Stay Connected:

ELSA-2023-6738

ELSA-2023-6738 - java-21-openjdk security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2023-11-11

Description


[1:21.0.1.0.12-2.0.1]
- Add Oracle vendor bug URL

[1:21.0.1.0.12-2]
- Switch to using portable binaries built on RHEL 7
- Sync the copy of the portable specfile with the RHEL 7 version
- Related: RHEL-12997

[1:21.0.1.0.12-1]
- Update to jdk-21.0.1.0+12 (GA)
- Update release notes to 21.0.1.0+12
- Sync the copy of the portable specfile with the latest update
- Update openjdk_news script to specify subdirectory last
- Add missing discover_trees script required by openjdk_news
- Synchronise bundled versions with 21u sources (FreeType, LCMS, HarfBuzz, libpng)
- Sync generate_tarball.sh with 11u & 17u version
- Update bug URL for RHEL to point to the Red Hat customer portal
- Fix upstream release URL for OpenJDK source
- Following JDK-8005165, class data sharing can be enabled on all JIT architectures
- Use tapsets from the misc tarball
- Introduce 'prelease' for the portable release versioning, to handle EA builds
- Make sure root installation directory is created first
- Use in-place substitution for all but the first of the tapset changes
- Synchronise runtime and buildtime tzdata requirements
- Remove ghosts for binaries not in java-21-openjdk (pack200, rmid, unpack200)
- Add missing jfr, jpackage and jwebserver alternative ghosts
- Move jcmd to the headless package
- Revert alt-java binary location to being within the JDK tree
- Resolves: RHEL-12997
- Resolves: RHEL-14954
- Resolves: RHEL-14962
- Resolves: RHEL-14958
- Related: RHEL-14946
- Resolves: RHEL-14959
- Resolves: RHEL-14948

[1:21.0.1.0.12-1]
- Exclude classes_nocoops.jsa on i686 and arm32
- Related: RHEL-14946

[1:21.0.1.0.12-1]
- Fix packaging of CDS archives
- Resolves: RHEL-14946

[1:21.0.0.0.35-2]
- Update documentation (README.md)
- Replace alt-java patch with a binary separate from the JDK
- Drop stale patches that are of little use any more:
- * nss.cfg has been disabled since early PKCS11 work and long superseded by FIPS work
- * No accessibility subpackage to warrant RH1648242 & RH1648644 patches any more
- * No use of system libjpeg turbo to warrant RH649512 patch any more
- Replace RH1684077 pcsc-lite-libs patch with better JDK-8009550 fix being upstreamed
- Adapt alt-java test to new binary where there is always a set_speculation function
- Related: RHEL-12997

[1:21.0.0.0.35-1]
- Update to jdk-21.0.0+35
- Update system crypto policy & FIPS patch from new fips-21u tree
- Update generate_tarball.sh to sync with upstream vanilla script inc. no more ECC removal
- Drop fakefeaturever now it is no longer needed
- Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball
- Use upstream release URL for OpenJDK source
- Re-enable tzdata tests now we are on the latest JDK and things are back in sync
- Install jaxp.properties introduced by JDK-8303530
- Install lible.so introduced by JDK-8306983
- Related: RHEL-12997

[1:21.0.0.0.35-1]
- Replace smoke test files used in the staticlibs test, as fdlibm was removed by JDK-8303798
- Related: RHEL-12997

[1:20.0.0.0.36-1]
- Update to jdk-20.0.2+9
- Update release notes to 20.0.2+9
- Update system crypto policy & FIPS patch from new fips-20u tree
- Update generate_tarball.sh ICEDTEA_VERSION
- Update CLDR reference data following update to 42 (Rocky Mountain-Normalzeit => Rocky-Mountain-Normalzeit)
- Related: RHEL-12997

[1:20.0.0.0.36-1]
- Dropped JDK-8295447, JDK-8296239 & JDK-8299439 patches now upstream
- Adapted rh1750419-redhat_alt_java.patch
- Related: RHEL-12997

