Oracle Linux 6139 Published by

A java-1.8.0-openjdk security update (aarch64) has been released for Oracle Linux 7.



ELSA-2023-5761 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update (aarch64)


Oracle Linux Security Advisory ELSA-2023-5761

http://linux.oracle.com/errata/ELSA-2023-5761.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.392.b08-2.el7_9.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.392.b08-2.el7_9.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.392.b08-2.el7_9.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.392.b08-2.el7_9.aarch64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.392.b08-2.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.392.b08-2.el7_9.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.392.b08-2.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9.src.rpm

Related CVEs:

CVE-2023-22067
CVE-2023-22081

Description of changes:

[1:1.8.0.392.b08-2]
- Revert jcmd move as jcmd will not operate without tools.jar
- Related: RHEL-13577

[1:1.8.0.392.b08-1]
- Update to shenandoah-jdk8u392-b08 (GA)
- Update release notes for shenandoah-8u392-b08.
- Update generate_tarball.sh to be closer to upstream vanilla script inc. no more ECC removal
- Update bug URL for RHEL to point to the Red Hat customer portal
- Change top_level_dir_name to use the VCS tag, matching new upstream release style tarball
- Regenerate PR2462 patch following JDK-8315135
- Add backport of JDK-8312489 heading upstream for 8u402 (see OPENJDK-2095)
- Add missing JFR alternative ghost
- Move jcmd to the headless package
- ** This tarball is embargoed until 2023-10-17 @ 1pm PT. **
- Resolves: RHEL-12212
- Resolves: RHEL-13574
- Resolves: RHEL-13575
- Resolves: RHEL-13576
- Resolves: RHEL-11319
- Resolves: RHEL-13577

[1:1.8.0.392.b08-1]
- For non debug subpackages, ghosted all alternatives (rhbz1649776)
- For non system JDKs, if-outed versionless provides.
- Aligned versions to be %{epoch}:%{version}-%{release} instead of chaotic
- Related: RHEL-11319