it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4779-1] openjdk-11 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4779-1] openjdk-11 security update
Date: Sun, 25 Oct 2020 10:14:25 +0000
List-archive: https://lists.debian.org/msgid-search/20201025101424.GA4910 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=m/WYDR7oACcayco3229B/JJAC6TzWx1sUOeAUyREIcY=; b=Kg TYKhBWSiRNYOekMxg2blyp3yqkCIIZZO7ZS5eZGoYUxvPaZLESIeT7ckfOZ4KBIpQoAjTW4MzxhMu 8mF+07wvK0ej4TiLFJSTFHY+MkRx/Du0+/Cm5ZQZeR6nUhpW19UqSgP99xaeD6hUgRUydodg00uIl pB/xPASAkvqnxNsjC+958HF03dIvvmFhBmYrBCgdHVV92A3qP3AmBdhd6BnYAaubfe99r359zaQSF KNilDTW2Myx3BaDFDG/rDQctpSmigpxetxL4CdscxqHC7EfTNBMQ9jpEjMfNFjN6kmHxnHxJIG7VI 5F3UdGGs/xXUQ12f1mENvMW5p4i8QuxA==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Sun, 25 Oct 2020 10:14:41 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <rvT0QozG2qB.A.50D.QAVlfB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4779-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 25, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openjdk-11
CVE ID : CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792
CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which could result in denial of service, information disclosure, bypass of
access/sandbox restrictions or the acceptance of untrusted certificates.

For the stable distribution (buster), these problems have been fixed in
version 11.0.9+11-1~deb10u1.

We recommend that you upgrade your openjdk-11 packages.

For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl+VT6wACgkQEMKTtsN8
TjYFdBAAgOJW0nEM2uttbtaYykt2/d10VmtXiYXUDz77lewWZCHBFsGidea7Ey1Z
j3YYa6ZQUuEJIFGnUK0uHvXS1g+bS9go9OZ1wrEcUR9SLomct7hrqqIlh/oT6cJQ
0MSFeJ8E8uZF/H2lDttz4HAqwyF0MGs1U4C6Ou5guv08vwKhfb2EzJ95X9n1zNk7
9xxA+s1EWSLUQmDAAcWZqkTrelKFIaHTSgUXJwQQIDHKiY7Eef77RU3OnrdTgLig
95vE/liSWFBTfcdvReJ7hG8y3DhNgVdJYwuDe9Azxc5TkRNLY/1LdUTI/FmoyLjP
ySazKokoeYI/YWahB00v2rCmJYvdKS+3fqvbRhsicXeNJNaqsWfQ6CSce4Z8EbUu
cVqDBKL+296ah15a0XIo68Oo0lYvQIx6dgK5/BBRhifLVzRaZWIEIk7itqY4jO67
SGLlzjiYciZdzNcNad5Ad7fG1s+l2ea9SBE8ycQ0hPgNBPrBLBh3dr1K84VOZkzZ
C4h/munp3VZ3/4bRijEiI5dkB8u7M307cqNWO8ArTmK+SZPwp0VNw2C1HZdHd+3Z
hCzDrP+YYszpzufZk1pDd1bXijb3Jsaw83W++u9iTHykUS1o7lLmtkbyJqcBJoOe
oXxWnG4wLK2DZ3/YGtAP/4FRl+LkHQZC9HldPYXdlV5X7Pl0gFw=
=48nH
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4779-1] openjdk-11 security update, Moritz Muehlenhoff, 25.10.2020

Archiv bereitgestellt durch MHonArc 2.6.19.