java-17-openjdk security update

1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore openjdk-17.0.19+10.tar.xz - Set updatever to 19 - Set buildver to 10 - Set rpmrelease to 1 - Update sources to openjdk-17.0.19+10.tar.xz - This tarball is embargoed...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-0927)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0927 advisory. 1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore...

Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2025-18824)

The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18824 advisory. 1:21.0.9.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.9.0.10-1 - Update to jdk-21.0.9+10 GA - Update release notes to...

java-17-openjdk security update

1:17.0.17.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.17.0.10-1 - Update to jdk-17.0.17+10 GA - Add to .gitignore openjdk-17.0.17+10.tar.xz - Set buildver to 10 - Set rpmrelease to 1, remove 'must start at 2' comment - Set isga to 1 - Update sources to openjdk-17.0.17+10.tar.xz...

java-17-openjdk security update

1:17.0.16.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.16.0.8-2 - Update to jdk-17.0.16+8 - Add to .gitignore openjdk-17.0.16+8.tar.xz - Set updatever to 16 - Set buildver to 8 - Update sources to openjdk-17.0.16+8.tar.xz - Resolves: RHEL-101793 - Resolves: RHEL-102273 - Require...

Decentralized Vulnerability Disclosure Via Permissioned Blockchain: a Secure, Transparent Alternative to Centralized CVE Management

This paper proposes a decentralized, blockchain-based system for the publication of Common Vulnerabilities and Exposures CVEs, aiming to mitigate the limitations of the current centralized model primarily overseen by MITRE. The proposed architecture leverages a permissioned blockchain, wherein on...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2025-3852)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3852 advisory. 1:17.0.15.0.6-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.15.0.6-2 - Update to jdk-17.0.15+6 GA - Add to .gitignore...

java-21-openjdk security update

1:21.0.7.0.6-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.7.0.6-1 - Update to jdk-21.0.7+6 GA - Update release notes to 21.0.7+6 - Rebase FIPS support against 21.0.7+5 - Require tzdata 2025a due to upstream inclusion of JDK-8347965 - Sync the copy of the portable specfile with the...

java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5

1:17.0.14.0.7-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.14.0.7-3 - Set rpmrelease to 3 - Revert 'Require tzdata-java 2024b at runtime and for build' 1:17.0.14.0.7-2 - Do not pass nil to jvmdir macro in cjc logic - Related: RHEL-73867 1:17.0.14.0.7-2 - Adapt to newest cjc to fix...

java-21-openjdk security update for RHEL 8.10, 9.4 and 9.5

1:21.0.6.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.6.0.7-1 - Update to jdk-21.0.6+7 GA - Update release notes to 21.0.6+7 - Sync the copy of the portable & devkit specfiles with the latest update - Include the latest devkit patches - Update README.md to list an easier way of...

java-21-openjdk security update

1:21.0.5.0.10-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.5.0.10-3 - Sync the copy of the portable specfile with the latest update - This tarball is embargoed until 2024-10-15 @ 1pm PT. - Related: RHEL-61346 1:21.0.5.0.10-2 - Update to jdk-21.0.5+10 GA - Update release notes to...

java-17-openjdk security update

17.0.13.0.11-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.13.0.11-3 - Correct version suffix in 'Update to jdk-17.0.13+11 GA' changelog entry - Related: RHEL-58781 1:17.0.13.0.11-2 - Update to jdk-17.0.13+11 GA - Update .gitignore to ignore openjdk-17.0.13+11.tar.xz - Sync...

java-11-openjdk security update

1:11.0.25.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.25.0.9-2 - Update to jdk-11.0.25+9 GA - Update release notes to 11.0.25+9 - Switch to GA mode for release - Related: RHEL-58772 - This tarball is embargoed until 2024-10-15 @ 1pm PT. 1:11.0.25.0.8-0.2.ea - Update to...

GO-2022-0381 Import of incorrectly embargoed keys could cause early publication in github.com/google/exposure-notifications-server

Import of incorrectly embargoed keys could cause early publication in github.com/google/exposure-notifications-server...

RHEL 9 : thunderbird (RHSA-2024:5395)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5395 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: EMBARGOED Thunderbird: 115.14/128.1 mozilla: Fullscreen...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

ALSA-2024:5392 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: EMBARGOED Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozill...

java-17-openjdk security update

1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz - Sync java-17-openjdk-portable.specfile - Set buildver to 7 - Set portablerelease 1 - Set isga to 1 - Update sources to openjdk-17.0.12+7.tar.xz -...