[1:19.0.1.0.10-1]
- Update to jdk-19.0.2 release
- Update release notes to 19.0.2
- Rebase FIPS patches from fips-19u branch
- Remove references to sample directory removed by JDK-8284999
- Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag
- Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases
- Related: RHEL-12997

[1:18.0.2.0.9-1]
- Update to jdk-18.0.2 release
- Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so in the server directory
- Rebase FIPS patches from fips-18u branch
- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
- Drop now unused fresh_libjvm, build_hotspot_first, bootjdk and buildjdkver variables, as we don't build a JDK here
- Drop tzdata patches added for 17.0.7 which will eventually appear in the upstream tarball when we reach OpenJDK 21
- Disable tzdata tests until we are on the latest JDK and things are back in sync
- Use empty nss.fips.cfg until it is again available via the FIPS patch
- Related: RHEL-12997

[1:18.0.2.0.9-1]
- Update to ea version of jdk18
- Add new slave jwebserver and corresponding manpage
- Adjust rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
- Related: RHEL-12997

[1:18.0.2.0.9-1]
- Add javaver- and origin-specific javadoc and javadoczip alternatives.
- Related: RHEL-12997

[1:17.0.7.0.7-4]
- Add files missed by centpkg import.
- Related: rhbz#2192748

[1:17.0.7.0.7-3]
- Create java-21-openjdk package based on java-17-openjdk
- Related: rhbz#2192748


