ALSA-2021:4135

[ALSA-2021:4135] Important: java-17-openjdk security update

Type:

security

Severity:

important

Release date:

2021-11-12

Description:

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

* OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567)

* OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556)

* OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559)

* OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561)

* OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564)

* OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578)

* OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586)

* OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
x86_64	java-17-openjdk-jmods-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	0846f6a5d60c62bdcfb0bd7eb3c05edc4ebc65b44c4f2d8eddd8e6150dcb758d
x86_64	java-17-openjdk-demo-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	0e7c6ad6427f286e8f6ce37a55381ed808aba13fdea97cf15d6a241ade27fa72
x86_64	java-17-openjdk-javadoc-17.0.1.0.12-2.el8_5.x86_64.rpm	26295c90566b00241e40373fd22e0750cb9e3955e87a460b74e74fd2f21cb805
x86_64	java-17-openjdk-static-libs-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	288b171b173dde0a9a85b85413b9b757a58cbd43b019433daf690f167df94441
x86_64	java-17-openjdk-src-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	3aed74936a340fbce07da89667c407525bdc3668526099d4a280305765cd66d7
x86_64	java-17-openjdk-jmods-17.0.1.0.12-2.el8_5.x86_64.rpm	40e9833656c340d9548d46084b1189054d1ab223b8d371b4bf11fac206c2559d
x86_64	java-17-openjdk-headless-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	4799ef48dc51b40c4d2cce48ab2ed206928d1a31e522c052b5adf9fbcb65303f
x86_64	java-17-openjdk-17.0.1.0.12-2.el8_5.x86_64.rpm	4bf883314014f62070f4fcde87a8fdd0354a1fb54a4a85117c0a2ee401348a46
x86_64	java-17-openjdk-javadoc-zip-17.0.1.0.12-2.el8_5.x86_64.rpm	5a1c935efce4b71db9610b0ee3d9f5237002fe06359d7f259ac2542a4d91239c
x86_64	java-17-openjdk-headless-17.0.1.0.12-2.el8_5.x86_64.rpm	60a862ef828d56f43626a83226c4efb3e406b5d9e7466d3b24bd6cc51439fed6
x86_64	java-17-openjdk-jmods-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	6f2da09fb2f9fd0d7f75c281d0c644a0df32b8877be4266836eb2050c0dd880f
x86_64	java-17-openjdk-headless-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	703937e6d9d8c4a6f5a1274b0aba6837eb2aea71f40a729ebc17d359bcca804c
x86_64	java-17-openjdk-src-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	928324ecb5dacc8423d3bfdf9d57de7d99bc43b17d833ba1bf4c9b5c4daa1370
x86_64	java-17-openjdk-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	9be3b1088ce651e557757b85b08eeca521486d41f81007eb0927d456e512ccf5
x86_64	java-17-openjdk-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	b12e40f95bb0fc93c1eedaf2d712ba456b64c37b3c9fe6709ee6821bbe0b0083
x86_64	java-17-openjdk-src-17.0.1.0.12-2.el8_5.x86_64.rpm	b5b7cb700f7b1b5002d48a2b0e7a4411d327f8d34b1c5d16007f74ac03b2cc18
x86_64	java-17-openjdk-devel-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	b7c26009353d8c55cf0627c120d61b390a04f2a64f03080bf4275a53125ce1aa
x86_64	java-17-openjdk-static-libs-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	c78f7922bd48c72388ebae471bac8ce83dc44347406d5643835e77ceb26dd5c6
x86_64	java-17-openjdk-demo-17.0.1.0.12-2.el8_5.x86_64.rpm	dcb7f0e9849dadbb7cd5851db557a53fd47f9a4a4d0db2d788647dba11280271
x86_64	java-17-openjdk-demo-fastdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	dd32be3bfcea989543d89da8e01daf59a10f2f9a87f57a3126d54a38ceaef24b
x86_64	java-17-openjdk-static-libs-17.0.1.0.12-2.el8_5.x86_64.rpm	fbdf9296a150d8dbe1985d3f146c91a476f5f1979c4ff6b4edceb33116f5016b
x86_64	java-17-openjdk-devel-slowdebug-17.0.1.0.12-2.el8_5.x86_64.rpm	fdd8beb1466eb7dd82ccaf1f49851cc599f2792f0a28446623a581d51e3edd66
x86_64	java-17-openjdk-devel-17.0.1.0.12-2.el8_5.x86_64.rpm	ffc7cab209fb357392f93296881011bf9811309713274131e7be8cfd15884836

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.