stable

OpenJDK 17.0.2 Security Update for Fedora 34

FEDORA-2022-612dd9ae5e created by ahughes 2 years ago for Fedora 34

New in release OpenJDK 17.0.2 (2022-01-18):

Live versions of these release notes can be found at:

Security fixes

  • JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside
  • JDK-8264934, CVE-2022-21248: Enhance cross VM serialization
  • JDK-8268488: More valuable DerValues
  • JDK-8268494: Better inlining of inlined interfaces
  • JDK-8268512: More content for ContentInfo
  • JDK-8268813, CVE-2022-21283: Better String matching
  • JDK-8269151: Better construction of EncryptedPrivateKeyInfo
  • JDK-8269944: Better HTTP transport redux
  • JDK-8270386, CVE-2022-21291: Better verification of scan methods
  • JDK-8270392, CVE-2022-21293: Improve String constructions
  • JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps
  • JDK-8270492, CVE-2022-21282: Better resolution of URIs
  • JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management
  • JDK-8270646, CVE-2022-21299: Improved scanning of XML entities
  • JDK-8270952, CVE-2022-21277: Improve TIFF file handling
  • JDK-8271962: Better TrueType font loading
  • JDK-8271968: Better canonical naming
  • JDK-8271987: Manifest improved manifest entries
  • JDK-8272014, CVE-2022-21305: Better array indexing
  • JDK-8272026, CVE-2022-21340: Verify Jar Verification
  • JDK-8272236, CVE-2022-21341: Improve serial forms for transport
  • JDK-8272272: Enhance jcmd communication
  • JDK-8272462: Enhance image handling
  • JDK-8273290: Enhance sound handling
  • JDK-8273756, CVE-2022-21360: Enhance BMP image support
  • JDK-8273838, CVE-2022-21365: Enhanced BMP processing
  • JDK-8274096, CVE-2022-21366: Improve decoding of image files

Major Changes

  • JDK-8277157: Vector should throw ClassNotFoundException for a missing class of an element
  • JDK-8272535: Removed Google's GlobalSign Root Certificate
  • JDK-8277533: ZGC: Fixed long Process Non-Strong References times
  • JDK-8274857: Update Timezone Data to 2021c

FIPS Changes

  • Fix FIPS issues in native code and with initialisation of java.security.Security

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-612dd9ae5e

This update has been submitted for testing by ahughes.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago
User Icon browseria commented & provided feedback 2 years ago
karma

Works for me!

This update has been pushed to testing.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago

Automated Test Results