FEDORA-EPEL-2023-52e0512741

Packages in this update:

java-latest-openjdk-19.0.2.0.7-1.rolling.el8

Update description:

New in release OpenJDK 19.0.2 (2023-01-17)

CVEs Fixed

CVE-2023-21835
CVE-2023-21843

Security Fixes

* JDK-8286070: Improve UTF8 representation
* JDK-8286496: Improve Thread labels
* JDK-8287411: Enhance DTLS performance
* JDK-8288516: Enhance font creation
* JDK-8293554: Enhanced DH Key Exchanges
* JDK-8293598: Enhance InetAddress address handling
* JDK-8293717: Objective view of ObjectView
* JDK-8293734: Improve BMP image handling
* JDK-8293742: Better Banking of Sounds
* JDK-8295687: Better BMP bounds

Major Changes

JDK-8295687: Better BMP bounds

Loading a linked ICC profile within a BMP image is now disabled by default. To re-enable it, set the new system property sun.imageio.bmp.enabledLinkedProfiles to true. This new property replaces the old property, sun.imageio.plugins.bmp.disableLinkedProfiles.

JDK-8293742: Better Banking of Sounds

Previously, the SoundbankReader implementation, com.sun.media.sound.JARSoundbankReader, would download a JAR soundbank from a URL. This behaviour is now disabled by default. To re-enable it, set the new system property jdk.sound.jarsoundbank to true.

JDK-8287411: Enhance DTLS performance

The JDK now exchanges DTLS cookies for all handshakes, new and resumed. The previous behaviour can be re-enabled by setting the new system property jdk.tls.enableDtlsResumeCookie to false.

Read More