Headline
RHSA-2022:5687: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859)
- CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
- CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Synopsis
Important: java-11-openjdk security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). (BZ#2083258)
Security Fix(es):
- OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)
- OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)
- OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2083258 - Prepare for the next quarterly OpenJDK upstream release (2022-07, 11.0.16) [rhel-7-9.z]
- BZ - 2108540 - CVE-2022-21540 OpenJDK: class compilation issue (Hotspot, 8281859)
- BZ - 2108543 - CVE-2022-21541 OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
- BZ - 2108554 - CVE-2022-34169 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Red Hat Enterprise Linux Server 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
x86_64
java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a
java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342
java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2
java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13
Red Hat Enterprise Linux Workstation 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
x86_64
java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a
java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342
java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2
java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13
Red Hat Enterprise Linux Desktop 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
x86_64
java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a
java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342
java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2
java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
s390x
java-11-openjdk-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 3c1d734ef13f37205a797785e41d1d658a971bff87da8c3d54c8289d043e52b9
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 1fc04e16a81472a2a3d8728caeefde15db528b4add650c8708b732ed1e0af14d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 1fc04e16a81472a2a3d8728caeefde15db528b4add650c8708b732ed1e0af14d
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 049f256f11c0a1c9595f5c988b1400b5d93319ea986d70dd98b04354927d712d
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 67fb36eefbf48e0918035921de6fae7533200eea988bd4ab62c4beeb26b1350f
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 19b2de194884551e229bc37a594a1292b4274d7117b0b0c641d78543e8035fb2
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 997d8beee73780e171c1bf966b0e0338fae2236dd25b4dc54173c4bf26849ec2
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: a78b241209a884098c5d6667ef3167c35e74deda02d3db02337d5cd48997e938
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 6e7da8858dbcceb31c5b0bef3ca88ff27e52ee9220d603116b1fa4617ece822f
java-11-openjdk-src-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: 5e5e7295c394c272113fe8c5e9066787bbb42f2b3c286af4c87b03433cbe29ad
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.s390x.rpm
SHA-256: a6b41d0de38989b9ba209fb4bc09cf34e9e097d089555c07dd53d6fe531da565
Red Hat Enterprise Linux for Power, big endian 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
ppc64
java-11-openjdk-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: c4c3f3a0154e5d123672f9fb7d0601b99f06a9628f2238fa050edbd8b6bae443
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: eecee80f91bd74eacc06cf02376506689f9ac7e7b8ad0febe246332076d8a64f
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: eecee80f91bd74eacc06cf02376506689f9ac7e7b8ad0febe246332076d8a64f
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: 790f186442f0fe495ce03ad79c6c5618187e46423f07d05e1a75a013ee7f51db
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: ba23ab37c21275809e4b78086add983120b3352565442dc630f8b257c7ccf314
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: 852bbdc8030d5647682a24cb32826c52c53549b1388e50903fcda7d257c4919d
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: f4ca8aa992708ca19aa7e5df30830f5a26fec62c0c9491caa3da98fae6f25aaf
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: 2e4735f40b8040b019c37e131804733113feed69e5fc8bc310ec086ee29f2728
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: b96a38d9c5e8664d43cc3141d9d7f52c39bb7061db642a33914de481e2d91deb
java-11-openjdk-src-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: 2fc783b6d50dbc733debd1e4a39c745a8dc88a0a0019959696f6d68c22be8959
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.ppc64.rpm
SHA-256: def838aac52345da2359972acd7659d51afa8a58aea7763246d99d24c5aae2d5
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
x86_64
java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a
java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342
java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2
java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm
SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm
SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13
Red Hat Enterprise Linux for Power, little endian 7
SRPM
java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm
SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44
ppc64le
java-11-openjdk-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: f8358f53c82d53e11562100382b424766baaa1f0b3245c37665283d568edf07d
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: e57b120cc24bf8e4186f398ed93d171eb1933d04e2c1e8efbb9fe731f43b42fb
java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: e57b120cc24bf8e4186f398ed93d171eb1933d04e2c1e8efbb9fe731f43b42fb
java-11-openjdk-demo-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: c0e9f0fc63abec7ea3a82ce388bf7d84fab3508254ccda115ae280bb9fbbd3a9
java-11-openjdk-devel-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: 3929b501384539c457b7c3a19573ae61920c1b8c2f6e82903d59e1f639d5d5a4
java-11-openjdk-headless-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: 64cf7831b09f350f70b320794ff47738ef65c3d03614e312e0537f2f0b22a5df
java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: 2425f052642a4c61c028dbcf2e3f6006589c74bfee14a73650595603320bf9e1
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: b0e17f0b5f6ec65f87703abdcb7491035fa4172d4f4eef5991687ae3d6577260
java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: 2273803f130f9e49aa9f760b612aaa63153a54487c4a818843a40123d359e721
java-11-openjdk-src-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: 37d3c64c8513bc4706804729c798cdb704e924772325ab80f655cf6ba6d72c6a
java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.ppc64le.rpm
SHA-256: c408ad7a64c29e1118e3a86ed67f3f1cf364f85ed63212478d822652ccd768dd
Related news
Red Hat Security Advisory 2024-3708-03 - Red Hat build of Apache Camel 3.20.6 for Spring Boot release and security update is now available. Issues addressed include denial of service and server-side request forgery vulnerabilities.
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.
IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Red Hat Security Advisory 2022-6263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat OpenShift Container Platform release 4.6.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS
Red Hat OpenShift Container Platform release 4.7.56 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
Red Hat OpenShift Container Platform release 4.9.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2403: openshift: oauth-serving-cert configmap contains cluster certificate private key
Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.