File _patchinfo of Package patchinfo.25326

<patchinfo incident="25326">
  <issue tracker="cve" id="2022-21540"/>
  <issue tracker="cve" id="2022-34169"/>
  <issue tracker="cve" id="2022-21541"/>
  <issue tracker="bnc" id="1201694">VUL-0: CVE-2022-21540: java,openjdk: class compilation issue</issue>
  <issue tracker="bnc" id="1201692">VUL-0: CVE-2022-21541: java,openjdk: improper restriction of MethodHandle.invokeBasic()</issue>
  <issue tracker="bnc" id="1201684">VUL-0: CVE-2022-34169: java,openjdk: integer truncation issue in Xalan</issue>
  <issue tracker="bnc" id="1195163">JDK-8076190 Customizing the generation of a PKCS12 keystore</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openjdk</summary>
  <description>This update for java-1_8_0-openjdk fixes the following issues:

- Updated to version jdk8u345 (icedtea-3.24.0)
    - CVE-2022-21540: Fixed a potential Java sandbox bypass (bsc#1201694).
    - CVE-2022-21541: Fixed a potential Java sandbox bypass (bsc#1201692).
    - CVE-2022-34169: Fixed an issue where arbitrary bytecode could
      be executed via a malicious stylesheet (bsc#1201684).

- Non-security fixes:
    - Allowed for customization of PKCS12 keystores (bsc#1195163).
</description>
</patchinfo>