Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2023:1904-1 Issue Date: 2023-04-25 CVE Numbers: CVE-2023-21930 CVE-2023-21954 CVE-2023-21967 CVE-2023-21939 CVE-2023-21938 CVE-2023-21937 CVE-2023-21968 -- Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Native code within the OpenJDK code base attempted to call close() on a file descriptor repeatedly if it returned the error code, EINTR. However, the close() native call is not restartable and this caused the virtual machine to crash. The close() call is now only made once. (RHBZ#2159458) -- SL7 x86_64 java-1.8.0-openjdk-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.372.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.372.b07-1.el7_9.x86_64.rpm noarch java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el7_9.noarch.rpm - Scientific Linux Development Team