Related CVEs


CVE-2023-22025
CVE-2023-22081

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) java-21-openjdk-21.0.1.0.12-2.0.1.el9.src.rpm2c60f5f8838318708919f3c0b69f43e1ff7571762d793bef0b40658a3fe59f88-ol9_aarch64_appstream
java-21-openjdk-21.0.1.0.12-2.0.1.el9.src.rpm2c60f5f8838318708919f3c0b69f43e1ff7571762d793bef0b40658a3fe59f88-ol9_aarch64_codeready_builder
java-21-openjdk-21.0.1.0.12-2.0.1.el9.aarch64.rpm73e8d7e679787bacc53b4430b5ea0386bbc15519fbcd875b63cb806631e8cc94-ol9_aarch64_appstream
java-21-openjdk-demo-21.0.1.0.12-2.0.1.el9.aarch64.rpm6787222e20094689ed9522d19850738e98751cea0aac033ff0d171d838365131-ol9_aarch64_appstream
java-21-openjdk-demo-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmd079760668f3c681351389db5721ea589029b7c593f5db31a67f395dab2c0aaa-ol9_aarch64_codeready_builder
java-21-openjdk-demo-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm1f4bec2a4958cbe5910bd3d7922a609078384d897e67c403b896a59d53aa462b-ol9_aarch64_codeready_builder
java-21-openjdk-devel-21.0.1.0.12-2.0.1.el9.aarch64.rpm5573334e0fc2ea9019ddb208e130c3deab5664d269136183ff2e71d8d8e46011-ol9_aarch64_appstream
java-21-openjdk-devel-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm56c424ec50c619ea226c26b0b50b3e4015a421fc5dcac4f896c38bbb0ecd670a-ol9_aarch64_codeready_builder
java-21-openjdk-devel-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmda5d0fae33c8d2814996ddc8eff25d2e33faa7925c179b1646e235e04d469d11-ol9_aarch64_codeready_builder
java-21-openjdk-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmef3d77a6028b0365303b6a535b3383654247264d68633326c1025090ddba44c6-ol9_aarch64_codeready_builder
java-21-openjdk-headless-21.0.1.0.12-2.0.1.el9.aarch64.rpm3aa95a4514e3b34fdb3b6925fc0eadf3b7276d07d711ac4999402e6204629c1d-ol9_aarch64_appstream
java-21-openjdk-headless-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmba19fb17a7cd467260c74822c599546e9001abd3fa073a411640ee98b6ad2ecb-ol9_aarch64_codeready_builder
java-21-openjdk-headless-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmf26dfa9a92c4d6f84e5a1e1b94a3d484177aadcee17c50ea2fc48274108c9dbc-ol9_aarch64_codeready_builder
java-21-openjdk-javadoc-21.0.1.0.12-2.0.1.el9.aarch64.rpm5a87e95c55a9f134bb6e185d298ef48a431e57f3487846a9aa7b0929cf8a7e0e-ol9_aarch64_appstream
java-21-openjdk-javadoc-zip-21.0.1.0.12-2.0.1.el9.aarch64.rpma1ae6b3e6207181f9e527af7dc39958b4953bd3b68c044527d462ed531250cf6-ol9_aarch64_appstream
java-21-openjdk-jmods-21.0.1.0.12-2.0.1.el9.aarch64.rpmee6f12a5d12816574787c958a7633fdd7155bb5b9839e6fdb92b1a0d5700f963-ol9_aarch64_appstream
java-21-openjdk-jmods-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm570c93c4c88d891dbd0bdfb6d82237009c0936c0c81b5ee8da4d0692473ed152-ol9_aarch64_codeready_builder
java-21-openjdk-jmods-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm452207c3a97a9639ad89df4304ec0809e66849b79d876a9e2b9bd98a295ce498-ol9_aarch64_codeready_builder
java-21-openjdk-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm8f1f8f341f9f2b399ace128c6b45ab899d4fb05a77c54839bff9abe01adc492c-ol9_aarch64_codeready_builder
java-21-openjdk-src-21.0.1.0.12-2.0.1.el9.aarch64.rpma048a65cbc25a9b8499c6a6420d7181546e862c280e540ddbf04d9cee42a1821-ol9_aarch64_appstream
java-21-openjdk-src-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm17ee2a240c1261955c6872993214013014e8a79f7d8d8a5db8dd071b8c1e6ff0-ol9_aarch64_codeready_builder
java-21-openjdk-src-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpm3bd5ead96be03af415a8b93f539bc1c9150a75b2f7805b4a91649f50755cb60d-ol9_aarch64_codeready_builder
java-21-openjdk-static-libs-21.0.1.0.12-2.0.1.el9.aarch64.rpm119d955956d10e2585c191c6580f47d4950f57a97f44c06debf31c39776cae4c-ol9_aarch64_appstream
java-21-openjdk-static-libs-fastdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmd0eb8786126e2ca38144370f40b2882cbdee3b4a890167c6730c48da5af649d2-ol9_aarch64_codeready_builder
java-21-openjdk-static-libs-slowdebug-21.0.1.0.12-2.0.1.el9.aarch64.rpmcba44eec960a43b7e3740953b6d8e2d9215a7d447f8583b7507d2c0a91030a78-ol9_aarch64_codeready_builder
