Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
patchinfo.28559
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.28559
<patchinfo incident="28559"> <issue tracker="bnc" id="1207248">VUL-0: CVE-2023-21843: java-openjdk: soundbank URL remote loading (Sound, 8293742)</issue> <issue tracker="bnc" id="1207249">VUL-0: CVE-2023-21830: java-openjdk: improper restrictions in CORBA deserialization (Serialization, 8285021)</issue> <issue tracker="bnc" id="1208480">VUL-0: java-1_8_0-ibm: Oracle January 2023 CPU</issue> <issue tracker="bnc" id="1207246">VUL-0: CVE-2023-21835: java-openjdk: handshake DoS attack against DTLS connections (JSSE, 8287411)</issue> <issue tracker="cve" id="2022-21426"/> <issue tracker="cve" id="2023-21835"/> <issue tracker="cve" id="2023-21830"/> <issue tracker="cve" id="2023-21843"/> <packager>pmonrealgonzalez</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for java-1_8_0-ibm</summary> <description>This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 8 (bsc#1208480): * Security fixes: - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization (bsc#1207249). - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246). - CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248). * New Features/Enhancements: - Add RSA-PSS signature to IBMJCECCA. * Defect Fixes: - IJ45437 Service, Build, Packaging and Deliver: Getting FIPSRUNTIMEEXCEPTION when calling java code: MESSAGEDIGEST.GETINSTANCE("SHA256", "IBMJCEFIPS"); in MAC - IJ45272 Class Libraries: Fix security vulnerability CVE-2023-21843 - IJ45280 Class Libraries: Update timezone information to the latest TZDATA2022F - IJ44896 Class Libraries: Update timezone information to the latest TZDATA2022G - IJ45436 Java Virtual Machine: Stack walking code gets into endless loop, hanging the application - IJ44079 Java Virtual Machine: When -DFILE.ENCODING is specified multiple times on the same command line the first option takes precedence instead of the last - IJ44532 JIT Compiler: Java JIT: Crash in DECREFERENCECOUNT() due to a NULL pointer - IJ44596 JIT Compiler: Java JIT: Invalid hard-coding of static final field object properties - IJ44107 JIT Compiler: JIT publishes new object reference to other threads without executing a memory flush - IX90193 ORB: Fix security vulnerability CVE-2023-21830 - IJ44267 Security: 8273553: SSLENGINEIMPL.CLOSEINBOUND also has similar error of JDK-8253368 - IJ45148 Security: code changes for tech preview - IJ44621 Security: Computing Diffie-Hellman secret repeatedly, using IBMJCEPLUS, causes a small memory leak - IJ44172 Security: Disable SHA-1 signed jars for EA - IJ44040 Security: Generating Diffie-Hellman key pairs repeatedly, using IBMJCEPLUS, Causes a small memory leak - IJ45200 Security: IBMJCEPLUS provider, during CHACHA20-POLY1305 crypto operations, incorrectly throws an ILLEGALSTATEEXCEPTION - IJ45182 Security: IBMJCEPLUS provider fails in RSAPSS and ECDSA during signature operations resulting in Java cores - IJ45201 Security: IBMJCEPLUS provider failures (two) with AESGCM algorithm - IJ45202 Security: KEYTOOL NPE if signing certificate does not contain a SUBJECTKEYIDENTIFIER extension - IJ44075 Security: PKCS11KEYSTORE.JAVA - DOESPUBLICKEYMATCHPRIVATEKEY() method uses SHA1XXXX signature algorithms to match private and public keys - IJ45203 Security: RSAPSS multiple names for KEYTYPE - IJ43920 Security: The PKCS12 keystore update and the PBES2 support - IJ40002 XML: Fix security vulnerability CVE-2022-21426 </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor