Univention Bugzilla – Bug 57010
openjdk-11: Multiple issues (5.0)
Last modified: 2024-01-31 15:39:47 CET
New Debian openjdk-11 11.0.22+7-1~deb10u1 fixes: This update addresses the following issues: 11.0.22+7-1~deb10u1 (Mon, 22 Jan 2024 14:16:55 +0100) * Non-maintainer upload by the LTS Team. * Backport to buster. 11.0.22+7-1 (Wed, 17 Jan 2024 16:28:29 +0100) * OpenJDK 11.0.22 release, build 7. - CVEs: + CVE-2024-20918 + CVE-2024-20919 + CVE-2024-20921 + CVE-2024-20945 + CVE-2024-20952 - Security fixes: + JDK-8308204: Enhanced certificate processing. + JDK-8314295: Enhance verification of verifier. + JDK-8314307: Improve loop handling. + JDK-8314468: Improve Compiler loops. + JDK-8316976: Improve signature handling. + JDK-8317547: Enhance TLS connection support. + JDK-8314284: Enhance Nashorn performance (CVE-2024-20926). [ Vladimir Petko ] * Generate d/watch to cope with early access and release builds. * d/rules: Trim trailing whitespaces from debian/control. [ Pushkar Kulkarni ] * Minor improvements to the copyright-generator. 11.0.22~6ea-1 (Tue, 26 Dec 2023 13:23:50 +0100) * OpenJDK 11.0.22+6 build (early access). * debian/copyright: Update copyrights and notices, using a generator script. * d/copyright: Fix lintian warning. [ Matthias Klose ] * d/copyright: Fix source location.
--- mirror/ftp/pool/main/o/openjdk-11/openjdk-11_11.0.21+9-1~deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-6/source/openjdk-11_11.0.22+7-1~deb10u1.dsc @@ -1,3 +1,46 @@ +11.0.22+7-1~deb10u1 [Mon, 22 Jan 2024 14:16:55 +0100] Emilio Pozuelo Monfort <pochu@debian.org>: + + * Non-maintainer upload by the LTS Team. + * Backport to buster. + +11.0.22+7-1 [Wed, 17 Jan 2024 16:28:29 +0100] Matthias Klose <doko@ubuntu.com>: + + * OpenJDK 11.0.22 release, build 7. + - CVEs: + + CVE-2024-20918 + + CVE-2024-20919 + + CVE-2024-20921 + + CVE-2024-20945 + + CVE-2024-20952 + - Security fixes: + + JDK-8308204: Enhanced certificate processing. + + JDK-8314295: Enhance verification of verifier. + + JDK-8314307: Improve loop handling. + + JDK-8314468: Improve Compiler loops. + + JDK-8316976: Improve signature handling. + + JDK-8317547: Enhance TLS connection support. + + JDK-8314284: Enhance Nashorn performance (CVE-2024-20926). + + [ Vladimir Petko ] + * Generate d/watch to cope with early access and release builds. + * d/rules: Trim trailing whitespaces from debian/control. + + [ Pushkar Kulkarni ] + * Minor improvements to the copyright-generator. + +11.0.22~6ea-1 [Tue, 26 Dec 2023 13:23:50 +0100] Matthias Klose <doko@ubuntu.com>: + + * OpenJDK 11.0.22+6 build (early access). + + [ Pushkar Kulkarni ] + * debian/copyright: Update copyrights and notices, using a generator script. + + [ Vladimir Petko ] + * d/copyright: Fix lintian warning. + + [ Matthias Klose ] + * d/copyright: Fix source location. + 11.0.21+9-1~deb10u1 [Mon, 23 Oct 2023 08:32:45 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-6/#5735965268379027094>
OK: bug OK: yaml OK: announce_errata OK: patch ~OK: piuparts fails for "openjdk-11-source", which depends on a broken version of "ca-certificates-java", which itself depends again on OpenJDK → cirtular dependency https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929685 [5.0-6] f18b7a32d2 Bug #57010: openjdk-11 11.0.22+7-1~deb10u1 doc/errata/staging/openjdk-11.yaml | 30 ++++++++---------------------- 1 file changed, 8 insertions(+), 22 deletions(-) [5.0-6] 6b47d255ed Bug #57010: openjdk-11 11.0.22+7-1~deb10u1 doc/errata/staging/openjdk-11.yaml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x932>