Release Info

Advisory: CLSA-2024:1716915845

OS: CentOS 7 ELS

Public date: 2024-05-28 13:04:08

Project: java-1.8.0-openjdk

Version: 1.8.0.412.b08-1.el7_9.tuxcare.els1

Errata link: https://errata.tuxcare.com/centos7-els/CLSA-2024-1716915845.html

Changelog

- Upgrade to shenandoah-jdk8u412-b08. That fixes the following CVEs: - CVE-2024-21011: Denial of service due to long Exception message logging - CVE-2024-21085: Pack200 excessive memory allocation - CVE-2024-21068: Integer overflow in C1 compiler address generation - CVE-2024-21094: Unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array"

Update

Update command: yum update java-1.8.0-openjdk*

Packages list

java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm

CVEs

CVE-2024-21085
CVE-2024-21011
CVE-2024-21094
CVE-2024-21068