180
(OPENJDK-2904)
- Related: RHEL-58781
[1:17.0.12.0.7-3]
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- Set rpmrelease to 3
- Set portablerelease to 4
More information about the El-errata
mailing list