{"id":"MGASA-2024-0179","summary":"Updated java-1.8.0, java-11, java-17, java-latest packages fix security vulnerabilities","details":"Long Exception message leading to crash. (CVE-2024-21011)\nHTTP/2 client improper reverse DNS lookup. (CVE-2024-21012)\nInteger overflow in C1 compiler address generation. (CVE-2024-21068)\nPack200 excessive memory allocation. (CVE-2024-21085)\nC2 compilation fails with \"Exceeded _node_regs array\". (CVE-2024-21094)\n","modified":"2026-04-16T00:08:55.384915740Z","published":"2024-05-16T17:29:32Z","upstream":["CVE-2024-21011","CVE-2024-21012","CVE-2024-21068","CVE-2024-21085","CVE-2024-21094"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0179.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33117"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA"}],"affected":[{"package":{"name":"java-1.8.0-openjdk","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/java-1.8.0-openjdk?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0.412.b08-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0179.json"}},{"package":{"name":"java-11-openjdk","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/java-11-openjdk?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.23.0.9-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0179.json"}},{"package":{"name":"java-17-openjdk","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/java-17-openjdk?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"17.0.11.0.9-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0179.json"}},{"package":{"name":"java-latest-openjdk","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/java-latest-openjdk?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"22.0.1.0.8-1.rolling.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0179.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}