Overview

File _patchinfo of Package patchinfo.27788

<patchinfo incident="27788">
  <issue tracker="bnc" id="1205916">Exception in thread "main" java.security.ProviderException: Initialization failed [ref:_00D1igLOd._5005qGK9S7:ref]</issue>
  <issue tracker="bnc" id="1207248">VUL-0: CVE-2023-21843: java-openjdk: soundbank URL remote loading (Sound, 8293742)</issue>
  <issue tracker="bnc" id="1207246">VUL-0: CVE-2023-21835: java-openjdk: handshake DoS attack against DTLS connections (JSSE, 8287411)</issue>
  <issue tracker="cve" id="2023-21843"/>
  <issue tracker="cve" id="2023-21835"/>
  <packager>fstrba</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for java-17-openjdk</summary>
  <description>This update for java-17-openjdk fixes the following issues:

  Updated to version jdk-17.0.6.0+10:

  - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).
  - CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).

  Bugfixes:

  - Avoid calling C_GetInfo() too early, before cryptoki is initialized (bsc#1205916).

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places