Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in java-11-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-11-openjdk
ID: FEDORA-2020-fdc79d8e5b
Distribution: Fedora
Plattformen: Fedora 32
Datum: Sa, 31. Oktober 2020, 07:08
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14781
Applikationen: OpenJDK

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2020-fdc79d8e5b
2020-10-31 02:01:12.817715
-------------------------------------------------------------------------------
-

Name        : java-11-openjdk
Product     : Fedora 32
Version     : 11.0.9.11
Release     : 0.fc32
URL         : http://openjdk.java.net/
Summary     : OpenJDK Runtime Environment 11
Description :
The OpenJDK runtime environment.

-------------------------------------------------------------------------------
-
Update Information:

New in release OpenJDK 11.0.9 (2020-10-20):
===========================================  Full versions of these release
notes can be found at:  * https://bitly.com/openjdk1109 *
https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt  ##
Security fixes   - JDK-8233624: Enhance JNI linkage   - JDK-8236196: Improve
string pooling   - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
- JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts   - JDK-8237995,
CVE-2020-14782: Enhance certificate processing   - JDK-8240124: Better VM
Interning   - JDK-8241114, CVE-2020-14792: Better range handling   -
JDK-8242680, CVE-2020-14796: Improved URI Support   - JDK-8242685,
CVE-2020-14797: Better Path Validation   - JDK-8242695, CVE-2020-14798:
 Enhanced
buffer support   - JDK-8243302: Advanced class supports   - JDK-8244136,
CVE-2020-14803: Improved Buffer supports   - JDK-8244479: Further constrain
certificates   - JDK-8244955: Additional Fix for JDK-8240124   - JDK-8245407:
Enhance zoning of times   - JDK-8245412: Better class definitions   -
JDK-8245417: Improve certificate chain handling   - JDK-8248574: Improve jpeg
processing   - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit   -
JDK-8253019: Enhanced JPEG decoding  ## JDK-8254177: US/Pacific-New Zone name
removed as part of tzdata2020b  Following JDK's update to tzdata2020b, the
 long-
obsolete files pacificnew and systemv have been removed. As a result, the
"US/Pacific-New" zone name declared in the pacificnew data file is no
 longer
available for use.  Information regarding the update can be viewed at
https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Oct 21 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.9.11-0
- Update to jdk-11.0.9+11
- Drop JDK-8247874 backport now applied upstream.
- JDK-8245832 increases the set of static libraries, so try and include them
 all with a wildcard.
- Cleanup architecture and JVM feature handling in preparation for using
 upstreamed Shenandoah.
- With Shenandoah now upstream in OpenJDK 11, we can use jdk-updates/jdk11
 directly
- Update tarball generation script to use PR3802, handling JDK-8233228 &
 JDK-8177334
- Update release notes for 11.0.9 release.
- Add backport of JDK-8254177 to update to tzdata 2020b
- Require tzdata 2020b due to resource changes in JDK-8254177
- Temporarily roll back tzdata build requirement while tzdata update is still
 in testing
* Mon Oct 19 2020 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.9.11-0
- Update static-libs packaging to new layout
- Fix directory ownership of static-libs package
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-fdc79d8e5b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung