CLSA-2026-1770119166 java-1.8.0-openjdk: Fix of CVE-2026-21945

Update to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b03. - CVE-2026-21945: Security component vulnerability allowing unauthenticated attacker with network access to cause hang or crash DoS...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.462.b08-1.0.1.el7.AXS7 (AXSA:2025-10745:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10745:15 advisory. Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08 GA. That fixes following CVEs: CVE-2025-30749: better Glyph drawing CVE-2025-30754:...

CLSA-2025-1755007642 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50106: glyph out-of-memory access and crash...

CLSA-2025-1749569161 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes the following CVE: CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698...

CLSA-2024-1730919779 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to shenandoah-jdk8u432-b06 fixing the following CVEs: - CVE-2024-21208: unauthorized partial DoS vulnerability - CVE-2024-21210: unauthorized update, insert, or delete access to some of data - CVE-2024-21217: unauthorized partial DoS vulnerability - CVE-2024-21235: unauthorized update,...

CLSA-2024-1730920734 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to shenandoah-jdk8u432-b06 fixing the following CVEs: - CVE-2024-21208: unauthorized partial DoS vulnerability - CVE-2024-21210: unauthorized update, insert, or delete access to some of data - CVE-2024-21217: unauthorized partial DoS vulnerability - CVE-2024-21235: unauthorized update,...

CLSA-2024-1718796396 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u412-b08. That fixes following CVEs: - CVE-2024-21011: Long Exception message leading to crash - CVE-2024-21085: Pack200 excessive memory allocation - CVE-2024-21068: Integer overflow in C1 compiler address generation - CVE-2024-21094: C2...

CLSA-2023-1691081846 java-1.8.0-openjdk: Fix of 2 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs: - CVE-2023-22045: Array indexing integer overflow issue. 8304468 - CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion 8305312 - Remove patch for pkcs11 cause issue was fixed in...

CLSA-2022-1659638796 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

CLSA-2022-1659636917 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21540, CVE-2022-21541, CVE-2022-34169

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

java-11-openjdk security and enhancement update

1:11.0.8.10-0 - Update to shenandoah-jdk-11.0.8+10 GA - Switch to GA mode for final release. - Update release notes with last minute fix JDK-8248505. - This tarball is embargoed until 2020-07-14 @ 1pm PT. - Resolves: rhbz1838811 1:11.0.8.9-0.0.ea - Update to shenandoah-jdk-11.0.8+9 EA - Update...

java-1.8.0-openjdk security update

1:1.8.0.242.b08-0 - Update to aarch64-shenandoah-jdk8u242-b08. - Remove local copies of JDK-8031111 & JDK-8132111 as replaced by upstream versions. - Resolves: rhbz1785753 1:1.8.0.242.b07-1 - Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. - Resolves: rhbz1785753 1:1.8.0.242.b07-0 -...

java-11-openjdk security update

1:11.0.6.10-1.0.1 - link atomic for ix86 build 1:11.0.6.10-1 - Add JDK-8236039 backport to resolve OpenShift blocker - Resolves: rhbz1785753 1:11.0.6.10-0 - Update to shenandoah-jdk-11.0.6+10 GA - Switch to GA mode for final release. - Resolves: rhbz1785753 1:11.0.6.1-0.1.ea - Update to...

java-11-openjdk security update

1:11.0.5.10-0.0.1 - link atomic for ix86 build Livy Ge 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:11.0.5.9-0.0.ea - Update to shenandoah-jdk-11.0.5+9...

java-11-openjdk security update

1:11.0.3.7-0.0.1 - link atomic for ix86 build 1:11.0.3.7-0 - Add -mstackrealign workaround to build flags to avoid SSE issues on x86 - Resolves: rhbz1693468 1:11.0.3.7-0 - Update to shenandoah-jdk-11.0.3+7 April 2019 GA - Resolves: rhbz1693468 1:11.0.3.6-0 - Update to shenandoah-jdk-11.0.3+6 Apri...

java-11-openjdk security update

1:11.0.2.7-0.0.1 - link atomic for ix86 build 1:11.0.2.7-0 - Update to shenandoah-jdk-11.0.2+7 January 2019 CPU - Make tagsuffix optional and comment it out while unused. - Drop JDK-8211105/RH1628612/RH1630996 applied upstream. - Drop JDK-8209639/RH1640127 applied upstream. - Re-generate...