Oracle Linux 9 (x86_64) java-21-openjdk-21.0.1.0.12-2.0.1.el9.src.rpm2c60f5f8838318708919f3c0b69f43e1ff7571762d793bef0b40658a3fe59f88-ol9_x86_64_appstream
java-21-openjdk-21.0.1.0.12-2.0.1.el9.src.rpm2c60f5f8838318708919f3c0b69f43e1ff7571762d793bef0b40658a3fe59f88-ol9_x86_64_codeready_builder
java-21-openjdk-21.0.1.0.12-2.0.1.el9.x86_64.rpmdb606d6a9a080f878164dca761d75bb6886b77b0a3e5b1483f07e25a9d7b67a7-ol9_x86_64_appstream
java-21-openjdk-demo-21.0.1.0.12-2.0.1.el9.x86_64.rpm994a7a5eef4960464d7cb5279de9ed5bcc5f84d3c33fc649d8a5b0c2177e7e57-ol9_x86_64_appstream
java-21-openjdk-demo-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpmb3db8308040c4c5b7ec1a43b141af2c2b9ea9f4148e8b86a331a5eeca7180835-ol9_x86_64_codeready_builder
java-21-openjdk-demo-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm26014841c384a43c91854a72b4046b9add631fc570648062e5b50ebf1100c3a4-ol9_x86_64_codeready_builder
java-21-openjdk-devel-21.0.1.0.12-2.0.1.el9.x86_64.rpmf87e6b3066fdbda5b9f4678ee95e414c3b42390528c40b24e4490bbab0430b75-ol9_x86_64_appstream
java-21-openjdk-devel-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm7e503c79f821dd627d8823fa8738b3e982caf97971e2d0456c694b33cf30ee2f-ol9_x86_64_codeready_builder
java-21-openjdk-devel-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpme111a36250104754bac682d104f3628bc11b71f1a5b5496f6db9077d766c2d7d-ol9_x86_64_codeready_builder
java-21-openjdk-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm9b035d26e5a8934a32d2f9a334bad96309013770942881bdd8c678d645e38124-ol9_x86_64_codeready_builder
java-21-openjdk-headless-21.0.1.0.12-2.0.1.el9.x86_64.rpm5fbe9c73e0e2519bd431f0b5a4eb05726f2250656ebe561115cce6ce148d7b0c-ol9_x86_64_appstream
java-21-openjdk-headless-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm00d674f467a8bbc48892faa669b4cda159a44cb38b65ea4aea1e67a2d372b1eb-ol9_x86_64_codeready_builder
java-21-openjdk-headless-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpmac644132a812dce81c16c1bb1172a55d49a76432e5e45917799ec6612b075619-ol9_x86_64_codeready_builder
java-21-openjdk-javadoc-21.0.1.0.12-2.0.1.el9.x86_64.rpm8dc5d28cf4aa492cefb841781dce716f8331efa7999033e50f8e02b60af9f16c-ol9_x86_64_appstream
java-21-openjdk-javadoc-zip-21.0.1.0.12-2.0.1.el9.x86_64.rpm251f301eb708af843b8298ddf1c7e8a1acd64011bf7515be94a1e7dbc1173c95-ol9_x86_64_appstream
java-21-openjdk-jmods-21.0.1.0.12-2.0.1.el9.x86_64.rpmff9c560b823cab7eca42ffd59c6a24e86c14bb8ac80bdc2e3a9b806dbea87940-ol9_x86_64_appstream
java-21-openjdk-jmods-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm8da54c523271d08a7f8c59a5e35184559c31c7b45487c946b4c8d21276c1d9f5-ol9_x86_64_codeready_builder
java-21-openjdk-jmods-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm66de94e71d788620850d57e52ada8f9f08d80c0e97ad56aeb3b17fbe766b6ae9-ol9_x86_64_codeready_builder
java-21-openjdk-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpmbb7b54eab50f2461634a08b97ffbc8367291dc4bcc2fbeaeec5d3066dde15db7-ol9_x86_64_codeready_builder
java-21-openjdk-src-21.0.1.0.12-2.0.1.el9.x86_64.rpmd0645483fbc0642e7e30443ef2ddd10cf0d45cb7886a9910f3e9f3b690690f5a-ol9_x86_64_appstream
java-21-openjdk-src-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm492544d379b86612fd329c58c6f2376106365b1a6b387e1deb4f6d0a98c641b7-ol9_x86_64_codeready_builder
java-21-openjdk-src-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm6c2f3fc386e8e40500cacbd4261ee9478ab39b430c7074e794087e1bad6ea263-ol9_x86_64_codeready_builder
java-21-openjdk-static-libs-21.0.1.0.12-2.0.1.el9.x86_64.rpmd1cec091753ff4044745bb4b0fe71f9259cb29a6db40cd5283972923df0ff723-ol9_x86_64_appstream
java-21-openjdk-static-libs-fastdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpmb5c375b8e155bad5735f8e0ce51679980e6c408260f354f44bbec958a7841c72-ol9_x86_64_codeready_builder
java-21-openjdk-static-libs-slowdebug-21.0.1.0.12-2.0.1.el9.x86_64.rpm112a28e65d272234e8c9a38ffd0648ede32cdeb5bef3daafc3e5eaa9827bc801-ol9_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights