ALAS-2024-482

Amazon Linux 2023 Security Advisory: ALAS-2024-482
Advisory Release Date: 2024-01-17 00:44 Pacific
Advisory Updated Date: 2024-05-03 15:00 Pacific

Severity: Low

References:
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

2024-05-03: The severity of this advisory has been changed from important to low.

2024-05-02: CVE-2024-20918 was removed from this advisory.

2024-05-02: CVE-2024-20919 was removed from this advisory.

2024-05-02: CVE-2024-20921 was removed from this advisory.

2024-05-02: CVE-2024-20926 was removed from this advisory.

2024-05-02: CVE-2024-20945 was removed from this advisory.

2024-05-02: CVE-2024-20952 was removed from this advisory.

Affected Packages:

java-1.8.0-amazon-corretto

Issue Correction:
Run dnf update java-1.8.0-amazon-corretto --releasever 2023.3.20240117 to update your system.

New Packages:

aarch64:
    java-1.8.0-amazon-corretto-1.8.0_402.b06-1.amzn2023.aarch64
    java-1.8.0-amazon-corretto-devel-1.8.0_402.b06-1.amzn2023.aarch64

src:
    java-1.8.0-amazon-corretto-1.8.0_402.b06-1.amzn2023.src

x86_64:
    java-1.8.0-amazon-corretto-1.8.0_402.b06-1.amzn2023.x86_64
    java-1.8.0-amazon-corretto-devel-1.8.0_402.b06-1.amzn2023.x86_64

Additional References

Red Hat:

Mitre:

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

ALAS-2024-482

Additional References