stable

OpenJDK 11.0.14 Security Update for Fedora 35

FEDORA-2022-55ae167d94 created by ahughes a year ago for Fedora 35

New in release OpenJDK 11.0.14 (2022-01-18):

Live versions of these release notes can be found at:

Security fixes

JDK-8217375: jarsigner breaks old signature with long lines in manifest
JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
JDK-8268488: More valuable DerValues
JDK-8268494: Better inlining of inlined interfaces
JDK-8268512: More content for ContentInfo
JDK-8268795: Enhance digests of Jar files
JDK-8268801: Improve PKCS attribute handling
JDK-8268813, CVE-2022-21283: Better String matching
JDK-8269151: Better construction of EncryptedPrivateKeyInfo
JDK-8269944: Better HTTP transport redux
JDK-8270386, CVE-2022-21291: Better verification of scan methods
JDK-8270392, CVE-2022-21293: Improve String constructions
JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
JDK-8270492, CVE-2022-21282: Better resolution of URIs
JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
JDK-8270952, CVE-2022-21277: Improve TIFF file handling
JDK-8271962: Better TrueType font loading
JDK-8271968: Better canonical naming
JDK-8271987: Manifest improved manifest entries
JDK-8272014, CVE-2022-21305: Better array indexing
JDK-8272026, CVE-2022-21340: Verify Jar Verification
JDK-8272236, CVE-2022-21341: Improve serial forms for transport
JDK-8272272: Enhance jcmd communication
JDK-8272462: Enhance image handling
JDK-8273290: Enhance sound handling
JDK-8273756, CVE-2022-21360: Enhance BMP image support
JDK-8273838, CVE-2022-21365: Enhanced BMP processing
JDK-8274096, CVE-2022-21366: Improve decoding of image files
JDK-8279541: Improve HarfBuzz

Major Changes

JDK-8250554 : New Option Added to jcmd for Writing a gzipped Heap Dump
JDK-8260310: Configurable Extensions With System Properties
JDK-8272907: New SunPKCS11 Configuration Properties
JDK-8271517: Zip File System Provider Throws ZipException when entry name element contains "." or "."
JDK-8272535: Removed Google's GlobalSign Root Certificate
JDK-8274857: Update Timezone Data to 2021c
JDK-8253866: blacklisted.certs renamed to blocked.certs

FIPS Mode Changes

Fix FIPS issues in native code and with initialisation of java.security.Security

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-55ae167d94

This update has been submitted for testing by ahughes.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

jerboaa edited this update.

a year ago

browseria commented & provided feedback a year ago

karma

Works for me. Ship it!

BZ#2042452 Missing latest release OpenJDK 11.0.14

This update has been pushed to testing.

a year ago

bojan commented & provided feedback a year ago

karma

Works.

This update can be pushed to stable now if the maintainer wishes

a year ago

besser82 commented & provided feedback a year ago

karma

Works great! LGTM! =)

This update has been submitted for stable by bodhi.

a year ago

andilinux commented & provided feedback a year ago

karma

works without issues

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Builds

java-11-openjdk-11.0.14.0.9-2.fc35

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

modified

a year ago

BZ#2042452 Missing latest release OpenJDK 11.0.14

java-11-openjdk-11.0.14.0.9-2.fc35

Automated Test Results

ignored