Bug 57698 - openjdk-11: Multiple issues (5.0)
Summary: openjdk-11: Multiple issues (5.0)
Status: CLOSED FIXED
Alias: None
Product: UCS
Classification: Unclassified
Component: Security updates
Version: UCS 5.0
Hardware: All Linux
: P3 normal
Target Milestone: UCS 5.0-9-errata
Assignee: Quality Assurance
QA Contact: Felix Botner
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-10-28 10:14 CET by Quality Assurance
Modified: 2024-10-30 15:12 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score: 4.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2024-10-28 10:14:19 CET 
New Debian openjdk-11 11.0.25+9-1~deb10u1 fixes:
This update addresses the following issues:
11.0.25+9-1~deb10u1 (Mon, 21 Oct 2024 15:53:56 +0200)
* Non-maintainer upload by the ELTS Team.
* Backport to buster.
11.0.25+9-1 (Thu, 17 Oct 2024 10:56:29 +0200)
* OpenJDK 11.0.25 release, build 9. - CVE-2024-21208 - CVE-2024-21210 -  CVE-2024-21217 - CVE-2024-21235
[ Vladimir Petko ]
* d/rules: do not include dtrace support for S390x (JDK-8305174).
* d/t/problems.csv: Disable jdk/sun/security/util/Debug/DebugOptions.java due  to JDK-8339713.
11.0.25~5ea-1 (Mon, 09 Sep 2024 16:06:26 +0200)
* OpenJDK 11.0.25+5 build (early access).
* d/changelog: Remove trailing empty line.
* d/copyright-generator/strip-common-licenses.sh: Add GPLv3 to the list of  common licenses.
* d/JB-*.overrides.in, d/s/lintian-overrides: Update lintian overrides.
* d/p/jdk-8334895-proposed.patch: Fix typo in the patch description.
* d/copyright: Regenerate.
* d/t/problemlist.csv: Update problemlist.csv for July release
* d/t/jtreg-autopkgtest.{in,sh}: Increase jtreg test timeouts.
* Enable dtrace support.
Comment 1 Quality Assurance univentionstaff 2024-10-28 11:00:08 CET 
--- mirror/ftp/pool/main/o/openjdk-11/openjdk-11_11.0.24+8-2~deb10u1.dsc
+++ apt/ucs_5.0-0-errata5.0-9/source/openjdk-11_11.0.25+9-1~deb10u1.dsc
@@ -1,3 +1,36 @@
+11.0.25+9-1~deb10u1 [Mon, 21 Oct 2024 15:53:56 +0200] Emilio Pozuelo Monfort <pochu@debian.org>:
+
+  * Non-maintainer upload by the ELTS Team.
+  * Backport to buster.
+
+11.0.25+9-1 [Thu, 17 Oct 2024 10:56:29 +0200] Matthias Klose <doko@ubuntu.com>:
+
+  * OpenJDK 11.0.25 release, build 9.
+    - CVE-2024-21208
+    - CVE-2024-21210
+    - CVE-2024-21217
+    - CVE-2024-21235
+
+  [ Vladimir Petko ]
+  * d/rules: do not include dtrace support for S390x (JDK-8305174).
+  * d/t/problems.csv: Disable jdk/sun/security/util/Debug/DebugOptions.java
+    due to JDK-8339713.
+
+11.0.25~5ea-1 [Mon, 09 Sep 2024 16:06:26 +0200] Matthias Klose <doko@ubuntu.com>:
+
+  * OpenJDK 11.0.25+5 build (early access).
+
+  [ Vladimir Petko ]
+  * d/changelog: Remove trailing empty line.
+  * d/copyright-generator/strip-common-licenses.sh: Add GPLv3 to the
+    list of common licenses.
+  * d/JB-*.overrides.in, d/s/lintian-overrides: Update lintian overrides.
+  * d/p/jdk-8334895-proposed.patch: Fix typo in the patch description.
+  * d/copyright: Regenerate.
+  * d/t/problemlist.csv: Update problemlist.csv for July release
+  * d/t/jtreg-autopkgtest.{in,sh}: Increase jtreg test timeouts.
+  * Enable dtrace support.
+
 11.0.24+8-2~deb10u1 [Tue, 06 Aug 2024 12:32:23 +0200] Emilio Pozuelo Monfort <pochu@debian.org>:
 
   * Backport to buster.

<http://piuparts.knut.univention.de/5.0-9/#91943496035971920>
Comment 2 Felix Botner univentionstaff 2024-10-29 09:31:17 CET 
OK: bug
OK: yaml
OK: announce_errata
OK: patch
~OK: piuparts
  dependency loop

5.0-9 5170089c43ed79327254bdced9599cd32d0aa126
 doc/errata/staging/libheif.yaml             | 2 +-
 doc/errata/staging/libsepol.yaml            | 2 +-
 doc/errata/staging/openjdk-11.yaml          | 9 +++++----
 doc/errata/staging/python-cryptography.yaml | 2 +-
 4 files changed, 8 insertions(+), 7 deletions(-)