Headline
Debian Security Advisory 5794-1
Debian Linux Security Advisory 5794-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5794-1 [email protected]://www.debian.org/security/ Moritz MuehlenhoffOctober 21, 2024 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : openjdk-17CVE ID : CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235Several vulnerabilities have been discovered in the OpenJDK Java runtime,which may result in denial of service or information disclosure.For the stable distribution (bookworm), these problems have been fixed inversion 17.0.13+11-2~deb12u1.We recommend that you upgrade your openjdk-17 packages.For the detailed security status of openjdk-17 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openjdk-17Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmcWmOcACgkQEMKTtsN8TjYeZw/7BTQ3D6sDygG5LotB4JCo8QMyG1rx0XgX9dAgK4Xw0sp9jnYS2iebp8RhlbIDht+jchjLpbEPnzx11JM2b3e/x3JO1QRUSEDkTnQhuynR4wj7WKLXY4l36zkzG/73g9Tq/EM5t8vjuMWFFcsEIJ5c0erHaw/X5lAr9Gg0vs8LrLYyqOMod8Z8AZJpbKNJpGEDUu/i1lASkDnjJAl5+ybPG5xN++Ax+FvPhmlQKu39rVKrX140+LIkFcGJdLh+RMbLU66ryDR2rQQSgeDeZYZln5gsbykzRbfeZZil4bF0+aT3FCY0/nOA0aA82nrE9S6VU6kdxWyS/KTzRsVUw8IsIW/9KyD3hAGvEbHiD4hG/YrABOFdg4rvUPLnaBU6i+LnyrdcayoFP6cp72KiBOQxn4nUzUqhqynKatZ5ixZfgboaTFKBr2WxazoWTzrefjyH30GEeQ0dWFc2ujcOlMZSag9VdfgIoVg+F2l20UbmKnYtZGSXm5rD2ocG5l7gTb8uDcZO3P1HXGmrD7A8NLy9aRPT/dmNDLnAo8se61O4ctirgNQ3dIpwzeIEyjPNysY0lON5+7EE7XToW2C7dSYjHSVCNTqE+heRE66p7hDBxyeuhxhBK+Bd7DcAT97Kkp1BOZ0XSn9YjQ9zdyzQneOxMK7CbM6/PIETqGsY6aTIptI==PgDB-----END PGP SIGNATURE-----
Related news
Ubuntu Security Notice 7099-1 - Andy Boothe discovered that the Networking component of OpenJDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 21 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information.
Ubuntu Security Notice 7098-1 - Andy Boothe discovered that the Networking component of OpenJDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 17 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information.
Ubuntu Security Notice 7096-1 - Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 8 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information.
Red Hat Security Advisory 2024-8116-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8116-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8116-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8116-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8128-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8128-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8128-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8126-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8125-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8125-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8125-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8125-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8123-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8123-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8123-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8123-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8122-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8122-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8122-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8122-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.