USN-3830-1: OpenJDK regression

USN-3830-1: OpenJDK regression

openjdk-8, openjdk-lts regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS

Summary

USN-3804-1 introduced a regression in OpenJDK.

Software Description

• openjdk-lts – Open Source Java implementation
• openjdk-8 – Open Source Java implementation

Details

USN-3804-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update
introduced a regression when validating JAR files that prevented Java
applications from finding classes in some situations. This update
fixes the problem.

We apologize for the inconvenience.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

openjdk-11-jdk – 10.0.2+13-1ubuntu0.18.04.4

openjdk-11-jre – 10.0.2+13-1ubuntu0.18.04.4

openjdk-11-jre-headless – 10.0.2+13-1ubuntu0.18.04.4

Ubuntu 16.04 LTS

openjdk-8-jdk – 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre – 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre-headless – 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre-jamvm – 8u191-b12-0ubuntu0.16.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References

• LP: 1800792
• USN-3804-1

Source: USN-3830-1: OpenJDK regression