Overview

File _patchinfo of Package patchinfo.31144

<patchinfo incident="31144">
  <issue tracker="cve" id="2023-22025"/>
  <issue tracker="cve" id="2023-22081"/>
  <issue tracker="bnc" id="1216374">VUL-0: CVE-2023-22081: java-1_8_0-openjdk,java-9-openjdk,java-10-openjdk,java-11-openjdk,java-17-openjdk: Oracle October 2023 CPU</issue>
  <issue tracker="bnc" id="1214790">release-notes-sles failed to build for i586 with new glibc</issue>
  <issue tracker="bnc" id="1216339">VUL-0: CVE-2023-22025: java-17-openjdk, java-21-openjdk: memory corruption issue on x86_64 with AVX-512</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-17-openjdk</summary>
  <description>This update for java-17-openjdk fixes the following issues:

- Updated to JDK 17.0.9+9 (October 2023 CPU):

  - CVE-2023-22081: Fixed a partial denial of service issue that could
    be triggered via HTTPS (bsc#1216374).
  - CVE-2023-22025: Fixed a memory corruption issue in applications
    using AVX-512 (bsc#1216339).

Please visit the Oracle Release Notes page for the full changelog:

https://www.oracle.com/java/technologies/javase/17all-relnotes.html
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places