GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Mon Jan 25, 2021 1:26 am Post subject: [ GLSA 202101-19 ] OpenJDK |
 |
|
Gentoo Linux Security Advisory
Title: OpenJDK: Multiple vulnerabilities (GLSA 202101-19)
Severity: normal
Exploitable: remote
Date: 2021-01-25
Bug(s): #705992, #750833
ID: 202101-19
Synopsis
Multiple vulnerabilities have been found in OpenJDK, the worst of
which could result in the arbitrary execution of code.
Background
OpenJDK is a free and open-source implementation of the Java Platform,
Standard Edition.
Affected Packages
Package: dev-java/openjdk
Vulnerable: < 8.272_p10
Unaffected: >= 8.272_p10
Architectures: All supported architectures
Package: dev-java/openjdk-bin
Vulnerable: < 8.272_p10
Unaffected: >= 8.272_p10
Architectures: All supported architectures
Package: dev-java/openjdk-jre-bin
Vulnerable: < 8.272_p10
Unaffected: >= 8.272_p10
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in OpenJDK. Please review
the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenJDK users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/openjdk-8.272_p10"
|
All OpenJDK (binary) users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-8.272_p10"
|
All OpenJDK JRE (binary) users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=dev-java/openjdk-jre-bin-8.272_p10"
|
References
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659 |
|
News & Announcements
