AlmaLinux 2324 Published by

A java-1.8.0-openjdk security update has been released for AlmaLinux.



ALSA-2021:2776 Important: java-1.8.0-openjdk security update


Type:
security

Severity:
important

Release date:
2021-07-21

Description
Security Fix(es):
* OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)
* OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341)
* OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2021-2341
CVE-2021-2369
CVE-2021-2388

Updates packages:
java-1.8.0-openjdk-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-demo-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-devel-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-devel-slowdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-headless-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el8_4.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el8_4.noarch.rpm
java-1.8.0-openjdk-slowdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-src-fastdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-src-slowdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm

Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2021:2776 Important: java-1.8.0-openjdk security update