it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4734-1] openjdk-11 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4734-1] openjdk-11 security update
Date: Sun, 26 Jul 2020 19:58:03 +0000
List-archive: https://lists.debian.org/msgid-search/20200726195803.GA27451 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=z8M+FkDY/yy8q1NXgtlfGZyOW9vrriLXa5bNu6bw2Mc=; b=iL pFYEoRnSTxNwlu0hQAoNPLF943IOWqJM8BINau4X5wKih3mvlNqIoQnpnM0zQCkTsVSRvTNtJnwHK P9pZ+6CQc5X2yxjANO3gC4Jz1TLgSA1T5nfAMcdas/yBcaZUt1ripU3qaZeBlFHk97geSdigd7b7q NxTyLx3M3tBBnBD/TbptmPsKxhtr7h1RmtrB1UbOjBKWhe7I8diwiAvmI17WdrDnDyU+WTIWwcNaB qa2MuLhdgsLm/EysNUMvS6LXWvRfyeXGyTz4KKksLNw71WedrTCKMKZeJYP3JB/XqejOewK1x3Knb /SWp29kbROZRYXyEob0odhYuWLR8M7oA==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Sun, 26 Jul 2020 19:58:19 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <XvmCJFWtpsH.A.SEC.bBeHfB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4734-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 26, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openjdk-11
CVE ID : CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577
CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583
CVE-2020-14593 CVE-2020-14621

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in denial of service, bypass of access/sandbox restrictions or
information disclosure.

For the stable distribution (buster), these problems have been fixed in
version 11.0.8+10-1~deb10u1.

We recommend that you upgrade your openjdk-11 packages.

For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8d36kACgkQEMKTtsN8
TjYPxhAAwEQo33HueV7ah4XwJn0gvZgxnsM4aceTTUuWcM8Nqg0nb6EAkTkgZBCA
74ChnY+XQbL8oi6yytyZPokYPiho2jqutDE7+2azMpObxN50fja4iTD9Wf/Djg1x
YfNpUq3Dd+gw134JFHonqPFens76Rox/Aoj/jbnLPKH41+TdgNIDqBeRq1NjGC6b
Xa5trVS9KvWRWIcirupAIC9S3Kqrk5+i1Nt8avpa2/LJbeIWpzD8HeSIxocvqhTH
cKKnxfazYWcnWmV2ElJcs9NbpUIneRXgdjffZpRSOChdl3RFxvv85ugjIspWwOta
HbM/CQJgHDI7/SoUXlUTtaArGv7WFa7dwHIMlOBIu653vQw2Q6rMsb3K9C/fnRyv
wxriWNVZVQG29UTLi1qBa0LnQitOZO6CDaLEeUcy7VF2V/HXb+PV92u+Np+X15qK
txQIL19m3Cx7LmCcGllBUcUmHxMVkfh8e/AO/yIGLxMy+k/WRWIjk9AaGrCUcg71
uFeEw5ebTD3aTfrEtVNzah0shLT2t3eTdQzY3lR7I5LB/Zgy/O/MVIrVdxa7oQDP
Zz0aMSq9pkyxaK0hb0V0MqBmpPm88WvAlSfdMaNvu0Zs/iH6HsnTCuUIijcrrcS/
1Rw3khyHJUX5XocEiGxYI4qE7iPBK1GvX0N6aCIGZSdAET+ZNHY=
=MH8c
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4734-1] openjdk-11 security update, Moritz Muehlenhoff, 26.07.2020

Archiv bereitgestellt durch MHonArc 2.6.19.