it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5537-1] openjdk-11 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5537-1] openjdk-11 security update
Date: Fri, 27 Oct 2023 16:12:53 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/ZTvhhdb/ZT+q9oN9 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=bE/6+cxmtx+Y+uG6LkZVHWl9sOfEbskvWAfQ3ers4lE=; b=Gj deC0WbO16NbKbCN33rxfXYzvRhh+hDTsvjyJ5SmAiMo39h2RpE2XG71C9PU5lV7dUmqzn6yh6rLQB kCkveB/yZ+z9fbRh+8S3eC7DHBVKBoTUqD8XMaE18uDjnrVhgmzKp3QC+gZ+0J5D3VHbV+6sxAwtN 6MYfrqqu2qar55dUvnKuNIsCBaO6DOJ5ZyiMpRAfA/JolLvic6PmSwVsLfA/32500PRQK/QDvl92V XWSbSlBsPiW26oBQPgF2iao69QwUFYofs1SGi/xN6Xa0fUD5KCvXyfL4QJKGOBUcmC+8Ek2LBwU4I 3jKbK8jbzf2azVGrRBSvBF7Eg3iOBE4Q==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 27 Oct 2023 16:13:19 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <NEw11YXw0UP.A.OIH.fG-OlB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5537-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 27, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openjdk-11
CVE ID : CVE-2023-22067 CVE-2023-22081

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in bypass of sandbox restrictions or denial of service.

For the oldstable distribution (bullseye), these problems have been fixed
in version 11.0.21+9-1~deb11u1.

We recommend that you upgrade your openjdk-11 packages.

For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmU74DgACgkQEMKTtsN8
Tjbrug/+K+/T0ydiyOhIQ/4s4rrQr2YBx0miVGaBTFjuAEw/YduTbIT4eLsJsWOZ
eQ2dg2ZkIFtW1Ngs7QUaA7WgAjgAu7tnW90rZYFiQalcxPlwAmnSWZSYM9SSaW9p
/AHARm8uSQ0YKjlnskCEDVXODVggzOQLpvVF2oA8MA+1Rtb6hnl1W4u+IDXvhXCZ
zniKheuAe/G9iz0nY8wHgEVNfIc1KO+MKFyD8Z655kH8qgGuMcyORGYDFDX4l6lu
orc/dA15dr90pokg0TD/2L2dIbkEsj0zOePzU6yZsYTBgQ878Y8gdJnCirpSS/Za
CKWAOSX+fARW+wVUsscvpUh/TcDyHEKh8EjA05ahaiqp6/gvScz8H9rbebYw32gl
FEu89JMgfDLAI137YLqkfOWhLIKvCzZ+u+drpg7Hf0yjDU0dPWWzc0KHd/asClDx
yec5N5zlDCI7eGvY2zxH0TsGqiyed2GVTPi1TR3FWRRvlCC1uKiZF9vdmQZTubDz
qpjR7gGbVIyGfn6lYDOxqhOTq7ftoJ3+BjCBxuaxZmHBtw2QzQCb8pJalQj1D2Ig
qsMBAt92pdD+3DyXjEYnFHNRr330uDiVg2ZeadatRkm+VwiI+pJGwkl+1Xrom1Mg
2SQkeNtiY5IO3lGAjIhU8b0TkbrgdMoM3j0zI4dQkX8+BRV5YKM=
=UEly
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5537-1] openjdk-11 security update, Moritz Muehlenhoff, 27.10.2023

Archiv bereitgestellt durch MHonArc 2.6.24.