Debian Linux Security Advisory 5478-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.
1abbda9face35cc55de373d200a91797c0b8a6083da1289cd62ef92eff8eca01-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5478-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjdk-11
CVE ID : CVE-2023-21930 CVE-2023-21937 CVE-2023-21938 CVE-2023-21939
CVE-2023-21954 CVE-2023-21967 CVE-2023-21968 CVE-2023-22006
CVE-2023-22036 CVE-2023-22041 CVE-2023-22045 CVE-2023-22049
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in bypass of sandbox restrictions, information
disclosure, reduced cryptographic strength of the AES implementation,
directory traversal or denial of service.
For the oldstable distribution (bullseye), these problems have been fixed
in version 11.0.20+8-1~deb11u1.
We recommend that you upgrade your openjdk-11 packages.
For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTdEtEACgkQEMKTtsN8
Tja/nQ//eX9gCDOYqnUCQstcYptYuXgyES5gFeaKVA/cN/isdWaiDIjD0kTiwYQK
Gzck9y5gobZpTc6oqOLb7aaMXqo2NhhJF/G7SNuc0zeo6hQF6pwxvdBz3GA2BAQC
rc2xEHoxAekd2uZq2Oo9UG48V+2M5eB8sBc4f0FuTk2UQby3cwCIvAp3X/QsBrLg
kKp3H34fxwFb8YXtA5MgaEn+qzBa3XWd6MeN5qyEIHtJ+np5htr6xFjQxUNPnwHe
i0e67Jvvo0uIb3nwKPyuEPDZvG4FYWN6IKrbuS8b9/RWcSxkgXZbZsJ/8Ipa9dTV
1/B0/qvICq3Zt6Wq1HX5KNJRq/zfvx/RhA59dSpYnP/pE4qsQ8MNgNd2LWaixgu4
p2JPc+OpSZOkeZyygdf/oDuNj9dkllVu62ygwVxsmQRqMtZkOB7cnPHHBTMG+Arn
V4lmfweWO9TEMzMOf6H91G84zwfbgiHoymdAdGfJHhZt2wh+xAvrQCsRdHRk1BX6
NSXq4nQp2Wlkdr6w763C0LU6F9AqwF06GesQmOhbt0ZCD7e5CwT4umm19F/gDhHP
eoUQ0CU6tF03WurwYuR/RKcYqISZIPRj5ORIDLYrGJIVCBm9phhmliyVSplf1Jx5
jTcZTlHy9NpauQcSpc7kXmUg6SNYYYOxQHnfIHyz+dHqh5jgz1A=wEyu
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed