lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 12 Feb 2020 22:14:32 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4621-1] openjdk-8 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4621-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 12, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-8
CVE ID         : CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 
                 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in denial of service, incorrect implementation of Kerberos
GSSAPI and TGS requests or incorrect TLS handshakes.
	    
For the oldstable distribution (stretch), these problems have been fixed
in version 8u242-b08-1~deb9u1.

We recommend that you upgrade your openjdk-8 packages.

For the detailed security status of openjdk-8 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-8

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5Ed10ACgkQEMKTtsN8
TjaY8xAAmKuxIER9Z3L94N+sJuGryJoE9VJOGNGCrjDtKHVGs2RKBPJhAZMWhr8z
Rr6f5wfGahEdIBocWxYtvRNIHwHNb8Ec4IBhsxqCa9ha1QVXSO+CMIRJXYMcT0mC
we/bCi0O7+THaysjJ1X3rko2bQOMoyi501dy0NKDG7WN9UwZom21PB6yLIrs1SMk
PJbSUWDq8Sc1D/tx/8YSq7uQKwR2Ax+ePLqvZ5vuy4w6iaSIRceWRC72DUHdmyGA
csm3vZj3tsqWywDq2dBNErgQWI5itxRlA0dxw1811/DWuYacy57R5N8Kw6IhkJOT
S3Squ0LlN56W+WV5ugYDhVw6tk4trpSWBFjlPqnrzaNMUEoW7aDhwP/F9ke5GgqS
9WD2a/jbA7EoLxaEi31YwHdPLD+77jdVt/ANVFkjFJYT03GXg7ciIfMtbasMoHGJ
3ozcVLvxTUwpoUNRg04pXgO7qBOxdoQGrcEKwCILEJKDVBlSyPeAV//S3WItTRlq
/U0fJ8t5Rw1JDspykzsUmmJJC0KnAgMhiEBLcgTDka9sq0e3vOQZ/ioEiXzKH8a/
EPlo/HhWnSa0bUXnjchw4q8u5wyGHodgJBz762ALcvfWRVYXaXV02kzj4fgfR4aj
3QaKuZrVf2qlktrqbRyjL04M/KdNAVLICVGbjhKpZcPWOpyhD6U=
=8U/H
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