This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: [bsc#1219843] Security fixes: * CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library . * CVE-2024-20932: Fixed incorrect handling of ZIP files with duplicate entries . * CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS . * CVE-2024-20918: Fixed array out-of-bounds access due to missing range check in C1 compiler . * CVE-2024-20921: Fixed range check loop optimization issue . * CVE-2024-20919: Fixed JVM class file verifier flaw allows unverified bytecode execution . * CVE-2024-20926: Fixed arbitrary Java code execution in Nashorn . * CVE-2024-20945: Fixed logging of digital signature private keys .