it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5672-1] openjdk-17 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5672-1] openjdk-17 security update
Date: Mon, 22 Apr 2024 14:22:55 +0000
List-archive: https://lists.debian.org/msgid-search/ZiZyv22UlTX5wRpt AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=lpQvgLoOcj5fPMHfl4CNrrunTW5zI47YP+8iW/Jn7kk=; b=vm pRy8yBszi+ddYPJHBXbZnS235XqWQStRe3KslcGOUylmT2eBcGgy/mp5pVTivOb7TTRJU3NYojoH/ 6zkfuV59eUYwNi8u7Hlhchra4RcIYxHLw0xuTOgbPpOPoKp5Pb8KBCauIy8TX/O/oFDpsi0fLfoKR B+ER47Awug7oInkxfplDMYE93Q5b8XhXwxFv0MOHryU0cRI5PbUFrBRGwa5WpMF1QK2VWEVOeLsgE QPizRGMKGGFtm6SVy1FK5Leo05LOHjRK77HGn7cTmoImvfd/qpDpA1hR1I7zPGUSxyql80lscXzUd GivYx3bunhzek9WkBVz5JPb+eM2c8BWQ==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Mon, 22 Apr 2024 14:23:20 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <N4sa01XM4aN.A.VYB.YLnJmB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5672-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openjdk-17
CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.

For the oldstable distribution (bullseye), these problems have been fixed
in version 17.0.11+9-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 17.0.11+9-1~deb12u1.

We recommend that you upgrade your openjdk-17 packages.

For the detailed security status of openjdk-17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-17

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYmcqoACgkQEMKTtsN8
TjYjzw/+MwGuvMC25asTYdrFA08Ir85aJ3hj14N43NoquAO/i9NIZaGYv7sau1xp
boHiGg9QnDkXbV/5CGwsnRUNsvHrgC8t17Tjebh795s/v22Z+77pePTiaXC9Sj06
lnVaDYX/WWfCSJL2p5teKgzL032hN4Crmihkmg/wSvwSi8q4k/lIMBZFg2JfTZS3
buZiqaviUH0jJZUnbJYtlPasC9YNnCO9WAzHTC1TfLDS9ATLymCHAeBs0Heny2W1
V68xbN+nVsAa6+kwUZCU8wppwaE+Uvnc+SO4mra8PrhPdw//AiU8/ZplKH2fNYfA
lgkId/itLJKqlELvm7h8WhGvi4QvbDvB/QYveW8phYwWWeoHPOUGLqJZDbxk0w96
PjTDgiwHzkjMKSp+Y9Eb2XKrhz2l5poBPsKy8e0qkF+I+euALwoEPZs2YZ3jcIE6
l5RR00UiYPLZLfvZ93HQKjlo85QyjByruHWIxo3hrK1oFo71vMFsBXpafRP6qOre
txnkSd/i1yzeHTZmmyUnIF05G5EUVMTaRBrsCVTONA6rAK69+GQrWj87bkrhZEcu
vuuyoFiNDi4zEO09y70QbIyrPjc0bD7gKdvxKVlzTovdIYcU7paMIVdFmIliF4GQ
lkO5hWE+7aUZzr0JvD2TilUGUXRheqE0e6e3CbGZnNmCMi7doIQ=
=seiM
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5672-1] openjdk-17 security update, Moritz Muehlenhoff, 22.04.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.