Stay Connected:

ELSA-2024-1817

ELSA-2024-1817 - java-1.8.0-openjdk security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-04-17

Description


[1:1.8.0.412.b08-1]
- Update to shenandoah-jdk8u412-b08 (GA)
- Update release notes for shenandoah-8u412-b08.
- Complete release note for Certainly roots
- Switch to GA mode.
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Related: RHEL-30926

[1:1.8.0.412.b07-0.1.ea]
- Update to shenandoah-jdk8u412-b07 (EA)
- Update release notes for shenandoah-8u412-b07.
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- Resolves: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Turn off xz multi-threading on i686 as it fails with an out of memory error
- Normalise whitespace
- Move to upstream tag style (shenandoah8ux-by) in preparation for eventually moving back to official sources
- generate_source_tarball.sh: Rename JCONSOLE_JS_PATCH{,_DEFAULT} to JCONSOLE_PATCH{,_DEFAULT} for brevity
- generate_source_tarball.sh: Adapt OPENJDK_LATEST logic to work with 8u Shenandoah fork
- generate_source_tarball.sh: Adapt version logic to work with 8u
- generate_source_tarball.sh: Add quoting for SCRIPT_DIR and JCONSOLE_PATCH (SC2086)
- generate_source_tarball.sh: Update examples in header for clarity
- generate_source_tarball.sh: Create directory in TMPDIR when using WITH_TEMP
- generate_source_tarball.sh: Only add --depth=1 on non-local repositories
- Move maintenance scripts to a scripts subdirectory
- icedtea_sync.sh: Update with a VCS mode that retrieves sources from a Mercurial repository
- jconsole.desktop.in: Restored by running icedtea_sync.sh
- policytool.desktop.in: Likewise.
- Restore IcedTea sources correctly in spec file
- discover_trees.sh: Set compile-command and indentation instructions for Emacs
- discover_trees.sh: shellcheck: Do not use -o (SC2166)
- discover_trees.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- discover_trees.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: Add authorship
- icedtea_sync.sh: Set compile-command and indentation instructions for Emacs
- icedtea_sync.sh: shellcheck: Double-quote variable references (SC2086)
- icedtea_sync.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: Set compile-command and indentation instructions for Emacs
- openjdk_news.sh: shellcheck: Double-quote variable references (SC2086)
- openjdk_news.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: shellcheck: Remove deprecated egrep usage (SC2196)
- generate_source_tarball.sh: Handle an existing checkout
- generate_source_tarball.sh: Sync indentation with java-21-openjdk version
- generate_source_tarball.sh: Support using a subdirectory via TO_COMPRESS
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Invoke xz in multi-threaded mode
- generate_source_tarball.sh: Add WITH_TEMP environment variable
- generate_source_tarball.sh: Multithread xz on all available cores
- generate_source_tarball.sh: Add OPENJDK_LATEST environment variable
- generate_source_tarball.sh: Update comment about tarball naming
- generate_source_tarball.sh: Reformat comment header
- generate_source_tarball.sh: Reformat and update help output
- generate_source_tarball.sh: Do a shallow clone, for speed
- generate_source_tarball.sh: Eliminate some removal prompting
- generate_source_tarball.sh: Make tarball reproducible
- generate_source_tarball.sh: Prefix temporary directory with temp-
- generate_source_tarball.sh: Remove temporary directory exit conditions
- generate_source_tarball.sh: Set compile-command in Emacs
- generate_source_tarball.sh: Remove REPO_NAME from FILE_NAME_ROOT
- generate_source_tarball.sh: Move PROJECT_NAME and REPO_NAME checks
- generate_source_tarball.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- generate_source_tarball.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: shellcheck: Do not use -a (SC2166)
- generate_source_tarball.sh: shellcheck: Do not use $ on arithmetic variables (SC2004)
- Use backward-compatible patch syntax
- generate_source_tarball.sh: Ignore -ga tags with OPENJDK_LATEST
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Use long-style argument to grep
- generate_source_tarball.sh: Add license
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Remove -T0 argument from systemtap tar invocation
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Update to shenandoah-jdk8u412-b01 (EA)
- Update release notes for shenandoah-8u412-b01.
- Switch to EA mode.
- Related: RHEL-30926


