Format: 1.8 Date: Tue, 25 Jan 2022 15:03:04 +0100 Source: openjdk-lts Binary: openjdk-11-jdk-headless openjdk-11-jre-headless openjdk-11-jdk openjdk-11-jre openjdk-11-demo openjdk-11-source openjdk-11-doc openjdk-11-dbg openjdk-11-jre-zero Architecture: source Version: 11.0.14+9-0ubuntu2~16.04 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers Changed-By: Matthias Klose Description: openjdk-11-dbg - Java runtime based on OpenJDK (debugging symbols) openjdk-11-demo - Java runtime based on OpenJDK (demos and examples) openjdk-11-doc - OpenJDK Development Kit (JDK) documentation openjdk-11-jdk - OpenJDK Development Kit (JDK) openjdk-11-jdk-headless - OpenJDK Development Kit (JDK) (headless) openjdk-11-jre - OpenJDK Java runtime, using ${vm:Name} openjdk-11-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless) openjdk-11-jre-zero - Alternative JVM for OpenJDK, using Zero openjdk-11-source - OpenJDK Development Kit (JDK) source files Changes: openjdk-lts (11.0.14+9-0ubuntu2~16.04) xenial; urgency=medium . * Backport the security update to 16.04 LTS. . openjdk-lts (11.0.14+9-0ubuntu2) jammy; urgency=medium . * OpenJDK 11.0.14+9 build (release). * Security fixes - JDK-8217375: jarsigner breaks old signature with long lines in manifest. - JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named "." inside. - JDK-8264934, CVE-2022-21248: Enhance cross VM serialization. - JDK-8268488: More valuable DerValues. - JDK-8268494: Better inlining of inlined interfaces. - JDK-8268512: More content for ContentInfo. - JDK-8268795: Enhance digests of Jar files. - JDK-8268801: Improve PKCS attribute handling. - JDK-8268813, CVE-2022-21283: Better String matching. - JDK-8269151: Better construction of EncryptedPrivateKeyInfo. - JDK-8269944: Better HTTP transport redux. - JDK-8270386, CVE-2022-21291: Better verification of scan methods. - JDK-8270392, CVE-2022-21293: Improve String constructions. - JDK-8270416, CVE-2022-21294: Enhance construction of Identity maps. - JDK-8270492, CVE-2022-21282: Better resolution of URIs. - JDK-8270498, CVE-2022-21296: Improve SAX Parser configuration management. - JDK-8270646, CVE-2022-21299: Improved scanning of XML entities. - JDK-8270952, CVE-2022-21277: Improve TIFF file handling. - JDK-8271962: Better TrueType font loading. - JDK-8271968: Better canonical naming. - JDK-8271987: Manifest improved manifest entries. - JDK-8272014, CVE-2022-21305: Better array indexing. - JDK-8272026, CVE-2022-21340: Verify Jar Verification. - JDK-8272236, CVE-2022-21341: Improve serial forms for transport. - JDK-8272272: Enhance jcmd communication. - JDK-8272462: Enhance image handling. - JDK-8273290: Enhance sound handling. - JDK-8273756, CVE-2022-21360: Enhance BMP image support. - JDK-8273838, CVE-2022-21365: Enhanced BMP processing. - JDK-8274096, CVE-2022-21366: Improve decoding of image files. - JDK-8279541: Improve HarfBuzz. Checksums-Sha1: 0183cc44a54ce96dd33cebc782ec875512b08577 4445 openjdk-lts_11.0.14+9-0ubuntu2~16.04.dsc 6abc7f6ed9c1bafb8c233f896a1c330195227da4 173256 openjdk-lts_11.0.14+9-0ubuntu2~16.04.debian.tar.xz Checksums-Sha256: 93a93de287fb9c5111cc03c9822cd6e4f48093457a13dcc4c937145302404311 4445 openjdk-lts_11.0.14+9-0ubuntu2~16.04.dsc 01f95648431030dbbd197bcdb1079132f75ee126a2449b8c943d4930cdf5af72 173256 openjdk-lts_11.0.14+9-0ubuntu2~16.04.debian.tar.xz Files: 97b721b1fca9e45191358d14fcdc91c1 4445 java optional openjdk-lts_11.0.14+9-0ubuntu2~16.04.dsc 2821678f3ef659c31ba93ae6b335e225 173256 java optional openjdk-lts_11.0.14+9-0ubuntu2~16.04.debian.tar.xz Original-Maintainer: OpenJDK Team