Summary: | <dev-java/openjdk{,-bin,-jre-bin}-{8.292_p10,11.0.11_p9}: multiple vulnerabilities (CVE-2021-{2161,2163}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gentoo, gyakovlev, java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: |
dev-java/openjdk-8.292_p10
dev-java/openjdk-bin-8.292_p10 amd64 arm64 ppc64
dev-java/openjdk-jre-bin-8.292_p10 amd64
|
Runtime testing required: | --- |
Bug Depends on: | 776676 | ||
Bug Blocks: |
Description
John Helmert III
2021-04-21 00:33:35 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f9137bf0ae7602c806a754cc55063c7363f7bd9 commit 5f9137bf0ae7602c806a754cc55063c7363f7bd9 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:51:01 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:52 +0000 dev-java/openjdk-jre-bin: bump to 11.0.11_p9 Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-11.0.11_p9.ebuild | 97 ++++++++++++++++++++++ 2 files changed, 98 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1dea32724ea7fe8e78877a1e480c4903c600070 commit e1dea32724ea7fe8e78877a1e480c4903c600070 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:50:17 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:47 +0000 dev-java/openjdk-jre-bin: bump to 8.292_p10 Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-8.292_p10.ebuild | 80 ++++++++++++++++++++++ 2 files changed, 81 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=823327a6fb666c00777d57cd7e2d69ced9e5fd46 commit 823327a6fb666c00777d57cd7e2d69ced9e5fd46 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:49:24 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:41 +0000 dev-java/openjdk: bump to 11.0.11_p9 Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk/Manifest | 1 + dev-java/openjdk/openjdk-11.0.11_p9.ebuild | 272 +++++++++++++++++++++++++++++ 2 files changed, 273 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2aebb6c522a07a3df9e985ae45d165fa2cc2f777 commit 2aebb6c522a07a3df9e985ae45d165fa2cc2f777 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:45:28 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:36 +0000 dev-java/openjdk: bump to 8.292_p10 Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk/Manifest | 16 ++ dev-java/openjdk/openjdk-8.292_p10.ebuild | 253 ++++++++++++++++++++++++++++++ 2 files changed, 269 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=55468f86b0a3a28746723d73229acd18b0a8dcd2 commit 55468f86b0a3a28746723d73229acd18b0a8dcd2 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:30:39 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:29 +0000 dev-java/openjdk-bin: bump to 11.0.11_p9 Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk-bin/Manifest | 5 + dev-java/openjdk-bin/openjdk-bin-11.0.11_p9.ebuild | 132 +++++++++++++++++++++ 2 files changed, 137 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a094b1462b32192cbdbe8e3c1a5d5c440898cc7c commit a094b1462b32192cbdbe8e3c1a5d5c440898cc7c Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-04-25 14:29:04 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-25 15:06:13 +0000 dev-java/openjdk-bin: bump to 8.292_p10 arm32 will be added later Bug: https://bugs.gentoo.org/784611 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> dev-java/openjdk-bin/Manifest | 4 + dev-java/openjdk-bin/openjdk-bin-8.292_p10.ebuild | 119 ++++++++++++++++++++++ 2 files changed, 123 insertions(+) let's give it couple days to settle and I'll add arches to CC for stabilization. (In reply to Georgy Yakovlev from comment #2) > let's give it couple days to settle and I'll add arches to CC for > stabilization. Thanks! cleanup of :11 done ppc64 done had to revert cleanup of :11 because of https://bugs.gentoo.org/776676 x86 done moar spam: cleanup of :11 done again =) x86 stable arm64 done all arches done Please cleanup, thanks! cleanup done Thanks! Unable to check for sanity:
> no match for package: dev-java/openjdk-bin-8.292_p10
Unable to check for sanity:
> no match for package: dev-java/openjdk-8.292_p10
GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=e1a6765fc7cb3c5afe0b95463f49a9924ef37cab commit e1a6765fc7cb3c5afe0b95463f49a9924ef37cab Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-07 02:52:52 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-07 02:58:08 +0000 [ GLSA 202209-05 ] OpenJDK: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/784611 Bug: https://bugs.gentoo.org/803605 Bug: https://bugs.gentoo.org/831446 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-05.xml | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 153 insertions(+) GLSA released, all done! |