Release Info

Advisory: CLSA-2022:1669309108

OS: Ubuntu 16.04 ELS

Public date: 2022-11-24

Project: openjdk-8

Version: 8u352-ga-0ubuntu1~16.04+tuxcare.els1

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1669309108.html

Changelog

* Backport upstream releases 8u352 to 16.04 LTS * Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support - JDK-8286533, CVE-2022-21626: Key X509 usages - JDK-8286910, CVE-2022-21624: Improve JNDI lookups - JDK-8286918, CVE-2022-21628: Better HttpServer service - JDK-8288508: Enhance ECDSA usage * Drop applied patch pr88.diff

Update

Update command: apt-get update apt-get --only-upgrade install openjdk-8*

Packages list

openjdk-8-demo_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-doc_8u352-ga-0ubuntu1~16.04+tuxcare.els1_all.deb openjdk-8-jdk_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-jdk-headless_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-jre_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-jre-headless_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-jre-jamvm_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-jre-zero_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb openjdk-8-source_8u352-ga-0ubuntu1~16.04+tuxcare.els1_all.deb

CVEs

CVE-2022-21624
CVE-2022-21626
CVE-2022-21619
CVE-2022-21628