Related CVEs


CVE-2024-21085
CVE-2024-21068
CVE-2024-21094
CVE-2024-21011

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_aarch64_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_aarch64_optional_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_aarch64_u9_patch
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.aarch64.rpmdfd2dd9ea69ef60a6c5bf2c3404927c8-ol7_aarch64_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.aarch64.rpmdfd2dd9ea69ef60a6c5bf2c3404927c8-ol7_aarch64_u9_patch
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.aarch64.rpm2c188f9998003540f8aa957703d1e03b-ol7_aarch64_optional_latest
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.aarch64.rpmae56ab6c972794f9456e82a3518b6171-ol7_aarch64_optional_latest
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.aarch64.rpmbb24d0e337a9f8163137226e2e4bce0e-ol7_aarch64_latest
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.aarch64.rpmbb24d0e337a9f8163137226e2e4bce0e-ol7_aarch64_u9_patch
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.aarch64.rpm959a39c02483e751e231c993e462925f-ol7_aarch64_latest
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.aarch64.rpm959a39c02483e751e231c993e462925f-ol7_aarch64_u9_patch
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpm1599db3b864b40314fa0701a6e07d846-ol7_aarch64_optional_latest
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm44b12b3c6affc8239fcf4402adf730ad-ol7_aarch64_optional_latest
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.aarch64.rpma857d5e897ede5446932e6063689ab15-ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64) java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_x86_64_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_x86_64_optional_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpmb166033beafd972b049ce9c135698fe2-ol7_x86_64_u9_patch
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.i686.rpm9dfe88b1f0127da7039ab75770beb6a5-ol7_x86_64_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.i686.rpm9dfe88b1f0127da7039ab75770beb6a5-ol7_x86_64_u9_patch
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64.rpm2fd9394907c6616b8c342f34d63323d8-ol7_x86_64_latest
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64.rpm2fd9394907c6616b8c342f34d63323d8-ol7_x86_64_u9_patch
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.i686.rpmefad040c1593e659d889a52e9b352ecb-ol7_x86_64_optional_latest
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.x86_64.rpm46bf27ca1e3d89b157e09d2ac53b47de-ol7_x86_64_optional_latest
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.i686.rpmd6147f46192ffa19da199f05e9d1c2fa-ol7_x86_64_optional_latest
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.x86_64.rpmf880330f42d99ab5c24096dc99dd0056-ol7_x86_64_optional_latest
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.i686.rpmf905f53e2303145a6334e2b41c9a46a3-ol7_x86_64_latest
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.i686.rpmf905f53e2303145a6334e2b41c9a46a3-ol7_x86_64_u9_patch
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.x86_64.rpm6cbbdc49e53772cb0ddb3201dd8e79b9-ol7_x86_64_latest
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.x86_64.rpm6cbbdc49e53772cb0ddb3201dd8e79b9-ol7_x86_64_u9_patch
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.i686.rpm78838662733a054fa107171741cfad13-ol7_x86_64_latest
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.i686.rpm78838662733a054fa107171741cfad13-ol7_x86_64_u9_patch
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.x86_64.rpm9a35b6b52306c91c56dccb5c505d3dae-ol7_x86_64_latest
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.x86_64.rpm9a35b6b52306c91c56dccb5c505d3dae-ol7_x86_64_u9_patch
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpm1599db3b864b40314fa0701a6e07d846-ol7_x86_64_optional_latest
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm44b12b3c6affc8239fcf4402adf730ad-ol7_x86_64_optional_latest
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.i686.rpm72c2c802c8d703ebf6f404d548af3ed9-ol7_x86_64_latest
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.i686.rpm72c2c802c8d703ebf6f404d548af3ed9-ol7_x86_64_u9_patch
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.x86_64.rpm1326b1ac9a13906ad28b6b05ba434493-ol7_x86_64_optional_latest



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights