FEDORA-2022-e573851f56
Packages in this update:
java-latest-openjdk-18.0.2.0.9-1.rolling.fc36
Update description:
New in release OpenJDK 18.0.2 (2022-07-19)
Full release notes can be found at https://builds.shipilev.net/backports-monitor/release-notes-18.0.2.txt
Security fixes
JDK-8272243: Improve DER parsing
JDK-8272249: Better properties of loaded Properties
JDK-8277608: Address IP Addressing
JDK-8281859, CVE-2022-21540: Improve class compilation
JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
JDK-8282676: Improve subject handling
JDK-8283190: Improve MIDI processing
JDK-8284370: Improve zlib usage
JDK-8285407, CVE-2022-34169: Improve Xalan supports
JDK-8288367: CPU Shares Ignored When Computing Active Processor Count
Previous JDK releases used an incorrect interpretation of the Linux cgroups parameter cpu.shares. This might cause the JVM to use fewer CPUs than available, leading to an under utilization of CPU resources when the JVM is used inside a container.
Starting from this JDK release, by default, the JVM no longer considers cpu.shares when deciding the number of threads to be used by the various thread pools. The -XX:+UseContainerCpuShares command-line option can be used to revert to the previous behaviour. This option is deprecated and may be removed in a future JDK release.
More Stories
ZDI-CAN-25373: Microsoft
A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...
DSA-5774-1 ruby-saml – security update
It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...
USN-6968-2: PostgreSQL vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....
USN-7015-2: Python vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS,...
USN-7027-1: Emacs vulnerabilities
It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands....
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1,...