Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.
Archive for February 5th, 2023
Rebase to sudo 1.9.12p2 – security fix for CVE-2023-22809
Security fix for CVE-2022-4510
# New in release [OpenJDK 11.0.18](https://bit.ly/openjdk11018) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
Security fix for CVE-2022-4510
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress
# New in release OpenJDK 19.0.2 (2023-01-17) ## CVEs Fixed * CVE-2023-21835 * CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress address handling – JDK-8293717: Objective
# New in release [OpenJDK 17.0.6](https://bit.ly/openjdk1706) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress