[ubuntu/focal-security] openjdk-17 17.0.10+7-1~20.04.1 (Accepted)

Evan Caville evan.caville at canonical.com
Tue Feb 27 00:55:23 UTC 2024


openjdk-17 (17.0.10+7-1~20.04.1) focal-security; urgency=high

  * OpenJDK 17.0.10 release, build 7.
    - CVEs:
      + CVE-2024-20918
      + CVE-2024-20919
      + CVE-2024-20921
      + CVE-2024-20932
      + CVE-2024-20945
      + CVE-2024-20952
    - Security fixes:
      + JDK-8276123, JDK-8316613: ZipFile::getEntry will not return a file entry
        when there is a directory entry of the same name within a Zip File.
      + JDK-8308204: Enhanced certificate processing.
      + JDK-8314295: Enhance verification of verifier.
      + JDK-8314307: Improve loop handling.
      + JDK-8314468: Improve Compiler loops.
      + JDK-8316976: Improve signature handling.
      + JDK-8317547: Enhance TLS connection support.

  [ Vladimir Petko ]
  * d/t/jtreg-autopkgtest.sh: Regenerate test script.
  * Generate d/watch to cope with early access and release builds.
  * d/rules: Trim trailing whitespaces from debian/control.

  [ Matthias Klose ]
  * Build again zero on amd64 (accidental change in 6ea-1).

  [ Pushkar Kulkarni ]
  * Minor improvements to the copyright-generator.

  [ Pushkar Kulkarni ]
  * Upload to Ubuntu 20.04
  * d/rules, d/control: relax jtreg version requirement for repacked orig tarballs
  * d/rules, d/control: Use gcc-10 on focal to work around LP: #2044899

openjdk-17 (17.0.10~6ea-1) unstable; urgency=medium

  * OpenJDK 17.0.10 early access, build 6.

  [ Pushkar Kulkarni ]
  * debian/copyright: Fix whitespace issues.

  [ Vladimir Petko ]
  * d/copyright: Fix lintian warning.

  [ Matthias Klose ]
  * d/copyright: Fix source location.
  * Build-depend on jtreg7 instead of jtreg6.
  * d/p/googletest-version.diff: Ignore the version check, keep 1.14.
  * Refresh patches.

openjdk-17 (17.0.9+9-2) unstable; urgency=medium

  [ Vladimir Petko ]
  * d/t/write-problems: Add missing file to generate the problem list.

  [ Pushkar Kulkarni ]
  * debian/copyright: Update copyrights and notices, using a generator script.

openjdk-17 (17.0.9+9-1) unstable; urgency=high

  * OpenJDK 17.0.9 release, build 9.
    - CVE-2023-30589, CVE-2023-22081, CVE-2023-22091, CVE-2023-22025.	
      The patch for CVE-2023-30589 also addresses CVE-2023-30585,
      CVE-2023-30588, and CVE-2023-30590.
    - Release notes: 
      https://www.oracle.com/java/technologies/javase/17-0-9-relnotes.html#R17_0_9

  [ Vladimir Petko ]
  * Backport upstream fix for jexec: can't locate java:
    No such file or directory.  Closes: #1029342.
  * d/rules, d/watch: Bundle googletest 1.14.
  * d/copyright: Add googletest copyright.
  * d/test: Update problemlist.
  * d/p: exclude-broken-tests.patch.
  * d/p/reproducible-properties-timestamp.diff: Use the privileged action
    to read the system property (JDK-8272157, 914278).

Date: 2024-02-05 20:45:10.159086+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Signed-By: Evan Caville <evan.caville at canonical.com>
https://launchpad.net/ubuntu/+source/openjdk-17/17.0.10+7-1~20.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list