Overview

File _patchinfo of Package patchinfo.31627

<patchinfo incident="31627">
  <issue tracker="cve" id="2023-22067"/>
  <issue tracker="cve" id="2023-22081"/>
  <issue tracker="cve" id="2023-5676"/>
  <issue tracker="bnc" id="1217214">VUL-0: CVE-2023-5676: java-1_8_0-openj9: receiving a signal before initialization may lead to an infinite loop or unexpected crash</issue>
  <issue tracker="bnc" id="1216374">VUL-0: CVE-2023-22081: java-1_8_0-openjdk,java-9-openjdk,java-10-openjdk,java-11-openjdk,java-17-openjdk: Oracle October 2023 CPU</issue>
  <issue tracker="bnc" id="1216379">VUL-0: CVE-2023-22067: java-1_8_0-openjdk: IOR deserialization issue in CORBA</issue>
  <packager>fstrba</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openj9</summary>
  <description>This update for java-1_8_0-openj9 fixes the following issues:

Update to OpenJDK 8u392 build 08 with OpenJ9 0.41.0 virtual machine

- CVE-2023-22067: Fixed an IOR deserialization issue in CORBA (bsc#1216379).
- CVE-2023-22081: Fixed a certificate path validation issue during client authentication (bsc#1216374).
- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places