From andrew.gross at oracle.com  Wed Apr 17 00:31:27 2024
From: andrew.gross at oracle.com (Andrew H. Gross)
Date: Tue, 16 Apr 2024 17:31:27 -0700
Subject: OpenJDK Vulnerability Advisory: 2024/04/16
Message-ID: <560b9f9d-27a8-4632-a73a-403a18adcf26@oracle.com>

OpenJDK Vulnerability Advisory: 2024/04/16
vuln-report at openjdk.org
https://openjdk.org/groups/vulnerability/advisories

Releases affected: 8, 11, 17, 21, and 22



OpenJDK CVEs:
 ??? CVE-2024-21011? CVE-2024-21012? CVE-2024-21068? CVE-2024-21085
 ??? CVE-2024-21094



OpenJFX CVEs:
 ??? CVE-2023-41993? CVE-2024-21002? CVE-2024-21003? CVE-2024-21004
 ??? CVE-2024-21005



Please note that defense-in-depth issues are not assigned CVEs.

These issues have been addressed, as applicable, in the following releases:
 ? 8u412, 11.0.23, 17.0.11, 21.0.3, and 22.0.1

We recommend that you upgrade to these new releases as soon as possible.

For more detail about this advisory, please see:
 ? https://openjdk.org/groups/vulnerability/advisories/2024-04-16
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x27F209491C0FE9C1.asc
Type: application/pgp-keys
Size: 4134 bytes
Desc: OpenPGP public key
URL: <https://mail.openjdk.org/pipermail/vuln-announce/attachments/20240416/99171b9c/OpenPGP_0x27F209491C0FE9C1.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mail.openjdk.org/pipermail/vuln-announce/attachments/20240416/99171b9c/OpenPGP_signature.asc>