MGASA-2024-0179

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2024-0179.html
Import Source
https://advisories.mageia.org/MGASA-2024-0179.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2024-0179
Related
Published
2024-05-16T17:29:32Z
Modified
2024-05-16T17:02:50Z
Summary
Updated java-1.8.0, java-11, java-17, java-latest packages fix security vulnerabilities
Details

Long Exception message leading to crash. (CVE-2024-21011) HTTP/2 client improper reverse DNS lookup. (CVE-2024-21012) Integer overflow in C1 compiler address generation. (CVE-2024-21068) Pack200 excessive memory allocation. (CVE-2024-21085) C2 compilation fails with "Exceeded noderegs array". (CVE-2024-21094)

References
Credits

Affected packages

Mageia:9 / java-1.8.0-openjdk

Package

Name
java-1.8.0-openjdk
Purl
pkg:rpm/mageia/java-1.8.0-openjdk?distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.412.b08-1.mga9

Ecosystem specific 

{
    "section": "core"
}

Mageia:9 / java-11-openjdk

Package

Name
java-11-openjdk
Purl
pkg:rpm/mageia/java-11-openjdk?distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.23.0.9-1.mga9

Ecosystem specific 

{
    "section": "core"
}

Mageia:9 / java-17-openjdk

Package

Name
java-17-openjdk
Purl
pkg:rpm/mageia/java-17-openjdk?distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.11.0.9-1.mga9

Ecosystem specific 

{
    "section": "core"
}

Mageia:9 / java-latest-openjdk

Package

Name
java-latest-openjdk
Purl
pkg:rpm/mageia/java-latest-openjdk?distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
22.0.1.0.8-1.rolling.1.mga9

Ecosystem specific 

{
    "section": "core"
}