[ubuntu/bionic-security] openjdk-17 17.0.4+8-1~18.04 (Accepted)

Eduardo Barretto eduardo.barretto at canonical.com
Thu Aug 4 15:45:50 UTC 2022


openjdk-17 (17.0.4+8-1~18.04) bionic-security; urgency=medium

  * OpenJDK 17.0.4 release, build 8.
  * Addresses security issues: CVE-2022-34169, CVE-2022-21541,
    CVE-2022-21540, CVE-2022-21549.

openjdk-17 (17.0.4+8-1) unstable; urgency=high

  * OpenJDK 17.0.4+8 (release).
  * Disable the reproducible-copyright-headers patch.
  * Only try to re-run failed tests once instead of three times.

openjdk-17 (17.0.3+7-1) unstable; urgency=high

  * OpenJDK 17.0.3+7 (release).
  * Security fixes
    - JDK-8269938: Enhance XML processing passes redux.
    - JDK-8270504, CVE-2022-21426: Better XPath expression handling.
    - JDK-8272255: Completely handle MIDI files.
    - JDK-8272261: Improve JFR recording file processing.
    - JDK-8272588: Enhanced recording parsing.
    - JDK-8272594: Better record of recordings.
    - JDK-8274221: More definite BER encodings.
    - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java
      to 2.3.0.
    - JDK-8275151, CVE-2022-21443: Improved Object Identification.
    - JDK-8277227: Better identification of OIDs.
    - JDK-8277233, CVE-2022-21449: Improve ECDSA signature support.
    - JDK-8277672, CVE-2022-21434: Better invocation handler handling.
    - JDK-8278356: Improve file creation.
    - JDK-8278449: Improve keychain support.
    - JDK-8278798: Improve supported intrinsic.
    - JDK-8278805: Enhance BMP image loading.
    - JDK-8278972, CVE-2022-21496: Improve URL supports.
    - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo.
  * Refresh patches.

Date: 2022-07-22 09:14:09.072944+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-17/17.0.4+8-1~18.04
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list