|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-5676: java-1_8_0-openj9: receiving a signal before initialization may lead to an infinite loop or unexpected crash | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | carlos.lopez |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/385312/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2023-5676:6.5:(AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
SMASH SMASH
2023-11-16 08:56:27 UTC
We ship the following versions: - SUSE:SLE-15-SP2:Update/java-1_8_0-openj9: openj9-0.40.0 - openSUSE:Factory/java-1_8_0-openj9: openj9-0.40.0 - openSUSE:Backports:SLE-15-SP4/java-11-openj9: openj9-0.23.0 - openSUSE:Backports:SLE-15-SP5/java-11-openj9: openj9-0.23.0 - openSUSE:Backports:SLE-15-SP6/java-11-openj9: openj9-0.23.0 - openSUSE:Factory/java-11-openj9: openj9-0.40.0 - openSUSE:Backports:SLE-15-SP5/java-17-openj9: openj9-0.33.0 - openSUSE:Backports:SLE-15-SP6/java-17-openj9: openj9-0.33.0 SUSE-SU-2023:4572-1: An update that solves four vulnerabilities and has two security fixes can now be installed. Category: security (important) Bug References: 1204264, 1216339, 1216374, 1216379, 1216640, 1217214 CVE References: CVE-2023-22025, CVE-2023-22067, CVE-2023-22081, CVE-2023-5676 Sources used: NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2023:4614-1: An update that solves four vulnerabilities and has two security fixes can now be installed. Category: security (important) Bug References: 1204264, 1216339, 1216374, 1216379, 1216640, 1217214 CVE References: CVE-2023-22025, CVE-2023-22067, CVE-2023-22081, CVE-2023-5676 Sources used: NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2023:4612-1: An update that solves three vulnerabilities can now be installed. Category: security (moderate) Bug References: 1216374, 1216379, 1217214 CVE References: CVE-2023-22067, CVE-2023-22081, CVE-2023-5676 Sources used: openSUSE Leap 15.4 (src): java-1_8_0-openj9-1.8.0.392-150200.3.39.1 openSUSE Leap 15.5 (src): java-1_8_0-openj9-1.8.0.392-150200.3.39.1 SUSE Package Hub 15 15-SP5 (src): java-1_8_0-openj9-1.8.0.392-150200.3.39.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2024:0479-1: An update that solves seven vulnerabilities can now be installed. Category: security (important) Bug References: 1217214, 1218903, 1218905, 1218906, 1218907, 1218909, 1218911 CVE References: CVE-2023-5676, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 Sources used: SUSE Package Hub 15 15-SP5 (src): java-1_8_0-openj9-1.8.0.402-150200.3.42.1 openSUSE Leap 15.5 (src): java-1_8_0-openj9-1.8.0.402-150200.3.42.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. Fixed, please close. Done, closing. |