| Summary: | dev-java/openjdk{,-jre-bin,-bin}-{8.422_p05,11.0.24_p8, 17.0.12_p7, 21.0.4_p7, 23_p37}: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Volkmar W. Pogatzki <gentoo> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | gentoo, java |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://openjdk.org/groups/vulnerability/advisories/2024-10-15 | ||
| See Also: |
https://github.com/gentoo/gentoo/pull/39015 https://github.com/gentoo/gentoo/pull/39032 https://github.com/gentoo/gentoo/pull/39033 https://github.com/gentoo/gentoo/pull/39041 https://github.com/gentoo/gentoo/pull/39089 https://github.com/gentoo/gentoo/pull/38836 |
||
| Whiteboard: | B1 [glsa+] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 941692, 941776, 942036 | ||
| Bug Blocks: | |||
|
Description
Volkmar W. Pogatzki
2024-10-17 10:23:29 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=573c108dad7eb226081ff19241c89a77db909ced commit 573c108dad7eb226081ff19241c89a77db909ced Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 16:03:56 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 16:40:28 +0000 dev-java/openjdk: drop 17.0.12_p7 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk/Manifest | 1 - dev-java/openjdk/openjdk-17.0.12_p7.ebuild | 325 ----------------------------- 2 files changed, 326 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c56cbd0d9ce6e2071bf3f8bab9eb5112128ff1c7 commit c56cbd0d9ce6e2071bf3f8bab9eb5112128ff1c7 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 16:03:22 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 16:40:28 +0000 dev-java/openjdk: drop 11.0.24_p8 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk/Manifest | 1 - dev-java/openjdk/openjdk-11.0.24_p8.ebuild | 316 ----------------------------- 2 files changed, 317 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ff0144c66454460d46fccee79dd793fea46b8304 commit ff0144c66454460d46fccee79dd793fea46b8304 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 16:02:34 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 16:40:28 +0000 dev-java/openjdk: drop 8.422_p05 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk/Manifest | 1 - dev-java/openjdk/openjdk-8.422_p05.ebuild | 283 ------------------------------ 2 files changed, 284 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b571b1450a9febe6b01213bcd876d16cf5f15a0 commit 6b571b1450a9febe6b01213bcd876d16cf5f15a0 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 16:40:34 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 17:09:35 +0000 dev-java/openjdk-jre-bin: drop 21.0.3_p9 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/39033 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 - .../openjdk-jre-bin-21.0.3_p9.ebuild | 83 ---------------------- 2 files changed, 84 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d453380f7223f10b6c837340acd0c986faa84b53 commit d453380f7223f10b6c837340acd0c986faa84b53 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 16:36:15 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 17:09:34 +0000 dev-java/openjdk-jre-bin: add 8.432_p06 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-8.432_p06.ebuild | 82 ++++++++++++++++++++++ 2 files changed, 83 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c7b37368c34af991209ccb3ea798166bca80539 commit 7c7b37368c34af991209ccb3ea798166bca80539 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 06:37:42 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 17:09:33 +0000 dev-java/openjdk-jre-bin: add 11.0.25_p9 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-11.0.25_p9.ebuild | 83 ++++++++++++++++++++++ 2 files changed, 84 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d483dea35c0e332809895f7d1779028974fdcc67 commit d483dea35c0e332809895f7d1779028974fdcc67 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 06:36:54 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 17:09:31 +0000 dev-java/openjdk-jre-bin: add 17.0.13_p11 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-17.0.13_p11.ebuild | 83 ++++++++++++++++++++++ 2 files changed, 84 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef4debed06dc72c50b83809cc9f0fc87015a1713 commit ef4debed06dc72c50b83809cc9f0fc87015a1713 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-18 06:35:47 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-18 17:09:31 +0000 dev-java/openjdk-jre-bin: add 21.0.5_p11 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 1 + .../openjdk-jre-bin-21.0.5_p11.ebuild | 83 ++++++++++++++++++++++ 2 files changed, 84 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2f483b3873006b508843dba69ac5985069fc6f9f commit 2f483b3873006b508843dba69ac5985069fc6f9f Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-19 07:20:32 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-19 10:00:58 +0000 dev-java/openjdk-jre-bin: drop 8.412_p08, 11.0.23_p9, 17.0.11_p9 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-jre-bin/Manifest | 3 - .../openjdk-jre-bin-11.0.23_p9.ebuild | 83 ---------------------- .../openjdk-jre-bin-17.0.11_p9.ebuild | 83 ---------------------- .../openjdk-jre-bin-8.412_p08.ebuild | 82 --------------------- 4 files changed, 251 deletions(-) The summary does not include a version number for slot 8. Was the fixed version left out there or are there no fixes for slot 8? Version number 8.422_p05 added. Several download files for all slots of openjdk-bin are presently still missing. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2aea50a04248fc664e76f12df1ef202bbb7a09a5 commit 2aea50a04248fc664e76f12df1ef202bbb7a09a5 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-23 17:02:44 +0000 Commit: Arthur Zamarin <arthurzam@gentoo.org> CommitDate: 2024-10-23 20:54:13 +0000 dev-java/openjdk-bin: drop 21.0.4_p7 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org> dev-java/openjdk-bin/Manifest | 6 - dev-java/openjdk-bin/openjdk-bin-21.0.4_p7.ebuild | 135 ---------------------- 2 files changed, 141 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d72ea291b144bb88c208d1097377fba9866688c commit 2d72ea291b144bb88c208d1097377fba9866688c Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-10-25 08:54:48 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-10-25 10:14:41 +0000 dev-java/openjdk-bin: drop 8.422_p05, 11.0.24_p8, 17.0.12_p7 Bug: https://bugs.gentoo.org/941689 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/38836/commits/2fd20da546c5dc586f33459bde855033b5405414 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/openjdk-bin/Manifest | 19 --- dev-java/openjdk-bin/openjdk-bin-11.0.24_p8.ebuild | 134 -------------------- dev-java/openjdk-bin/openjdk-bin-17.0.12_p7.ebuild | 135 --------------------- dev-java/openjdk-bin/openjdk-bin-8.422_p05.ebuild | 130 -------------------- 4 files changed, 418 deletions(-) The tree is now clean. You can proceed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=80e23d86e15243a81505dad719472035de9e59ff commit 80e23d86e15243a81505dad719472035de9e59ff Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-12-07 10:36:00 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-12-07 10:36:10 +0000 [ GLSA 202412-07 ] OpenJDK: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/912719 Bug: https://bugs.gentoo.org/916211 Bug: https://bugs.gentoo.org/925020 Bug: https://bugs.gentoo.org/941689 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202412-07.xml | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) |
