java-1.8.0-openjdk security update

2023-11-0200:00:00

linux.oracle.com

java

openjdk

security update

shenandoah

jdk8u392

cve 2022 40433

cve 2023 22067

cve 2023 22081

rhel-13593

segmentation fault

ior deserialization

certificate path validation

maximum signature file

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.8%

JSON

[1:1.8.0.392.b08-3.0.1]

Update to shenandoah-jdk8u392-b08 (GA)
OpenJDK: segmentation fault in ciMethodBlocks (CVE-2022-40433)
OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 8u382 release of OpenJDK by JDK-8300596, with a default of 8 MB. This default proved to be too small for some JAR files. This release, 8u392, increases it to 16 MB. (RHEL-13593)

OSVersionArchitecturePackageVersionFilename
oracle linux9srcjava-1.8.0-openjdk< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.src.rpm
oracle linux9srcjava-1.8.0-openjdk< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.src.rpm
oracle linux9aarch64java-1.8.0-openjdk< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-demo< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-demo-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-demo-fastdebug< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-demo-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-demo-slowdebug< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-demo-slowdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-devel< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-devel-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-devel-fastdebug< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-devel-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-devel-slowdebug< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-devel-slowdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux9aarch64java-1.8.0-openjdk-fastdebug< 1.8.0.392.b08-3.0.1.el9java-1.8.0-openjdk-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	9	src	java-1.8.0-openjdk	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.src.rpm
oracle linux	9	src	java-1.8.0-openjdk	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.src.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-demo	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-demo-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-demo-fastdebug	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-demo-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-demo-slowdebug	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-demo-slowdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-devel	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-devel-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-devel-fastdebug	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-devel-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-devel-slowdebug	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-devel-slowdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	java-1.8.0-openjdk-fastdebug	< 1.8.0.392.b08-3.0.1.el9	java-1.8.0-openjdk-fastdebug-1.8.0.392.b08-3.0.1.el9.aarch64.rpm