OpenJDK Vulnerability Advisory: 2023/10/17

Andrew H. Gross andrew.gross at oracle.com
Tue Oct 17 23:50:31 UTC 2023


OpenJDK Vulnerability Advisory: 2023/10/17
vuln-report at openjdk.org
https://openjdk.org/groups/vulnerability/advisories

Releases affected: 8, 11, 17, and 21



OpenJDK CVEs:
     CVE-2023-22025  CVE-2023-22067  CVE-2023-22081



OpenJFX CVEs:
     None



Please note that defense-in-depth issues are not assigned CVEs.

These issues have been addressed, as applicable, in the following releases:
   8u392, 11.0.21, 17.0.9, and 21.0.1

We recommend that you upgrade to these new releases as soon as possible.

For more detail about this advisory, please see:
   https://openjdk.org/groups/vulnerability/advisories/2023-10-17

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x27F209491C0FE9C1.asc
Type: application/pgp-keys
Size: 4134 bytes
Desc: OpenPGP public key
URL: <https://mail.openjdk.org/pipermail/vuln-announce/attachments/20231017/c0613466/OpenPGP_0x27F209491C0FE9C1.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mail.openjdk.org/pipermail/vuln-announce/attachments/20231017/c0613466/OpenPGP_signature.asc>


More information about the vuln-announce mailing list