CLSA-2023-1688677355

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2023-1688677355
Upstream
Published
2023-07-06T21:02:44Z
Modified
2026-05-27T11:18:32.985040156Z
Summary
java-1.8.0-openjdk: Fix of 7 CVEs
Details
  • Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs:
  • CVE-2023-21930: Improper connection handling during TLS handshake (8294474)
  • CVE-2023-21937: Missing string checks for NULL characters (8296622)
  • CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304)
  • CVE-2023-21939: Swing HTML parsing issue (8296832)
  • CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191)
  • CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310)
  • CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667)
  • Update tzdata requirement to 2023c to match JDK-8305113
  • Include JDK-8271199 fix from the upcoming jdk8u382 in advance
  • Remove patches which are not used
References

Affected packages

TuxCare:OracleLinux:6
java-1.8.0-openjdk

Package

Name
java-1.8.0-openjdk
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-debug

Package

Name
java-1.8.0-openjdk-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-demo

Package

Name
java-1.8.0-openjdk-demo
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-demo-debug

Package

Name
java-1.8.0-openjdk-demo-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-devel

Package

Name
java-1.8.0-openjdk-devel
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-devel-debug

Package

Name
java-1.8.0-openjdk-devel-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-headless

Package

Name
java-1.8.0-openjdk-headless
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-headless-debug

Package

Name
java-1.8.0-openjdk-headless-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-javadoc

Package

Name
java-1.8.0-openjdk-javadoc
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-javadoc-debug

Package

Name
java-1.8.0-openjdk-javadoc-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-src

Package

Name
java-1.8.0-openjdk-src
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"
java-1.8.0-openjdk-src-debug

Package

Name
java-1.8.0-openjdk-src-debug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src-debug?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.372.b07-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1688677355.json"