stable

OpenJDK 11.0.14 Security Update for Fedora 35

FEDORA-2022-55ae167d94 created by ahughes 2 years ago for Fedora 35

New in release OpenJDK 11.0.14 (2022-01-18):

Live versions of these release notes can be found at:

Security fixes

  • JDK-8217375: jarsigner breaks old signature with long lines in manifest
  • JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
  • JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
  • JDK-8268488: More valuable DerValues
  • JDK-8268494: Better inlining of inlined interfaces
  • JDK-8268512: More content for ContentInfo
  • JDK-8268795: Enhance digests of Jar files
  • JDK-8268801: Improve PKCS attribute handling
  • JDK-8268813, CVE-2022-21283: Better String matching
  • JDK-8269151: Better construction of EncryptedPrivateKeyInfo
  • JDK-8269944: Better HTTP transport redux
  • JDK-8270386, CVE-2022-21291: Better verification of scan methods
  • JDK-8270392, CVE-2022-21293: Improve String constructions
  • JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
  • JDK-8270492, CVE-2022-21282: Better resolution of URIs
  • JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
  • JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
  • JDK-8270952, CVE-2022-21277: Improve TIFF file handling
  • JDK-8271962: Better TrueType font loading
  • JDK-8271968: Better canonical naming
  • JDK-8271987: Manifest improved manifest entries
  • JDK-8272014, CVE-2022-21305: Better array indexing
  • JDK-8272026, CVE-2022-21340: Verify Jar Verification
  • JDK-8272236, CVE-2022-21341: Improve serial forms for transport
  • JDK-8272272: Enhance jcmd communication
  • JDK-8272462: Enhance image handling
  • JDK-8273290: Enhance sound handling
  • JDK-8273756, CVE-2022-21360: Enhance BMP image support
  • JDK-8273838, CVE-2022-21365: Enhanced BMP processing
  • JDK-8274096, CVE-2022-21366: Improve decoding of image files
  • JDK-8279541: Improve HarfBuzz

Major Changes

  • JDK-8250554 : New Option Added to jcmd for Writing a gzipped Heap Dump
  • JDK-8260310: Configurable Extensions With System Properties
  • JDK-8272907: New SunPKCS11 Configuration Properties
  • JDK-8271517: Zip File System Provider Throws ZipException when entry name element contains "." or "."
  • JDK-8272535: Removed Google's GlobalSign Root Certificate
  • JDK-8274857: Update Timezone Data to 2021c
  • JDK-8253866: blacklisted.certs renamed to blocked.certs

FIPS Mode Changes

  • Fix FIPS issues in native code and with initialisation of java.security.Security

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-55ae167d94

This update has been submitted for testing by ahughes.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

jerboaa edited this update.

2 years ago
User Icon browseria commented & provided feedback 2 years ago
karma

Works for me. Ship it!

BZ#2042452 Missing latest release OpenJDK 11.0.14

This update has been pushed to testing.

2 years ago
User Icon bojan commented & provided feedback 2 years ago
karma

Works.

This update can be pushed to stable now if the maintainer wishes

2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

This update has been submitted for stable by bodhi.

2 years ago
User Icon andilinux commented & provided feedback 2 years ago
karma

works without issues

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#2042452 Missing latest release OpenJDK 11.0.14
0
1

Automated Test Results