Bug 1228346

Summary: java-1_8_0-ibm: Oracle July 16 2024 CPU
Product: [Novell Products] SUSE Security Incidents Reporter: Pedro Monreal Gonzalez <pmonrealgonzalez>
Component: IncidentsAssignee: Pedro Monreal Gonzalez <pmonrealgonzalez>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: gery.schneider, marcus.kraft1, mcowley, meissner, pmonrealgonzalez, tstaudt
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Pedro Monreal Gonzalez 2024-07-26 06:14:20 UTC 
A new version has not been released yet, I'll prepare the update once released.

CVE ID	        CVSS	IBM 8 Fix
---------------------------------------
CVE-2024-21147	7.4	Fix in progress
CVE-2024-21145	4.8	Fix in progress
CVE-2024-21140	4.8	Fix in progress
CVE-2024-21144	3.7	Fix in progress
CVE-2024-21138	3.7	Fix in progress
CVE-2024-21131	3.7	Fix in progress

Further information on Oracle's July 16 2024 Critical Patch Update is available here:
  * https://www.oracle.com/security-alerts/cpujul2024.html#AppendixJAVA
Comment 1 Pedro Monreal Gonzalez 2024-07-26 06:14:38 UTC 
See also: https://www.ibm.com/support/pages/java-sdk-security-vulnerabilities
Comment 2 Pedro Monreal Gonzalez 2024-07-26 06:16:31 UTC 
I'm adding IBM and Mark Cowley from SUSE in CC just for awareness. No action from IBM is required at this point. TIA.