[ubuntu/focal-security] openjdk-lts 11.0.14+9-0ubuntu2~20.04 (Accepted)

Eduardo Barretto eduardo.barretto at canonical.com
Mon Mar 7 11:22:03 UTC 2022

openjdk-lts (11.0.14+9-0ubuntu2~20.04) focal-security; urgency=medium

  * Backport the security update to 20.04 LTS.

openjdk-lts (11.0.14+9-0ubuntu2) jammy; urgency=medium

  * OpenJDK 11.0.14+9 build (release).
  * Security fixes
    - JDK-8217375: jarsigner breaks old signature with long lines in manifest.
    - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir
      named "." inside.
    - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization.
    - JDK-8268488: More valuable DerValues.
    - JDK-8268494: Better inlining of inlined interfaces.
    - JDK-8268512: More content for ContentInfo.
    - JDK-8268795: Enhance digests of Jar files.
    - JDK-8268801: Improve PKCS attribute handling.
    - JDK-8268813, CVE-2022-21283: Better String matching.
    - JDK-8269151: Better construction of EncryptedPrivateKeyInfo.
    - JDK-8269944: Better HTTP transport redux.
    - JDK-8270386, CVE-2022-21291: Better verification of scan methods.
    - JDK-8270392, CVE-2022-21293: Improve String constructions.
    - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps.
    - JDK-8270492, CVE-2022-21282: Better resolution of URIs.
    - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management.
    - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities.
    - JDK-8270952, CVE-2022-21277: Improve TIFF file handling.
    - JDK-8271962: Better TrueType font loading.
    - JDK-8271968: Better canonical naming.
    - JDK-8271987: Manifest improved manifest entries.
    - JDK-8272014, CVE-2022-21305: Better array indexing.
    - JDK-8272026, CVE-2022-21340: Verify Jar Verification.
    - JDK-8272236, CVE-2022-21341: Improve serial forms for transport.
    - JDK-8272272: Enhance jcmd communication.
    - JDK-8272462: Enhance image handling.
    - JDK-8273290: Enhance sound handling.
    - JDK-8273756, CVE-2022-21360: Enhance BMP image support.
    - JDK-8273838, CVE-2022-21365: Enhanced BMP processing.
    - JDK-8274096, CVE-2022-21366: Improve decoding of image files.
    - JDK-8279541: Improve HarfBuzz.

openjdk-lts (11.0.13+8-0ubuntu1) jammy; urgency=medium

  * OpenJDK 11.0.13+8 build (release).
  * Security fixes
    - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites
    - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS
      session close.
    - JDK-8263314: Enhance XML Dsig modes.
    - JDK-8265167, CVE-2021-35556: Richer Text Editors.
    - JDK-8265574: Improve handling of sheets.
    - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit.
    - JDK-8265776: Improve Stream handling for SSL.
    - JDK-8266097, CVE-2021-35561: Better hashing support.
    - JDK-8266103: Better specified spec values.
    - JDK-8266109: More Resilient Classloading.
    - JDK-8266115: More Manifest Jar Loading.
    - JDK-8266137, CVE-2021-35564: Improve Keystore integrity.
    - JDK-8266689, CVE-2021-35567: More Constrained Delegation.
    - JDK-8267086: ArrayIndexOutOfBoundsException in
    - JDK-8267712: Better LDAP reference processing.
    - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking.
    - JDK-8267735, CVE-2021-35586: Better BMP support.
    - JDK-8268193: Improve requests of certificates.
    - JDK-8268199: Correct certificate requests.
    - JDK-8268205: Enhance DTLS client handshake.
    - JDK-8268506: More Manifest Digests.
    - JDK-8269618, CVE-2021-35603: Better session identification.
    - JDK-8269624: Enhance method selection support.
    - JDK-8270398: Enhance canonicalization.
    - JDK-8270404: Better canonicalization.
  * Sync packages with 11.0.13+8-1:
    - Remove patches applied upstream.

Date: 2022-01-25 14:26:37.297895+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list