timezone-java 2023c contains corrupt data for some timezones VUL-0: CVE-2024-23672: tomcat,tomcat10: WebSocket DoS with incomplete closing handshake VUL-0: CVE-2024-24549: tomcat,tomcat10: HTTP/2 header handling DoS VUL-0: CVE-2024-21011: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: OpenJDK: long Exception message leading to crash (8319851) VUL-0: CVE-2024-21068: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: OpenJDK: integer overflow in C1 compiler address generation (8322122) VUL-0: CVE-2024-21085: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: OpenJDK: Pack200 excessive memory allocation (8322114) VUL-0: CVE-2024-21094: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) VUL-0: CVE-2024-21012: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) VUL-0: CVE-2024-30171: bouncycastle: timing side-channel attacks against RSA decryption (both PKCS#1v1.5 and OAEP) [SUSE:SLFO:Main] python-h5py and python-h5py:openmpi4 fails to build on ppc64le tomcat throws java.lang.UnsatisfiedLinkError when running customer's application java-*-openjdk-headless is missing prerequires on file VUL-0: CVE-2024-34750: tomcat,tomcat10,tomcat6: Improper Handling of Exceptional Conditions VUL-0: CVE-2024-21131: java-*-openjdk,java-*-ibm: OpenJDK: potential UTF8 size overflow VUL-0: CVE-2024-21138: java-*-openjdk,java-*-ibm: OpenJDK: Excessive symbol length can lead to infinite loop VUL-0: CVE-2024-21140: java-*-openjdk,java-*-ibm: OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow VUL-0: CVE-2024-21144: java-*-openjdk,java-*-ibm: OpenJDK: Pack200 increase loading time due to improper header validation VUL-0: CVE-2024-21145: java-*-openjdk,java-*-ibm: OpenJDK: Out-of-bounds access in 2D image handling VUL-0: CVE-2024-21147: java-*-openjdk,java-*-ibm: OpenJDK: RangeCheckElimination array index overflow VUL-0: CVE-2024-0760: bind: A flood of DNS messages over TCP may make the server unstable VUL-0: CVE-2024-1737: bind: BIND's database will be slow if a very large number of RRs exist at the same name VUL-0: CVE-2024-1975: bind: SIG(0) can be used to exhaust CPU resources VUL-0: CVE-2024-4076: bind: Assertion failure when serving both stale cache data and authoritative zone content jcronenberg important security

Security update for python-h5py, python-pytest-mpi, bouncycastle, tomcat10, java-11-openjdk, tomcat, java-17-openjdk, java-1_8_0-openjdk, bind, java-21-openjdk

This update for python-h5py, python-pytest-mpi, bouncycastle, tomcat10, java-11-openjdk, tomcat, java-17-openjdk, java-1_8_0-openjdk, bind, java-21-openjdk fixes the following issues: bind: - Update to version 9.20.0 bouncycastle: - Update to version 1.78.1 java-11-openjdk: - Upgrade to upstream tag jdk-11.0.24+8 (July 2024 CPU) java-17-openjdk: - Update to upstream tag jdk-17.0.12+7 (July 2024 CPU) java-1_8_0-openjdk: - Update to version jdk8u422 (icedtea-3.32.0) java-21-openjdk: - Update to upstream tag jdk-21.0.4+7 (July 2024 CPU) python-h5py: - Disable test for ppc64le because of Insufficient precision bsc#1225381 python-pytest-mpi: - Skip some tests that produces a Segmentation fault in s390x tomcat: - Update to Tomcat 9.0.91 tomcat10: - Update to Tomcat 10.1.25 bind bouncycastle java-11-openjdk java-17-openjdk java-1_8_0-openjdk java-21-openjdk python-h5py python-h5py:openmpi4 python-pytest-mpi tomcat tomcat10