File _patchinfo of Package patchinfo.35472

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.35472

<patchinfo incident="35472">
  <issue tracker="cve" id="2024-21145"/>
  <issue tracker="cve" id="2024-21147"/>
  <issue tracker="cve" id="2024-21131"/>
  <issue tracker="cve" id="2024-21140"/>
  <issue tracker="cve" id="2024-21138"/>
  <issue tracker="cve" id="2024-21144"/>
  <issue tracker="bnc" id="1228050">VUL-0: CVE-2024-21144: java-*-openjdk,java-*-ibm: OpenJDK: Pack200 increase loading time due to improper header validation</issue>
  <issue tracker="bnc" id="1228047">VUL-0: CVE-2024-21138:  java-*-openjdk,java-*-ibm: OpenJDK: Excessive symbol length can lead to infinite loop</issue>
  <issue tracker="bnc" id="1228048">VUL-0: CVE-2024-21140: java-*-openjdk,java-*-ibm: OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow</issue>
  <issue tracker="bnc" id="1228051">VUL-0: CVE-2024-21145: java-*-openjdk,java-*-ibm: OpenJDK: Out-of-bounds access in 2D image handling</issue>
  <issue tracker="bnc" id="1228052">VUL-0: CVE-2024-21147: java-*-openjdk,java-*-ibm: OpenJDK: RangeCheckElimination array index overflow</issue>
  <issue tracker="bnc" id="1228046">VUL-0: CVE-2024-21131: java-*-openjdk,java-*-ibm: OpenJDK: potential UTF8 size overflow</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openj9</summary>
  <description>This update for java-1_8_0-openj9 fixes the following issues:

- Update to OpenJDK 8u422 build 05 with OpenJ9 0.46.0 virtual machine
- CVE-2024-21147: Fixed an array index overflow in RangeCheckElimination. (bsc#1228052)
- CVE-2024-21145: Fixed an out-of-bounds access in 2D image handling. (bsc#1228051)
- CVE-2024-21140: Fixed a range check elimination pre-loop limit overflow. (bsc#1228048)
- CVE-2024-21144: Pack200 increase loading time due to improper header validation. (bsc#1228050)
- CVE-2024-21138: Fixed an issue where excessive symbol length can lead to infinite loop. (bsc#1228047)
- CVE-2024-21131: Fixed a potential UTF8 size overflow. (bsc#1228046)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.35472

Places