Headline
RHSA-2023:0197: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
- CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-18
Updated:
2023-01-18
RHSA-2023:0197 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: java-11-openjdk security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
- OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2160421 - CVE-2023-21835 OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
- BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
java-11-openjdk-11.0.18.0.10-1.el8_2.src.rpm
SHA-256: 44077ca022749a6c6ac8751a6af2c75cf3139576707ddaaea88ab9dbcde035ce
x86_64
java-11-openjdk-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: dd0c7e7289703f74d7e2297193f632a8eb3a42ebb2ab3710756de359e061e0ea
java-11-openjdk-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: ddb0d0d47815fc46d0670549e8c2c96ffb036c2633d573db6c0d2baec2ffd13f
java-11-openjdk-debugsource-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: bb3729ebef58b553398ab1712333206d3d2929aa22731529e68ae6465d2b2903
java-11-openjdk-demo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: c9d7342d29dd042445795b1e15360fc6b0f464df4c03176e8ba81fa584df3e21
java-11-openjdk-devel-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 229a76c5332ea03824ec20af647a4b5e8f920b487c0be5d286a222838eb060ac
java-11-openjdk-devel-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 3c8c739e871e7689b0c8bfcc93003190b9b01eafc9cc3f807bf5c900ae658eef
java-11-openjdk-devel-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 403fda06a401e9f8ffd17db52fe743708e813fedabadb08163517e682af054fe
java-11-openjdk-headless-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: f20ae0c9e9849dfb66ff2b2d3e508408e694af61655b38264f288ad1dcae4009
java-11-openjdk-headless-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 11d701549469ea2557a34a6848eb1475716b03440deeb07dcf8db5335a769e55
java-11-openjdk-headless-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50c5d2a741750424126ac8a25ba48b070893f442cc98419f6175ff0dc4694258
java-11-openjdk-javadoc-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 0846a1c6052dd4697f78dcc8202bf4872152a31e996eef04f288aac0ce9383a3
java-11-openjdk-javadoc-zip-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 6cd99794dd926aadba11d20da0dbfa0729c1534b337fbe9a5b7b8f6c472ffcaa
java-11-openjdk-jmods-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: a4e2ecb12d2bec691db7b8f94b525d80f7c5ba563d89156ecc60481a944906ce
java-11-openjdk-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 9c51f2d48c941651b5b9e6d71cdba09c506d9b8eec6dad67ff0524c8b3b53d1e
java-11-openjdk-src-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50d42bcb1016c59d5d4ee30fa03d3ea4946cf3f74bb926cc5b603b39e518ca51
java-11-openjdk-static-libs-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 38da4a1d496c33ab31b5696ef838843411232a726febd2e6bf1fa75508be6105
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
java-11-openjdk-11.0.18.0.10-1.el8_2.src.rpm
SHA-256: 44077ca022749a6c6ac8751a6af2c75cf3139576707ddaaea88ab9dbcde035ce
x86_64
java-11-openjdk-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: dd0c7e7289703f74d7e2297193f632a8eb3a42ebb2ab3710756de359e061e0ea
java-11-openjdk-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: ddb0d0d47815fc46d0670549e8c2c96ffb036c2633d573db6c0d2baec2ffd13f
java-11-openjdk-debugsource-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: bb3729ebef58b553398ab1712333206d3d2929aa22731529e68ae6465d2b2903
java-11-openjdk-demo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: c9d7342d29dd042445795b1e15360fc6b0f464df4c03176e8ba81fa584df3e21
java-11-openjdk-devel-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 229a76c5332ea03824ec20af647a4b5e8f920b487c0be5d286a222838eb060ac
java-11-openjdk-devel-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 3c8c739e871e7689b0c8bfcc93003190b9b01eafc9cc3f807bf5c900ae658eef
java-11-openjdk-devel-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 403fda06a401e9f8ffd17db52fe743708e813fedabadb08163517e682af054fe
java-11-openjdk-headless-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: f20ae0c9e9849dfb66ff2b2d3e508408e694af61655b38264f288ad1dcae4009
java-11-openjdk-headless-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 11d701549469ea2557a34a6848eb1475716b03440deeb07dcf8db5335a769e55
java-11-openjdk-headless-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50c5d2a741750424126ac8a25ba48b070893f442cc98419f6175ff0dc4694258
java-11-openjdk-javadoc-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 0846a1c6052dd4697f78dcc8202bf4872152a31e996eef04f288aac0ce9383a3
java-11-openjdk-javadoc-zip-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 6cd99794dd926aadba11d20da0dbfa0729c1534b337fbe9a5b7b8f6c472ffcaa
java-11-openjdk-jmods-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: a4e2ecb12d2bec691db7b8f94b525d80f7c5ba563d89156ecc60481a944906ce
java-11-openjdk-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 9c51f2d48c941651b5b9e6d71cdba09c506d9b8eec6dad67ff0524c8b3b53d1e
java-11-openjdk-src-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50d42bcb1016c59d5d4ee30fa03d3ea4946cf3f74bb926cc5b603b39e518ca51
java-11-openjdk-static-libs-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 38da4a1d496c33ab31b5696ef838843411232a726febd2e6bf1fa75508be6105
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.18.0.10-1.el8_2.src.rpm
SHA-256: 44077ca022749a6c6ac8751a6af2c75cf3139576707ddaaea88ab9dbcde035ce
ppc64le
java-11-openjdk-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: bf2e9af8015549586c65560e8ab4cd96f4b24cd00dc7a0d59259195cde72a90b
java-11-openjdk-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: a330f6cc37d188ee5896e362c6c23d306619379ad1f70750c74f8d9809e2dd13
java-11-openjdk-debugsource-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 0012052fe2050c2e1a8650b8004d31baee5e04207e736144c5c83a3cdbdcfb2b
java-11-openjdk-demo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 30f89bb1b3ab4cb500f6a1409202c9af409fc90a99e5c26125e58612b7b41ce1
java-11-openjdk-devel-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: b97ea6fd58c1d75ff151b7f29cd5ca90a96b50235dd19fde9a55956ed5cbf792
java-11-openjdk-devel-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: d165429ceb59e964e062c2a17a88a5bf9ecf772083c1164659b7947c5333eec5
java-11-openjdk-devel-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 34ff5f31cdebba1fb2d482cbdc48eac57cb01f378e59a24ba05aab79efd58d71
java-11-openjdk-headless-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: eecdd5d95195c6348486075972de7412fb3d4e49574f6502c914ecb3937b2104
java-11-openjdk-headless-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: a611c6a82c392ea70f6c6edcc4036f369207fddfb27d2cf7cdcc17c356254452
java-11-openjdk-headless-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 1f6ec0f161c8d9125c76f109a16244e854125602cb7506e82b00725a4ff3da8b
java-11-openjdk-javadoc-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: d9e1ee2c24578f833ce947ea580cc5581e4ce1799db357a8572d072c18b46c5d
java-11-openjdk-javadoc-zip-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 00cf0ae236368ea44c917d99a5a16ce30ee124a0113fa956da0b324657d9ac8e
java-11-openjdk-jmods-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 559b71e9b08eacd640d1e1651308f57c1e20c71bc8383e96388112ede223785e
java-11-openjdk-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: b00e7b62498dacaf2c0882d15b4e905bc4edac246364b82a37cc258c4658817c
java-11-openjdk-src-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: ece027e96765cbafe975bb67c0e1d0dee0f3bd1ae32f7625028693b94a723c6a
java-11-openjdk-static-libs-11.0.18.0.10-1.el8_2.ppc64le.rpm
SHA-256: 7cae9d290b8a763d6c8602abbc4642b2721b210d482181dddb694e560b8a1adf
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.18.0.10-1.el8_2.src.rpm
SHA-256: 44077ca022749a6c6ac8751a6af2c75cf3139576707ddaaea88ab9dbcde035ce
x86_64
java-11-openjdk-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: dd0c7e7289703f74d7e2297193f632a8eb3a42ebb2ab3710756de359e061e0ea
java-11-openjdk-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: ddb0d0d47815fc46d0670549e8c2c96ffb036c2633d573db6c0d2baec2ffd13f
java-11-openjdk-debugsource-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: bb3729ebef58b553398ab1712333206d3d2929aa22731529e68ae6465d2b2903
java-11-openjdk-demo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: c9d7342d29dd042445795b1e15360fc6b0f464df4c03176e8ba81fa584df3e21
java-11-openjdk-devel-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 229a76c5332ea03824ec20af647a4b5e8f920b487c0be5d286a222838eb060ac
java-11-openjdk-devel-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 3c8c739e871e7689b0c8bfcc93003190b9b01eafc9cc3f807bf5c900ae658eef
java-11-openjdk-devel-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 403fda06a401e9f8ffd17db52fe743708e813fedabadb08163517e682af054fe
java-11-openjdk-headless-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: f20ae0c9e9849dfb66ff2b2d3e508408e694af61655b38264f288ad1dcae4009
java-11-openjdk-headless-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 11d701549469ea2557a34a6848eb1475716b03440deeb07dcf8db5335a769e55
java-11-openjdk-headless-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50c5d2a741750424126ac8a25ba48b070893f442cc98419f6175ff0dc4694258
java-11-openjdk-javadoc-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 0846a1c6052dd4697f78dcc8202bf4872152a31e996eef04f288aac0ce9383a3
java-11-openjdk-javadoc-zip-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 6cd99794dd926aadba11d20da0dbfa0729c1534b337fbe9a5b7b8f6c472ffcaa
java-11-openjdk-jmods-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: a4e2ecb12d2bec691db7b8f94b525d80f7c5ba563d89156ecc60481a944906ce
java-11-openjdk-slowdebug-debuginfo-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 9c51f2d48c941651b5b9e6d71cdba09c506d9b8eec6dad67ff0524c8b3b53d1e
java-11-openjdk-src-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 50d42bcb1016c59d5d4ee30fa03d3ea4946cf3f74bb926cc5b603b39e518ca51
java-11-openjdk-static-libs-11.0.18.0.10-1.el8_2.x86_64.rpm
SHA-256: 38da4a1d496c33ab31b5696ef838843411232a726febd2e6bf1fa75508be6105
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Red Hat Security Advisory 2023-3136-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8. Issues addressed include a deserialization vulnerability.
A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-14040: In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. * CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. * CVE-2019-11358: A Prototype Pollution vulnerability was found in jque...
An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30123: A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. * CVE-2022-41717: A flaw was f...
Debian Linux Security Advisory 5335-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.
Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0201-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0201-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0198-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0198-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0200-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0200-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0197-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0197-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0193-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0193-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).