Headline
Debian Security Advisory 5671-1
Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Debian Security Advisory DSA-5671-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
Package : openjdk-11
CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085
CVE-2024-21094
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.
For the oldstable distribution (bullseye), these problems have been fixed
in version 11.0.23+9-1~deb11u1.
We recommend that you upgrade your openjdk-11 packages.
For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYmH9YACgkQEMKTtsN8
TjaKAA//fw8DPGbtJdWNqxvG+mFaHqdTCuy+kBfa63IJ2pdM0q8e4vI4QwwvKYks
dFsDL4u/wX9VKSUxcFyrX1lfP1gcZkFClVGDU2u/t4rbDCNpyRHRxxO7On9Q/EJ8
cRH7ncEi1BeSSMYgPAF2Bnm8KNDD4TRBH94MMpppAopPsesBsibP/8oNjjk2X2MT
Cdt0VZ+NH+lb93OW2bKyd0toU75I1/yuN4Xc4m+iUgDFnYLadkYBiUoyL/p2BMas
myXpEgxrdOj4x/yiOCi8LwIwFkB2BnQtjYfYKk5c1l4c40TaGzkYHHFTfTLYsq5i
LSzPRwMnysiHPZvVQTMaUQrGZRG1Qm6v5mrvSpLq8uiypz9gDTY1xmJ01U+iDnfl
lpBhqXjhHOdep3XOT0pbcHYtd4xuO2nxiNb0rv3NyfJfEUqe3y1gaa0GOuBPzKJV
jda9g4lzu0GLGxuQ+fHfPKjXMJRyeVisis1XxZ1kEcJIArOE+vOwngTwpQf1n0Pm
8gVGKmZm5pmbC/CQCy9gai6UBeaH13cIYxQylL6lD1kBjardVAB0C3u3jaNKGPlJ
Rqn2ZhV+XahLlK93D4bOEEg5eh4U5iNRG4OwiN/iIQmSoSUDcFRktLuEQQSwkQ+d
O5KAw8SwwpPgKwIM176O+xeCdkPPjWbBosnHmkrvfEmw3zWFRNY=
=i85/
-----END PGP SIGNATURE-----
Related news
Ubuntu Security Notice 6813-1 - It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 21 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.
Ubuntu Security Notice 6812-1 - It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 17 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.
Ubuntu Security Notice 6811-1 - It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 11 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.
Ubuntu Security Notice 6810-1 - It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 8 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.