ELSA-2023-4175 Moderate: Oracle Linux 8 java-11-openjdk security and bug fix update
Oracle Linux Security Advisory ELSA-2023-4175
http://linux.oracle.com/errata/ELSA-2023-4175.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
java-11-openjdk-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-demo-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-devel-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-headless-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-javadoc-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-jmods-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-src-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-static-libs-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-demo-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-demo-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-devel-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-devel-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-headless-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-headless-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-jmods-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-jmods-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-src-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-src-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-2.0.1.el8.x86_64.rpm
aarch64:
java-11-openjdk-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-demo-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-devel-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-headless-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-javadoc-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-jmods-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-src-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-static-libs-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-demo-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-demo-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-devel-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-devel-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-headless-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-headless-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-jmods-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-jmods-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-src-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-src-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-2.0.1.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//java-11-openjdk-11.0.20.0.8-2.0.1.el8.src.rpm
Related CVEs:
CVE-2023-22006
CVE-2023-22036
CVE-2023-22041
CVE-2023-22045
CVE-2023-22049
CVE-2023-25193
Description of changes:
[1:11.0.20.0.8-2.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]
[1:11.0.20.0.8-2]
- Bump release number so we are newer than 9.0
- Related: rhbz#2221106
[1:11.0.20.0.8-1]
- Update to jdk-11.0.20.0+8 (GA)
- Update release notes to 11.0.20.0+8
- Drop local inclusion of JDK-8274864 & JDK-8305113 as they are included in 11.0.20+1
- Bump tzdata requirement to 2023c now it is available in the buildroot
- Bump bundled LCMS version to 2.15 as in jdk-11.0.20+1.
- Bump bundled HarfBuzz version to 7.0.1 as in jdk-11.0.20+7
- Use tapsets from the misc tarball
- Introduce 'prelease' for the portable release versioning, to handle EA builds
- Make sure root installation directory is created first
- Use in-place substitution for all but the first of the tapset changes
- Sync the copy of the portable specfile with the latest update
- Add note at top of spec file about rebuilding
- ** This tarball is embargoed until 2023-07-18 @ 1pm PT. **
- Resolves: rhbz#2217715
- Resolves: rhbz#2221106
A java-11-openjdk security and bug fix update has been released for Oracle Linux 8.