RedHat has issued several advisories: https://access.redhat.com/errata/RHSA-2023:4178 (java-1.8.0-openjdk) https://access.redhat.com/errata/RHBA-2023:4374 (java-11-openjdk) https://access.redhat.com/errata/RHSA-2023:4169 (java-17-openjdk) Corresponding Oracle CPUs: https://www.oracle.com/security-alerts/cpujul2023.html#AppendixJAVA
CC: (none) => nicolas.salgueroSource RPM: (none) => java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk
Assignee: bugsquad => nicolas.salguero
Whiteboard: (none) => MGA9TOO, MGA8TOO
*** Bug 31090 has been marked as a duplicate of this bug. ***
Suggested advisory: ======================== The updated packages fix security vulnerabilities and a file conflict : Improper connection handling during TLS handshake. (CVE-2023-21930) Incorrect enqueue of references in garbage collector. (CVE-2023-21954) Certificate validation issue in TLS session negotiation. (CVE-2023-21967) Swing HTML parsing issue. (CVE-2023-21939) Incorrect handling of NULL characters in ProcessBuilder. (CVE-2023-21938) Missing string checks for NULL characters. (CVE-2023-21937) Missing check for slash characters in URI-to-path conversion. (CVE-2023-21968) Array indexing integer overflow issue. (CVE-2023-22045) Improper handling of slash characters in URI-to-path conversion. (CVE-2023-22049) O(n^2) growth via consecutive marks. (CVE-2023-25193) HTTP client insufficient file name validation. (CVE-2023-22006) ZIP file parsing infinite loop. (CVE-2023-22036) Modulo operator array indexing issue. (CVE-2023-22044) Weakness in AES implementation. (CVE-2023-22041) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25193 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041 https://access.redhat.com/errata/RHSA-2023:1904 https://access.redhat.com/errata/RHSA-2023:1880 https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixJAVA https://access.redhat.com/errata/RHSA-2023:4178 https://access.redhat.com/errata/RHBA-2023:4374 https://access.redhat.com/errata/RHSA-2023:4169 https://www.oracle.com/security-alerts/cpujul2023.html#AppendixJAVA ======================== Updated packages in 8/core/updates_testing: ======================== java-1.8.0-openjdk-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-demo-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-devel-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-headless-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-devel-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-devel-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-openjfx-devel-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-src-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-1.mga8 java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-1.mga8 java-11-openjdk-11.0.20.0.8-1.mga8 java-11-openjdk-debugsource-11.0.20.0.8-1.mga8 java-11-openjdk-demo-11.0.20.0.8-1.mga8 java-11-openjdk-demo-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-demo-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-devel-11.0.20.0.8-1.mga8 java-11-openjdk-devel-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-devel-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-javadoc-11.0.20.0.8-1.mga8 java-11-openjdk-javadoc-zip-11.0.20.0.8-1.mga8 java-11-openjdk-jmods-11.0.20.0.8-1.mga8 java-11-openjdk-jmods-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-jmods-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-headless-11.0.20.0.8-1.mga8 java-11-openjdk-headless-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-headless-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-src-11.0.20.0.8-1.mga8 java-11-openjdk-src-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-src-slowdebug-11.0.20.0.8-1.mga8 java-11-openjdk-static-libs-11.0.20.0.8-1.mga8 java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-1.mga8 java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-1.mga8 openjfx-11.0.9.2-4.mga8 openjfx-devel-11.0.9.2-4.mga8 from SRPMS: java-1.8.0-openjdk-1.8.0.382.b05-1.mga8.src.rpm java-11-openjdk-11.0.20.0.8-1.mga8.src.rpm openjfx-11.0.9.2-4.mga8.src.rpm Updated packages in 9/core/updates_testing: ======================== java-1.8.0-openjdk-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-debugsource-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-demo-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-devel-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-headless-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-devel-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-devel-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-openjfx-devel-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-src-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-1.mga9 java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-1.mga9 java-11-openjdk-11.0.20.0.8-1.mga9 java-11-openjdk-debugsource-11.0.20.0.8-1.mga9 java-11-openjdk-demo-11.0.20.0.8-1.mga9 java-11-openjdk-demo-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-demo-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-devel-11.0.20.0.8-1.mga9 java-11-openjdk-devel-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-devel-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-javadoc-11.0.20.0.8-1.mga9 java-11-openjdk-javadoc-zip-11.0.20.0.8-1.mga9 java-11-openjdk-jmods-11.0.20.0.8-1.mga9 java-11-openjdk-jmods-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-jmods-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-headless-11.0.20.0.8-1.mga9 java-11-openjdk-headless-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-headless-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-src-11.0.20.0.8-1.mga9 java-11-openjdk-src-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-src-slowdebug-11.0.20.0.8-1.mga9 java-11-openjdk-static-libs-11.0.20.0.8-1.mga9 java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-1.mga9 java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-1.mga9 java-17-openjdk-17.0.8.0.7-1.mga9 java-17-openjdk-demo-17.0.8.0.7-1.mga9 java-17-openjdk-demo-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-demo-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-devel-17.0.8.0.7-1.mga9 java-17-openjdk-devel-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-devel-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-headless-17.0.8.0.7-1.mga9 java-17-openjdk-headless-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-headless-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-javadoc-17.0.8.0.7-1.mga9 java-17-openjdk-javadoc-zip-17.0.8.0.7-1.mga9 java-17-openjdk-jmods-17.0.8.0.7-1.mga9 java-17-openjdk-jmods-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-jmods-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-src-17.0.8.0.7-1.mga9 java-17-openjdk-src-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-src-slowdebug-17.0.8.0.7-1.mga9 java-17-openjdk-static-libs-17.0.8.0.7-1.mga9 java-17-openjdk-static-libs-fastdebug-17.0.8.0.7-1.mga9 java-17-openjdk-static-libs-slowdebug-17.0.8.0.7-1.mga9 java-latest-openjdk-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-demo-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-demo-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-demo-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-devel-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-devel-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-devel-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-headless-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-headless-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-headless-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-javadoc-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-javadoc-zip-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-jmods-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-jmods-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-jmods-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-src-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-src-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-src-slowdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-static-libs-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-static-libs-fastdebug-20.0.2.0.9-1.rolling.2.mga9 java-latest-openjdk-static-libs-slowdebug-20.0.2.0.9-1.rolling.2.mga9 from SRPMS: java-1.8.0-openjdk-1.8.0.382.b05-1.mga9.src.rpm java-11-openjdk-11.0.20.0.8-1.mga9.src.rpm java-17-openjdk-17.0.8.0.7-1.mga9.src.rpm java-latest-openjdk-20.0.2.0.9-1.rolling.2.mga9.src.rpm
Whiteboard: MGA9TOO, MGA8TOO => MGA8TOOVersion: Cauldron => 9Status: NEW => ASSIGNEDAssignee: nicolas.salguero => qa-bugs
CC: (none) => mageia
mga9-64 mini test OK: Updated the java packages my workstation have to: java-1.8.0-openjdk-1:1.8.0.382.b05-1.mga9.x86_64 java-1.8.0-openjdk-headless-1:1.8.0.382.b05-1.mga9.x86_64 java-17-openjdk-1:17.0.8.0.7-1.mga9.x86_64 java-17-openjdk-headless-1:17.0.8.0.7-1.mga9.x86_64 My old java based invoicing & book-keeping application FriBOK still works :) Will report any issues.
CC: (none) => fri
MGA8-64 Xfce on Acer Aspire 5253 No installation issues, installing everything except the debug packages. Ref bug 30401 for tests $ java -version openjdk version "11.0.20" 2023-07-18 LTS OpenJDK Runtime Environment 18.9 (build 11.0.20+8-LTS) OpenJDK 64-Bit Server VM 18.9 (build 11.0.20+8-LTS, mixed mode, sharing) $ javac -version javac 11.0.20 $ javac -cp . Helloworldnojfx.java $ java -cp . Helloworldnojfx Hello World! and corresponding pop-up window appears. Checked LO Base is running correctly with my odb application: all works OK. In view of this and Morgan's input OK'ing.
Whiteboard: MGA8TOO => MGA8TOO MGA8-64-OKCC: (none) => herman.viaene
The following 16 packages are going to be installed: - java-latest-openjdk-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-demo-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-demo-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-devel-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-devel-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-headless-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-headless-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-javadoc-zip-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-jmods-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-jmods-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-static-libs-20.0.2.0.9-1.rolling.2.mga9.i586 - java-latest-openjdk-static-libs-slowdebug-20.0.2.0.9-1.rolling.2.mga9.i586 - x11-font-bitstream-type1-1.0.3-10.mga9.noarch - x11-font-type1-1.0.0-17.mga9.noarch - x11-font-xfree86-type1-1.0.4-10.mga9.noarch 1.1GB of additional disk space will be used. rebooted not quite what I expected: [brian@localhost ~]$ java -version openjdk version "17.0.7" 2023-04-18 LTS OpenJDK Runtime Environment 21.9 (build 17.0.7+7-LTS) OpenJDK Server VM 21.9 (build 17.0.7+7-LTS, mixed mode, sharing) [brian@localhost ~]$ javac -version javac 20.0.2 [brian@localhost ~]$ # urpmi java-latest-openjdk Package java-latest-openjdk-20.0.2.0.9-1.rolling.2.mga9.i586 is already installed okay - java17 is linked to libreoffice. uninstalled 17 uninstalls libreoffice [brian@localhost ~]$ java -version openjdk version "20.0.2" 2023-07-18 LTS OpenJDK Runtime Environment 22.3 (build 20.0.2+9-LTS) OpenJDK Server VM 22.3 (build 20.0.2+9-LTS, mixed mode, sharing) [brian@localhost ~]$ javac -version javac 20.0.2 [brian@localhost ~]$ installing libreoffice brings back 17 I went ahead and compiled a tiny helloworld program using SWING It worked. Approving.
Whiteboard: MGA8TOO MGA8-64-OK => MGA8TOO MGA8-64-OK MGA9-32-OKCC: (none) => brtians1
Adding a MGA9-64 OK based on comment 3. Validating. Advisory in comment 2.
Keywords: (none) => validated_updateWhiteboard: MGA8TOO MGA8-64-OK MGA9-32-OK => MGA8TOO MGA8-64-OK MGA9-32-OK MGA9-64-OKCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => marja11
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0272.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED