From andrew.gross at oracle.com Tue Jan 16 20:59:26 2024 From: andrew.gross at oracle.com (Andrew H. Gross) Date: Tue, 16 Jan 2024 12:59:26 -0800 Subject: OpenJDK Vulnerability Advisory: 2024/01/16 Message-ID: OpenJDK Vulnerability Advisory: 2024/01/16 vuln-report at openjdk.org https://openjdk.org/groups/vulnerability/advisories Releases affected: 8, 11, 17, and 21 OpenJDK CVEs: ??? CVE-2024-20918? CVE-2024-20919? CVE-2024-20921? CVE-2024-20926 ??? CVE-2024-20932? CVE-2024-20945? CVE-2024-20952 OpenJFX CVEs: ??? CVE-2024-20922? CVE-2024-20923? CVE-2024-20925 Please note that defense-in-depth issues are not assigned CVEs. These issues have been addressed, as applicable, in the following releases: ? 8u402, 11.0.22, 17.0.10, and 21.0.2 We recommend that you upgrade to these new releases as soon as possible. For more detail about this advisory, please see: ? https://openjdk.org/groups/vulnerability/advisories/2024-01-16 -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_0x27F209491C0FE9C1.asc Type: application/pgp-keys Size: 4134 bytes Desc: OpenPGP public key URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: