java-17-openjdk-17.0.2.0.8-4.el8

エラータID: AXSA:2022-2986:01

Release date: 
Wednesday, January 19, 2022 - 15:19
Subject: 
java-17-openjdk-17.0.2.0.8-4.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and
the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

OpenJDK: Incomplete deserialization class filtering in ObjectInputStream
(Serialization, 8264934) (CVE-2022-21248)
OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO,
8270952) (CVE-2022-21277)
OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)
(CVE-2022-21282)
OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813)
(CVE-2022-21283)
OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)
(CVE-2022-21291)
OpenJDK: Incomplete checks of StringBuffer and StringBuilder during
deserialization (Libraries, 8270392) (CVE-2022-21293)
OpenJDK: Incorrect IdentityHashMap size checks during deserialization
(Libraries, 8270416) (CVE-2022-21294)
OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)
(CVE-2022-21296)
OpenJDK: Infinite loop related to incorrect handling of newlines in
XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)
OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
(CVE-2022-21305)
OpenJDK: Excessive resource use when reading JAR manifest attributes
(Libraries, 8272026) (CVE-2022-21340)
OpenJDK: Insufficient checks when deserializing exceptions in
ObjectInputStream (Serialization, 8272236) (CVE-2022-21341)
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
(CVE-2022-21360)
OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
(CVE-2022-21365)
OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)
(CVE-2022-21366)

For more details about the security issues and their impact, the CVSS score,
acknowledgements, and other related information, see the CVE pages listed in the
References section.

CVE(s):
CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. java-17-openjdk-17.0.2.0.8-4.el8.src.rpm
    MD5: 54ec47476191781fe9ff8473fb3f0456
    SHA-256: fd361b9e5a53cc29dca52564884f1639f9b302df60e2d1616a0e330a82c52916
    Size: 61.18 MB

Asianux Server 8 for x86_64
  1. java-17-openjdk-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 86401a7882a8eab20e2de4f2470a1440
    SHA-256: 840b987e694b66724de493097497d9ce34330d63eb245176896db4fc68dc4ab9
    Size: 244.28 kB
  2. java-17-openjdk-demo-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 80e4c3a5ee21270a3ba94493cfe006b7
    SHA-256: 5a3d21c5b13ab3fd222dcf9b9e9bb934cd9e17049ffcc0392cb11ab94e37df79
    Size: 4.29 MB
  3. java-17-openjdk-devel-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: a86fd165a8a1d916952e7e5489ff134b
    SHA-256: 93c713ef36f3e4afd91b037b8137f644821e7b6b4963a89c9b11a962d4063723
    Size: 5.09 MB
  4. java-17-openjdk-headless-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 207c5021041b2a3aedbd0cc1f3ee8e34
    SHA-256: 6dd3913a3cd8f6e0eac7998238afeaea3e8d388c54c9d1c0f395eda1fcad44a3
    Size: 41.10 MB
  5. java-17-openjdk-javadoc-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 2178afa4d5a91ecda8e7d10cd468c0aa
    SHA-256: 7fa6a3c2b6014c07ffcf8166046db8551c87d2142b0017aff6e5f7e9111d1101
    Size: 15.98 MB
  6. java-17-openjdk-javadoc-zip-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 849cf0f324268f80fce1b275977e707a
    SHA-256: 6e1fa7f6b83721c4c0a9b2b22e136384c7bcfc464d5dc3a1537c15d4eba0c048
    Size: 40.36 MB
  7. java-17-openjdk-jmods-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: ed265ab364041fb1dcb078f71bc75cda
    SHA-256: 2942fadf5eca0c6372021da9c7426d4beca957ce0f9b69f98eb5bc10072d9dde
    Size: 238.52 MB
  8. java-17-openjdk-src-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 3f95370599db889facc7b1d08b00774e
    SHA-256: 96e429f2651d4f6fd13178b3ca4f65df1c04c40e1bb4844f33a5233bc7d72d47
    Size: 45.29 MB
  9. java-17-openjdk-static-libs-17.0.2.0.8-4.el8.x86_64.rpm
    MD5: 2136c2d1098bafc3bfc8dfaa6c29e013
    SHA-256: 552c63639e20a356a12529f36e3d004f9c804827efca98d52296b320bbf89c23
    Size: 26.16 MB