stable

OpenJDK 17.0.2 Security Update for Fedora 35

FEDORA-2022-7d8b535724 created by ahughes a year ago for Fedora 35

New in release OpenJDK 17.0.2 (2022-01-18):

Live versions of these release notes can be found at:

Security fixes

  • JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
  • JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
  • JDK-8268488: More valuable DerValues
  • JDK-8268494: Better inlining of inlined interfaces
  • JDK-8268512: More content for ContentInfo
  • JDK-8268813, CVE-2022-21283: Better String matching
  • JDK-8269151: Better construction of EncryptedPrivateKeyInfo
  • JDK-8269944: Better HTTP transport redux
  • JDK-8270386, CVE-2022-21291: Better verification of scan methods
  • JDK-8270392, CVE-2022-21293: Improve String constructions
  • JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
  • JDK-8270492, CVE-2022-21282: Better resolution of URIs
  • JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
  • JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
  • JDK-8270952, CVE-2022-21277: Improve TIFF file handling
  • JDK-8271962: Better TrueType font loading
  • JDK-8271968: Better canonical naming
  • JDK-8271987: Manifest improved manifest entries
  • JDK-8272014, CVE-2022-21305: Better array indexing
  • JDK-8272026, CVE-2022-21340: Verify Jar Verification
  • JDK-8272236, CVE-2022-21341: Improve serial forms for transport
  • JDK-8272272: Enhance jcmd communication
  • JDK-8272462: Enhance image handling
  • JDK-8273290: Enhance sound handling
  • JDK-8273756, CVE-2022-21360: Enhance BMP image support
  • JDK-8273838, CVE-2022-21365: Enhanced BMP processing
  • JDK-8274096, CVE-2022-21366: Improve decoding of image files

Major Changes

  • JDK-8277157: Vector should throw ClassNotFoundException for a missing class of an element
  • JDK-8272535: Removed Google's GlobalSign Root Certificate
  • JDK-8277533: ZGC: Fixed long Process Non-Strong References times
  • JDK-8274857: Update Timezone Data to 2021c

FIPS Changes

  • Fix FIPS issues in native code and with initialisation of java.security.Security

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-7d8b535724

This update has been submitted for testing by ahughes.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

jerboaa edited this update.

a year ago
User Icon browseria commented & provided feedback a year ago
karma

Works for me! Ship it!

BZ#2042455 Missing latest release OpenJDK 17.0.2

This update has been pushed to testing.

a year ago
User Icon besser82 commented & provided feedback a year ago
karma

Works great! LGTM! =)

This update can be pushed to stable now if the maintainer wishes

a year ago
User Icon copperi provided feedback a year ago
karma

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Builds
1
java-latest-openjdk-17.0.2.0.8-2.rolling.fc35
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#2042455 Missing latest release OpenJDK 17.0.2
0
1
java-latest-openjdk-17.0.2.0.8-2.rolling.fc35

Automated Test Results

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.2.0^202305170827gitb1d8280 on bodhi-web-95-t58rz.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy