{"id":"CLSA-2022-1659636917","summary":"Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21540, CVE-2022-21541, CVE-2022-34169","details":"- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs:\n- CVE-2022-34169: Integer truncation issue in Xalan-J\n- CVE-2022-21540: Class compilation issue\n- CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic()\n- Update tzdata requirement to 2022a to match JDK-8283350\n- Remove patch for MakeBase.gmk cause issue was fixed in sources\n- Correct parameters passing to CheckVendor test","modified":"2026-05-27T11:18:32.603319852Z","published":"2022-08-04T18:15:17Z","upstream":["CVE-2022-21540","CVE-2022-21541","CVE-2022-34169"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/ol6/CLSA-2022-1659636917.html"}],"affected":[{"package":{"name":"java-1.8.0-openjdk","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-demo","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-demo?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-demo-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-devel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-devel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-devel-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-headless","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-headless?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-headless-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-javadoc","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-javadoc-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-src","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-src?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}},{"package":{"name":"java-1.8.0-openjdk-src-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/java-1.8.0-openjdk-src-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.0.342.b07-1.el6.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1659636917.json"}}],"schema_version":"1.7.5"}