[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3728-1] openjdk-11 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3728-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
January 31, 2024                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : openjdk-11
Version        : 11.0.22+7-1~deb10u1
CVE ID         : CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926
                 CVE-2024-20945 CVE-2024-20952

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in side channel attacks, leaking sensitive data to log
files, denial of service or bypass of sandbox restrictions.

For Debian 10 buster, these problems have been fixed in version
11.0.22+7-1~deb10u1.

We recommend that you upgrade your openjdk-11 packages.

For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmW6aA8ACgkQnUbEiOQ2
gwIJ8hAAzjD/ul+5uRmOBBwtdQ6M4vLoyHseEFFU9K4ETZ+CL9gLOibevJqGVUi5
27yrw+nV0Bit0eBJrf/qjJCsQPySixRa0sFy60hVhLXbvFAgG0h8NABHQuVszD5v
lJdq3UuzasYD/0u95UiUMgX6naz/gYOo6SDMN5PZokwpAAivay8sgA3AP1IcnGrp
R3wVOvWg7pbuJueiSZk+mEK4dlYlAsU4CmaOlsh0Pn0YkJh4qe9hLyNxnQUnFhFo
AdoI5jIWgVHBoc7LQBhtK4WH3siog1dzogW5QlufarVtMHoSdla8zgnfmObsQdIR
n2m/5K2CBRoxEnNzrRmf9vpbKmM3qyL4BYE113UuzhMnEpOhRVkIo0G1GVlXaAdW
ApVwPhzDOS1NmhUGWPZ9w0Tvnp+BGy7rrcls/dhPftWE3WA6hlbkQYM1PAfo5lQp
dtN7LhkrmC7U3Xg2yVeWoYQhNhCkL/VoYYsufS1FibgvVB4sdpQMNKIdXCTaAwhm
LHX5/eFVdqm1wUubF0pBDblZSbu8Zgmlu+A221igz0G0b5Gz6noU5tpzJ+AdzRoW
1ZdtX2cNjXiBtlSG5uj0R/FQao7IyX1iEn5e9GwnT2q1fhRUyaCEm2jpeu9QHYVC
UdmeNOa6yKRXRAtbyDkK8brsWblwguQppBAYMu4fK1+T9YSzUH0=
=whvw
-----END PGP SIGNATURE-----
Reply to: