File _patchinfo of Package patchinfo.27788
<patchinfo incident="27788">
<issue tracker="bnc" id="1205916">Exception in thread "main" java.security.ProviderException: Initialization failed [ref:_00D1igLOd._5005qGK9S7:ref]</issue>
<issue tracker="bnc" id="1207248">VUL-0: CVE-2023-21843: java-openjdk: soundbank URL remote loading (Sound, 8293742)</issue>
<issue tracker="bnc" id="1207246">VUL-0: CVE-2023-21835: java-openjdk: handshake DoS attack against DTLS connections (JSSE, 8287411)</issue>
<issue tracker="cve" id="2023-21843"/>
<issue tracker="cve" id="2023-21835"/>
<packager>fstrba</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for java-17-openjdk</summary>
<description>This update for java-17-openjdk fixes the following issues:
Updated to version jdk-17.0.6.0+10:
- CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).
- CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).
Bugfixes:
- Avoid calling C_GetInfo() too early, before cryptoki is initialized (bsc#1205916).
</description>
</patchinfo>