Update openjdk8 to 8u141 to fix critical CVEs
Oracle lists 32 CVEs in the release notes.
Red Hat has pushed their update to OpenJDK 8 and assigned the update Critical severity. Red Hat errata
(from redmine: issue id 7579, created on 2017-07-21, closed on 2018-09-11)
- Changesets:
- Revision 85cf3a23 by Timo Teräs on 2017-07-21T15:34:40Z:
community/openjdk8: upgrade to icedtea 3.5.0 / java 8 u141 b15
fixes #7579
S8163958, CVE-2017-10102: Improved garbage collection
S8167228: Update to libpng 1.6.28
S8169209, CVE-2017-10053: Improved image post-processing steps
S8169392, CVE-2017-10067: Additional jar validation steps
S8170966, CVE-2017-10081: Right parenthesis issue
S8171539, CVE-2017-10078: Better script accessibility for JavaScript
S8172204, CVE-2017-10087: Better Thread Pool execution
S8172461, CVE-2017-10089: Service Registration Lifecycle
S8172465, CVE-2017-10090: Better handling of channel groups
S8172469, CVE-2017-10096: Transform Transformer Exceptions
S8173286, CVE-2017-10101: Better reading of text catalogs
S8173697, CVE-2017-10107: Less Active Activations
S8173770, CVE-2017-10074: Image conversion improvements
S8174098, CVE-2017-10110: Better image fetching
S8174105, CVE-2017-10108: Better naming attribution
S8174113, CVE-2017-10109: Better sourcing of code
S8174770: Check registry registration location
S8174873: Improved certificate procesing
S8175106, CVE-2017-10115: Higher quality DSA operations
S8175110, CVE-2017-10118: Higher quality ECDSA operations
S8176055: JMX diagnostic improvements
S8176067, CVE-2017-10116: Proper directory lookup processing
S8176760, CVE-2017-10135: Better handling of PKCS8 material
S8178135, CVE-2017-10176: Additional elliptic curve support
S8179101, CVE-2017-10193: Improve algorithm constraints implementation
S8179998, CVE-2017-10198: Clear certificate chain connections
S8181420, CVE-2017-10074: PPC: Image conversion improvements
S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements
S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements
- Revision bf6282e7 by Timo Teräs on 2018-06-13T17:08:19Z:
community/openjdk8: upgrade to icedtea 3.5.0 / java 8 u141 b15
fixes #7579
S8163958, CVE-2017-10102: Improved garbage collection
S8167228: Update to libpng 1.6.28
S8169209, CVE-2017-10053: Improved image post-processing steps
S8169392, CVE-2017-10067: Additional jar validation steps
S8170966, CVE-2017-10081: Right parenthesis issue
S8171539, CVE-2017-10078: Better script accessibility for JavaScript
S8172204, CVE-2017-10087: Better Thread Pool execution
S8172461, CVE-2017-10089: Service Registration Lifecycle
S8172465, CVE-2017-10090: Better handling of channel groups
S8172469, CVE-2017-10096: Transform Transformer Exceptions
S8173286, CVE-2017-10101: Better reading of text catalogs
S8173697, CVE-2017-10107: Less Active Activations
S8173770, CVE-2017-10074: Image conversion improvements
S8174098, CVE-2017-10110: Better image fetching
S8174105, CVE-2017-10108: Better naming attribution
S8174113, CVE-2017-10109: Better sourcing of code
S8174770: Check registry registration location
S8174873: Improved certificate procesing
S8175106, CVE-2017-10115: Higher quality DSA operations
S8175110, CVE-2017-10118: Higher quality ECDSA operations
S8176055: JMX diagnostic improvements
S8176067, CVE-2017-10116: Proper directory lookup processing
S8176760, CVE-2017-10135: Better handling of PKCS8 material
S8178135, CVE-2017-10176: Additional elliptic curve support
S8179101, CVE-2017-10193: Improve algorithm constraints implementation
S8179998, CVE-2017-10198: Clear certificate chain connections
S8181420, CVE-2017-10074: PPC: Image conversion improvements
S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements
S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements
- Revision 6a715620 by Timo Teräs on 2018-06-13T21:19:43Z:
community/openjdk8: upgrade to icedtea 3.5.0 / java 8 u141 b15
fixes #7579
S8163958, CVE-2017-10102: Improved garbage collection
S8167228: Update to libpng 1.6.28
S8169209, CVE-2017-10053: Improved image post-processing steps
S8169392, CVE-2017-10067: Additional jar validation steps
S8170966, CVE-2017-10081: Right parenthesis issue
S8171539, CVE-2017-10078: Better script accessibility for JavaScript
S8172204, CVE-2017-10087: Better Thread Pool execution
S8172461, CVE-2017-10089: Service Registration Lifecycle
S8172465, CVE-2017-10090: Better handling of channel groups
S8172469, CVE-2017-10096: Transform Transformer Exceptions
S8173286, CVE-2017-10101: Better reading of text catalogs
S8173697, CVE-2017-10107: Less Active Activations
S8173770, CVE-2017-10074: Image conversion improvements
S8174098, CVE-2017-10110: Better image fetching
S8174105, CVE-2017-10108: Better naming attribution
S8174113, CVE-2017-10109: Better sourcing of code
S8174770: Check registry registration location
S8174873: Improved certificate procesing
S8175106, CVE-2017-10115: Higher quality DSA operations
S8175110, CVE-2017-10118: Higher quality ECDSA operations
S8176055: JMX diagnostic improvements
S8176067, CVE-2017-10116: Proper directory lookup processing
S8176760, CVE-2017-10135: Better handling of PKCS8 material
S8178135, CVE-2017-10176: Additional elliptic curve support
S8179101, CVE-2017-10193: Improve algorithm constraints implementation
S8179998, CVE-2017-10198: Clear certificate chain connections
S8181420, CVE-2017-10074: PPC: Image conversion improvements
S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements
S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements