Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:5687: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859)
  • CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
  • CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Red Hat Security Data
#vulnerability#linux#red_hat#java#ibm

Synopsis

Important: java-11-openjdk security, bug fix, and enhancement update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). (BZ#2083258)

Security Fix(es):

  • OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)
  • OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)
  • OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2083258 - Prepare for the next quarterly OpenJDK upstream release (2022-07, 11.0.16) [rhel-7-9.z]
  • BZ - 2108540 - CVE-2022-21540 OpenJDK: class compilation issue (Hotspot, 8281859)
  • BZ - 2108543 - CVE-2022-21541 OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
  • BZ - 2108554 - CVE-2022-34169 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

Red Hat Enterprise Linux Server 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

x86_64

java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a

java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342

java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2

java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13

Red Hat Enterprise Linux Workstation 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

x86_64

java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a

java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342

java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2

java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13

Red Hat Enterprise Linux Desktop 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

x86_64

java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a

java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342

java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2

java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

s390x

java-11-openjdk-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 3c1d734ef13f37205a797785e41d1d658a971bff87da8c3d54c8289d043e52b9

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 1fc04e16a81472a2a3d8728caeefde15db528b4add650c8708b732ed1e0af14d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 1fc04e16a81472a2a3d8728caeefde15db528b4add650c8708b732ed1e0af14d

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 049f256f11c0a1c9595f5c988b1400b5d93319ea986d70dd98b04354927d712d

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 67fb36eefbf48e0918035921de6fae7533200eea988bd4ab62c4beeb26b1350f

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 19b2de194884551e229bc37a594a1292b4274d7117b0b0c641d78543e8035fb2

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 997d8beee73780e171c1bf966b0e0338fae2236dd25b4dc54173c4bf26849ec2

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: a78b241209a884098c5d6667ef3167c35e74deda02d3db02337d5cd48997e938

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 6e7da8858dbcceb31c5b0bef3ca88ff27e52ee9220d603116b1fa4617ece822f

java-11-openjdk-src-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: 5e5e7295c394c272113fe8c5e9066787bbb42f2b3c286af4c87b03433cbe29ad

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.s390x.rpm

SHA-256: a6b41d0de38989b9ba209fb4bc09cf34e9e097d089555c07dd53d6fe531da565

Red Hat Enterprise Linux for Power, big endian 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

ppc64

java-11-openjdk-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: c4c3f3a0154e5d123672f9fb7d0601b99f06a9628f2238fa050edbd8b6bae443

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: eecee80f91bd74eacc06cf02376506689f9ac7e7b8ad0febe246332076d8a64f

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: eecee80f91bd74eacc06cf02376506689f9ac7e7b8ad0febe246332076d8a64f

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: 790f186442f0fe495ce03ad79c6c5618187e46423f07d05e1a75a013ee7f51db

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: ba23ab37c21275809e4b78086add983120b3352565442dc630f8b257c7ccf314

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: 852bbdc8030d5647682a24cb32826c52c53549b1388e50903fcda7d257c4919d

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: f4ca8aa992708ca19aa7e5df30830f5a26fec62c0c9491caa3da98fae6f25aaf

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: 2e4735f40b8040b019c37e131804733113feed69e5fc8bc310ec086ee29f2728

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: b96a38d9c5e8664d43cc3141d9d7f52c39bb7061db642a33914de481e2d91deb

java-11-openjdk-src-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: 2fc783b6d50dbc733debd1e4a39c745a8dc88a0a0019959696f6d68c22be8959

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.ppc64.rpm

SHA-256: def838aac52345da2359972acd7659d51afa8a58aea7763246d99d24c5aae2d5

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

x86_64

java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 91a4557bbdd635ae220ad3ea22dcc0975ca1fe3e0d04a7bfaf6953d60a5fe96a

java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: e09a5cdd56ddcd8a2ee8bc30e15e0f9678588a15182b9930b4ca4b79e96294c5

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0f5f271ee1271e1789914d68a756375b722b8336064bed3effa42039e0042fa

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 8fdb51a83e5abc948d25d7f24d72f5936dfd43fc8ec9281261fabc6e5a9e9a1d

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: e2c3d21b1bd047ad810c0d6499ed80fb404579a3eb4ec3e4392dd562d824dcdc

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d3d496a5a14b26b7ca74514347ca77573b77604aea719e792d1eb5b7bdd1199e

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 898711af14850f0f7f36c7ffea6ff8671c6b7668197be52d666cb558fc516c85

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 14ded2eaa54cfb09c55434c6769988abfe7b1fd92b230bef1b5cefe275b05712

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 81b14355aed2c0b1d3ffca8f07dbe26e63123d44827210e55f2bc4113603c862

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 00440ada43a87c5b7e7c4fd094bbb90e8a8b82fcd35f50715068f4e0489b9ada

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: d0fd189160146131f3780dad8281b4ae2aab62cda3854d3ed25e2a46638e5847

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: cc1590a7aa1fbe4720030b696b90a6c1cd46772a7ec6e3e57d5c43959ff25e7a

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 71d8a5cb053bde68c695bbf59ec81a3f0f79be43cc793e94c8400981d8e48b5e

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: f6437c6325e593f5beaf8900995e9b62412d51083b5687dc2b45639be747ba87

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 979853757c57f8ccd5e22284604723dafebf071a2e1ece0ae38cfccf2badbd57

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 467b91d934d713180cc9b74b3a48b624c911495e27af577b8dfaa27c6f7f0342

java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 2c4351f632f6b4540c92fc102103202e54dc0e6b9d7ad3806f2bac0b2e1376f2

java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: 4a5243a7278c6a06c8bb0ed62c090fc9322f5103e586975756e9d7614c7d763c

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.i686.rpm

SHA-256: 669927f8d3866dc3bcc0514c87bd03758a9c011a35f649fbbd1f47f1bd13c40d

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm

SHA-256: d29483a5126f58f8f5a35e8df6c97754f63eaff5219db9642e33c1fa85c9df13

Red Hat Enterprise Linux for Power, little endian 7

SRPM

java-11-openjdk-11.0.16.0.8-1.el7_9.src.rpm

SHA-256: cb0ca7c64dbddd8723983ed58b016851aeed2a2e6a49a5d959dbf32c1350ad44

ppc64le

java-11-openjdk-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: f8358f53c82d53e11562100382b424766baaa1f0b3245c37665283d568edf07d

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: e57b120cc24bf8e4186f398ed93d171eb1933d04e2c1e8efbb9fe731f43b42fb

java-11-openjdk-debuginfo-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: e57b120cc24bf8e4186f398ed93d171eb1933d04e2c1e8efbb9fe731f43b42fb

java-11-openjdk-demo-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: c0e9f0fc63abec7ea3a82ce388bf7d84fab3508254ccda115ae280bb9fbbd3a9

java-11-openjdk-devel-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: 3929b501384539c457b7c3a19573ae61920c1b8c2f6e82903d59e1f639d5d5a4

java-11-openjdk-headless-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: 64cf7831b09f350f70b320794ff47738ef65c3d03614e312e0537f2f0b22a5df

java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: 2425f052642a4c61c028dbcf2e3f6006589c74bfee14a73650595603320bf9e1

java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: b0e17f0b5f6ec65f87703abdcb7491035fa4172d4f4eef5991687ae3d6577260

java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: 2273803f130f9e49aa9f760b612aaa63153a54487c4a818843a40123d359e721

java-11-openjdk-src-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: 37d3c64c8513bc4706804729c798cdb704e924772325ab80f655cf6ba6d72c6a

java-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.ppc64le.rpm

SHA-256: c408ad7a64c29e1118e3a86ed67f3f1cf364f85ed63212478d822652ccd768dd

Related news

Red Hat Security Advisory 2024-3708-03

Red Hat Security Advisory 2024-3708-03 - Red Hat build of Apache Camel 3.20.6 for Spring Boot release and security update is now available. Issues addressed include denial of service and server-side request forgery vulnerabilities.

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

CVE-2023-32449: DSA-2023-173: Dell PowerStore Family Security Update for Multiple Vulnerabilities

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks

CVE-2022-46755: DSA-2022-329: Dell Wyse Management Suite Security Update for Multiple Vulnerabilities

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

CVE-2022-41299: Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Red Hat Security Advisory 2022-6263-01

Red Hat Security Advisory 2022-6263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2022:6263: Red Hat Security Advisory: OpenShift Container Platform 4.6.61 security and extras update

Red Hat OpenShift Container Platform release 4.6.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS

RHSA-2022:6053: Red Hat Security Advisory: OpenShift Container Platform 4.7.56 security and bug fix update

Red Hat OpenShift Container Platform release 4.7.56 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

RHSA-2022:5879: Red Hat Security Advisory: OpenShift Container Platform 4.9.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2403: openshift: oauth-serving-cert configmap contains cluster certificate private key

Red Hat Security Advisory 2022-5756-01

Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

Red Hat Security Advisory 2022-5753-01

Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

RHSA-2022:5757: Red Hat Security Advisory: OpenJDK 17.0.4 security update for Windows Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5756: Red Hat Security Advisory: OpenJDK 11.0.16 security update for Windows Builds

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5754: Red Hat Security Advisory: OpenJDK 8u342 security update for Portable Linux Builds

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5753: Red Hat Security Advisory: OpenJDK 8u342 Windows builds release and security update

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

Red Hat Security Advisory 2022-5681-01

Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Red Hat Security Advisory 2022-5709-01

Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Red Hat Security Advisory 2022-5685-01

Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

RHSA-2022:5736: Red Hat Security Advisory: java-17-openjdk security, bug fix, and enhancement update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5726: Red Hat Security Advisory: java-17-openjdk security, bug fix, and enhancement update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5709: Red Hat Security Advisory: java-1.8.0-openjdk security, bug fix, and enhancement update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5698: Red Hat Security Advisory: java-1.8.0-openjdk security, bug fix, and enhancement update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5696: Red Hat Security Advisory: java-1.8.0-openjdk security, bug fix, and enhancement update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5697: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5700: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5701: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5695: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5681: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5681: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5681: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5683: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5683: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5683: Red Hat Security Advisory: java-11-openjdk security, bug fix, and enhancement update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5684: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5684: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5684: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5685: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5685: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

RHSA-2022:5685: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

GHSA-9339-86wc-4qgf: Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

CVE-2022-21586: Oracle Critical Patch Update Advisory - July 2022

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).

CVE-2022-21586: Oracle Critical Patch Update Advisory - July 2022

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).

CVE-2022-21586: Oracle Critical Patch Update Advisory - July 2022

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).

CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.