Advisory: CLSA-2025:1767028399
OS: CentOS Stream 8 ELS
Public date: 2025-12-29 17:13:21.201028
Project: java-11-openjdk
Version: 11.0.29.0.7-1.el8.tuxcare.els1
Errata link: https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2025-1767028399.html
- Upgrade to openjdk-11.0.29+7 (GA). The following CVEs were fixed: - CVE-2023-48161: fix buffer overflow vulnerability - CVE-2024-21147: RangeCheckElimination array index overflow - CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data - CVE-2025-53057: enhance certificate handling to prevent unauthorized creation - CVE-2025-53066: enhance Path Factories to prevent unauthorized access
Update command: dnf update java-11-openjdk*
java-11-openjdk-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-demo-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-devel-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-headless-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-javadoc-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-jmods-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-src-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm java-11-openjdk-static-libs-11.0.29.0.7-1.el8.tuxcare.els1.x86_64.rpm