|
|
Log in / Subscribe / Register

Debian alert DLA-2917-1 (openjdk-8)



From:
              Emilio Pozuelo Monfort <pochu@debian.org>


To:
              <debian-lts-announce@lists.debian.org>


Subject:
              [SECURITY] [DLA 2917-1] openjdk-8 security update


Date:
              Thu, 10 Feb 2022 09:51:22 +0100


Message-ID:
              <20220210085122.08B502A0ADD@andromeda>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2917-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
February 10, 2022                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : openjdk-8
Version        : 8u322-b06-1~deb9u1
CVE ID         : CVE-2022-21248 CVE-2022-21282 CVE-2022-21283 CVE-2022-21293
                 CVE-2022-21294 CVE-2022-21296 CVE-2022-21299 CVE-2022-21305
                 CVE-2022-21340 CVE-2022-21341 CVE-2022-21349 CVE-2022-21360
                 CVE-2022-21365

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, bypass of deserialization
restrictions or information disclosure.

For Debian 9 stretch, these problems have been fixed in version
8u322-b06-1~deb9u1.

We recommend that you upgrade your openjdk-8 packages.

For the detailed security status of openjdk-8 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-8

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmIE0gYACgkQnUbEiOQ2
gwK+gQ/+O/lCMDilNgvdm58hBVXBSFB3x9ZbuaObj5VUYrFaLO5ZR3DeG0F15UGf
0XYPeu1cHxa9Hetl7fVY0OR/CT9SrOAp5YjKWg5MkIoi/5gIse/SHYA8AKS4hfQh
/w8SN/djGI26szNp9OhYvDOg4hCp52Nt+HDLqCXhpHR5n0QFBENaY1JJhCaD5qFE
gREjImjFpuEj3pvMyaKk8iJpq6TtDYEVrjlsaDMseqhqCc1+dfa7S90AhtsT/Qmt
b7iPCNM20115OSY0HJoy9yRjgajQX+8VN9ISumgd6xHBL1Uf9Q4Jdv2vLKjvsOtT
y9oR+MfH0ksL0Qzj1iKOlGO3fhL4FrCXxUm6RGvQLMHHkKL0br89r2Xc4oaNhduS
Gutl1oI9zyh6foGo3tiP4IUCB9wP3z2ZbgOI7mFtCMmMP7lNt1jIYiZcTLbynWgL
rS+cza530F8eqPKqWFTW9X6m0OX2Mbh07ELU15dCzVHahaRPPfqAa6wx4W1SWnQZ
W/aHmUUeXAwA72GGlUVFjnER/T73WHQQimXRxtUhkG5x3f1yqOh5KAE1AaniJ1ky
tFz9U9NYmeRind7h524isZ5fCoi2aN4STOz2U5Kfe7wGDnVy5AMhdAgHil0C30Fa
RkRdEoXW4k/WtoTUSzweKZxpcy+l/PdpK/CYCRpZJfVoOfDbOss=
=lepc
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds