diff --git a/CHANGELOG.md b/CHANGELOG.md index b82a2418b8..3b6dbf485c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,42 @@ The following sections describe the changes for each release of Amazon Corretto 8. +## Corretto version: 8.392.08.1 +Release Date: October 17, 2023 + +**Target Platforms 1** + ++ RPM-based Linux using glibc 2.12 or later, x86_64 ++ Debian-based Linux using glibc 2.12 or later, x86_64 ++ RPM-based Linux using glibc 2.17 or later, aarch64 ++ Debian-based Linux using glibc 2.17 or later, aarch64 ++ Alpine-based Linux, x86_64 ++ Alpine-based Linux, aarch64 ++ Windows 10 or later, x86, x86_64 ++ macOS 11.0 and later, x86_64 ++ macOS 11.0 and later, aarch64 + +**1.** This is the platform targeted by the build. See [Using Amazon Corretto](https://aws.amazon.com/corretto/faqs/#Using_Amazon_Corretto) +in the Amazon Corretto FAQ for supported platforms + +The following issues are addressed in 8.392.08.1: + +| Issue Name | Platform | Description | Link | +|---------------------------------------------------|----------|----------------------------------------------------------------------------|----------------------------------------------------------------------------| +| Import jdk8u392-b08 | All | Updates Corretto baseline to OpenJDK 8u392-b08 | [jdk8u392-b08](https://github.com/openjdk/jdk8u/releases/tag/jdk8u392-b08) | +| Backport of JDK-8139348 | All | Deprecate 3DES and RC4 in Kerberos | [JDK-8139348](https://bugs.openjdk.org/browse/JDK-8139348) | + + + +The following CVEs are addressed in 8.392.08.1: + +| CVE | CVSS | Component | +|----------------|------|-----------------------------| +| CVE-2023-22067 | 5.3 | other-libs/corba | +| CVE-2023-22081 | 5.3 | security-libs/javax.net.ssl | + + + ## Corretto version: 8.382.05.1 Release Date: July 18, 2023