[3.6] openjdk8 Multiple CVE
Oracle published two “Oracle Critical Patch Update Advisory” since the last openjdk packaged version in alpine 3.6
Around 10 vulnerabilities have a Oracle CVSS score >9.
References :
July 2017 (version 8u144 :
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\#AppendixJAVA
October 2017 (version 8u152) :
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\#AppendixJAVA
(from redmine: issue id 8018, created on 2017-10-18, closed on 2019-05-04)
- Changesets:
- Revision 4d34f29d by Timo Teräs on 2017-11-08T13:43:26Z:
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
- Revision b3a4d84b by Timo Teräs on 2018-06-13T17:08:20Z:
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
- Revision 305f8cb9 by Timo Teräs on 2018-06-13T21:19:43Z:
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111