It was discovered that the Serialization component of OpenJDK did not properly handle the deserialization of some CORBA objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-21830)
Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL. (CVE-2023-21843)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "openjdk-8-demo-dbgsym": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-doc": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-dbg": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jdk-headless": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-demo": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre-zero": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre-dbgsym": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre-headless": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jdk-headless-dbgsym": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jdk": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-source": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre-headless-dbgsym": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jdk-dbgsym": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre": "8u362-ga-0ubuntu1~16.04.1", "openjdk-8-jre-zero-dbgsym": "8u362-ga-0ubuntu1~16.04.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "openjdk-8-dbg": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-jdk-headless": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-demo": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-jre-zero": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-jre-headless": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-source": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-jdk": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-jre": "8u362-ga-0ubuntu1~18.04.1", "openjdk-8-doc": "8u362-ga-0ubuntu1~18.04.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "openjdk-8-dbg": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-jdk-headless": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-demo": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-jre-zero": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-jre-headless": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-source": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-jdk": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-jre": "8u362-ga-0ubuntu1~20.04.1", "openjdk-8-doc": "8u362-ga-0ubuntu1~20.04.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "openjdk-8-dbg": "8u362-ga-0ubuntu1~22.04", "openjdk-8-jdk-headless": "8u362-ga-0ubuntu1~22.04", "openjdk-8-demo": "8u362-ga-0ubuntu1~22.04", "openjdk-8-jre-zero": "8u362-ga-0ubuntu1~22.04", "openjdk-8-jre-headless": "8u362-ga-0ubuntu1~22.04", "openjdk-8-source": "8u362-ga-0ubuntu1~22.04", "openjdk-8-jdk": "8u362-ga-0ubuntu1~22.04", "openjdk-8-jre": "8u362-ga-0ubuntu1~22.04", "openjdk-8-doc": "8u362-ga-0ubuntu1~22.04" } ] }