OpenJDK官网安全更新（2023-10-17）

OpenJDK Vulnerability Advisory: 2023/10/17

<br/>OpenJDK Vulnerability Advisory: 2023/10/17<br/>The following vulnerabilities in OpenJDK source code were fixed<br/>in this release. The affected versions are 21, 17.0.8, 11.0.20,<br/>8u382, and earlier. Please note that defense-in-depth issues are<br/>not assigned CVEs. We recommend that you upgrade as soon as<br/>possible.<br/>The current and previous advisories are<br/>available for reference.<br/>OpenJDK Risk matrix<br/><br/><br/><br/><br/><br/>Affects ...<br/><br/><br/>CVE ID<br/>Component<br/>CVSSv3.1<br/>Vector<br/>8<br/>11<br/>17<br/>21<br/><br/><br/>CVE-2023-22067<br/>other-libs/<br/>corba<br/>5.3<br/>NLNNUNLN<br/>&amp;#8226;<br/><br/><br/><br/><br/><br/>CVE-2023-22081<br/>security-libs/<br/>javax.net.ssl<br/>5.3<br/>NLNNUNNL<br/>&amp;#8226;<br/>&amp;#8226;<br/>&amp;#8226;<br/>&amp;#8226;<br/><br/><br/>CVE-2023-22025<br/>hotspot/<br/>compiler<br/>3.7<br/>NHNNUNLN<br/><br/><br/>&amp;#8226;<br/>&amp;#8226;<br/><br/><br/>OpenJFX Risk matrix<br/><br/><br/><br/><br/><br/>Affects ...<br/><br/><br/>CVE ID<br/>Component<br/>CVSSv3.1<br/>Vector<br/>11<br/>17<br/>21<br/><br/><br/>None<br/><br/><br/><br/><br/><br/><br/><br/>Acknowledgements<br/>We acknowledge the following parties for their reports and<br/>contributions: Carter Kozak, and Dinglijie.<br/>We also thank the Leads of the JDK 8<br/>Updates, JDK 11<br/>Updates, JDK 17<br/>Updates, and OpenJFX Projects for<br/>providing the risk-matrix information for their releases.<br/>How to report a vulnerability<br/>Please see the reporting<br/>instructions for information about how to report a<br/>vulnerability.<br/>Last update: 2023/10/17 17:44 UTC<br/>InstallingContributingSponsoringDevelopers&#39; GuideVulnerabilitiesJDK GA/EA BuildsMailing listsWiki<br/> &amp;#183; IRCBylaws &amp;#183; CensusLegalWorkshopJEP ProcessSource codeMercurialGitHubToolsGitjtreg harnessGroups(overview)AdoptionBuildClient LibrariesCompatibility &amp;amp; Specification ReviewCompilerConformanceCore LibrariesGoverning BoardHotSpotIDE Tooling &amp;amp; SupportInternationalizationJMXMembersNetworkingPortersQualitySecurityServiceabilityVulnerabilityWebProjects(overview,<br/> archive)AmberCRaCCaciocavalloClosuresCode ToolsCoinCommon VM InterfaceCompiler GrammarDetroitDevelopers&#39; GuideDevice I/ODukeGalahadGraalIcedTeaJDK 7JDK 8JDK 8 UpdatesJDK 9JDK<br/> (&amp;#8230;,<br/> 21,<br/> 22)JDK UpdatesJavaDoc.NextJigsawKonaKullaLambdaLanaiLeydenLilliputLocale EnhancementLoomMemory Model UpdateMetropolisMission ControlMulti-Language VMNashornNew I/OOpenJFXPanamaPenrosePort: AArch32Port: AArch64Port: BSDPort: HaikuPort: Mac OS XPort: MIPSPort: MobilePort: PowerPC/AIXPort: RISC-VPort: s390xPortolaSCTPShenandoahSkaraSumatraTiered AttributionTsanType AnnotationsValhallaVeronaVisualVMWakefieldZeroZGC<br/><br/> &amp;#169; 2023 Oracle Corporation and/or its affiliates<br/> Terms of Use<br/> &amp;#183;<br/> <br/> License: GPLv2<br/> &amp;#183; Privacy<br/> &amp;#183; Trademarks

OpenJDK是一款只能运行在i386 和AMD-64机器上的软件。

暂无

暂无

暂无

https://openjdk.java.net/groups/vulnerability/advisories/2023-10-17