Headline
RHSA-2023:0210: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
- CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Synopsis
Moderate: java-1.8.0-openjdk security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
- OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-9] (BZ#2159912)
- solr broken due to access denied (“java.io.FilePermission” “/etc/pki/java/cacerts” “read”) [rhel-9, openjdk-8] (BZ#2163594)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
Fixes
- BZ - 2159912 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-9] [rhel-9.1.0.z]
- BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
- BZ - 2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
- BZ - 2163594 - solr broken due to access denied (“java.io.FilePermission” “/etc/pki/java/cacerts” “read”) [rhel-9, openjdk-8] [rhel-9.1.0.z]
Red Hat Enterprise Linux for x86_64 9
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.src.rpm
SHA-256: 017ffb9f36ca1fd415c47becc48124ea0f6a6aa7486ef1d490d493d90851368b
x86_64
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 141a1424de9159395e0198e10ddac15db8aae400b92731e1883d77da05889f31
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 3ea12471f62249da1a22453521199eec70ab62b511672811edc68ca798dbabe0
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: ba420c5e768212fc0b0fb7aa1f7bb082fc0c41835ca1a45b2aaca626f8ce66d1
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 7983e3e4d5bbbe462302382da48df1bea0aadedbecd12d6904ad9f811c475358
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 76b925d20e38f53bde80bcf4602a5b6bd0d55eb9ff9f4e920d7f57fa7db56b99
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 0aea5c41e2d05de91b9a858004b9d68a8ff05bc13126bab0c4c17780d9e635d0
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 4efeb841d4251559eceb1ce9e4e0711f67ebf8a6e4f72de85c17003975b99a72
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: e9fc09d8c1ad0da73497b83fa450ef3fbc16b2992b6ead1b544c9c5f1df3a936
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 454817c96b3d6756714ddb169a4b7cf1ac82656f19a9f825734dcf5b9086d205
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: c812c2d504018f054a9ef9fc7e29e0c80e876e96d0ef4179ae6b7aff4f6de36e
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: 853a8d7fececac3198224c112f9787d455d6af4e7f7c5ce54b12495160848e62
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: e754be13b8d39916ace4c51e966aebcb3435ca74883d7c8c57303467799fd8c3
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.src.rpm
SHA-256: 017ffb9f36ca1fd415c47becc48124ea0f6a6aa7486ef1d490d493d90851368b
s390x
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 210a74eede29236f7a39170988a6ff8e226306a0af8055589dfa3ed757223310
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: b2217d33931a4c7f2ac931164e9780f3861915ec0b93c9b9ae1ba246e2872b50
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 9164b92e9530f52a45f1396eee888ac835d1a790fcb5a89bc98b3c8e3971b777
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 545d25446eb96d6f46609650fa984b4fd3d023302df4f0a76eea79c4882d3b57
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 444d95adfb5a159dded9d6f2adef8486238211d98d6496b8e163f8fff4293a80
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: e92d74bdf42e987699a48f9b74b7de947a6fad9eb397f54201404f3b3b594354
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 966e3a91de38e8d86668ae36fc831aa58357fdca979173ae8f49b06e37b83995
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: 6d9162bb0208af7c79d6afad9ada1e493a54c2c1a0d08a04df9ec964c0e6be5e
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: deac987be82e438465549e97823caa09d0b8a6206a283009cbb48d95c806b4b4
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: c812c2d504018f054a9ef9fc7e29e0c80e876e96d0ef4179ae6b7aff4f6de36e
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: 853a8d7fececac3198224c112f9787d455d6af4e7f7c5ce54b12495160848e62
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.s390x.rpm
SHA-256: b14063b4eabfb35a316bfb3172dd9c8f52b5a41dacfcfc9bcfaad6c445371566
Red Hat Enterprise Linux for Power, little endian 9
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.src.rpm
SHA-256: 017ffb9f36ca1fd415c47becc48124ea0f6a6aa7486ef1d490d493d90851368b
ppc64le
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: a0024fbe8b88aa878afebd74bcf76739ca40910e341530f702e1b694b79bcb09
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 4f4f15a5e105bddc89716b8e8cea60823687d090c57ba46f4cf49dc204047a40
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 74f6a89aa9905938c70503dee47ff862bc49a12fbba85b97ea53c6b148892b72
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 7896bf4c65b3a9e251c6bb9375ca0639d8770028703b103685f5f84d82bf27bc
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 2d2c63f455e5673c6b9fa54714d85b4f71d5636e7dae78f7352ec473e08ae2a0
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: fa62032dcc9dd037a2ea79960aa88b9197aad98c1a2f0e05b6eef19f6cac70a5
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 13eb21e5835f65f4f0a6f4056c46ed903aaad199895ebf8f245269a7c89ae17e
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 8f1a737c654bfc42ce9c008a46b4677ac67519f38c75a96ca939098986125bc6
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: d9c06ead88cea5b89ec70185a7534b976a46463db20c4a938368f17f1b9f295f
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: c812c2d504018f054a9ef9fc7e29e0c80e876e96d0ef4179ae6b7aff4f6de36e
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: 853a8d7fececac3198224c112f9787d455d6af4e7f7c5ce54b12495160848e62
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: f61c75a698e49becdbaa76709e548ca22c738b2df84fb69808a357708147c3b9
Red Hat Enterprise Linux for ARM 64 9
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.src.rpm
SHA-256: 017ffb9f36ca1fd415c47becc48124ea0f6a6aa7486ef1d490d493d90851368b
aarch64
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: e78db76b5aeae92d14f8bfa1b19065fc5b4a47a84d7ad228c70f804583f77114
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: bb0cd73cf6aadb4c0e662e8e4ffad1dca8cbe796dc5bc6f1216acc4fdb654e70
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 017e6beb67b7b3d95543152c751a6baa54cd58c8b74bde584bdb71e80e535054
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 60a5734fd72f33d83e84d94dd669c5c92cceecac68c377a93a4890a4e48bb381
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 80dafffceb96e5f8e28cda78b00ca27b4af85f158c3e3af54dc85f50be51465f
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 63e46b04fc7bcb477f136b44c7f08ed78260d09faff6de77bfaeb58037bf4536
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 008595354d7b0f549809090aa9d7425fdfa7b99ddd9f12c1f226e865eeb47702
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: f9ee74da03c3b7a3d95ec08128e37230ff2f0bb26a2f2b18daee0f29cc58146f
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 383f28fed21c63435c85a240448e3a01f26aabb315043b65cc50e4b318aa5a70
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: c812c2d504018f054a9ef9fc7e29e0c80e876e96d0ef4179ae6b7aff4f6de36e
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el9_1.noarch.rpm
SHA-256: 853a8d7fececac3198224c112f9787d455d6af4e7f7c5ce54b12495160848e62
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 43a71b4283e6a8cbdc4dea08f847423aeba213db4a8398283969bbc9c8e7efec
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 3ea12471f62249da1a22453521199eec70ab62b511672811edc68ca798dbabe0
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: ba420c5e768212fc0b0fb7aa1f7bb082fc0c41835ca1a45b2aaca626f8ce66d1
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 76b925d20e38f53bde80bcf4602a5b6bd0d55eb9ff9f4e920d7f57fa7db56b99
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 718168568decbcdb6dd6daee06f41b41a58ce7205d7b9719ca0d6b388bf12339
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: b28ff4c0ebf4c52bf29ec09de2fcf165bdad87eeb94ef56b581f0aea82d99564
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: b934baa2cda31e59d2cb187f4225123f8e5825f533ba1a025e9d9018491e7fea
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 70b320ba276fb97dc7bc1984643f65d8d0b0bab6d4c84b1443c34e9b2c76a7ac
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 4efeb841d4251559eceb1ce9e4e0711f67ebf8a6e4f72de85c17003975b99a72
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 560af84521116dd4a11b5eb6f0a6249e85ffca2d93ad5c1e2935217e443cbcbc
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: c5cb6b32cf11b658c3edaa2cb48005ebc5cad85b7a6be911a3381f123065705b
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 484de7b45d6174b1b50346997910bd29b3c5cf1eeccabc71f29f3f0af19b1ec5
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 837170dba82d917e70ca6bf11a209bbc8bd1c9b89d283e61340fbb7978e85882
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 7ccde948b86351dd9ca655de14fc77f8996dc051b7ac801abdca0925ff5ef665
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: bcb6e4d24f760a9b56a12c885f5692928c4fe73e18a9479f375bcb856e160f80
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 454817c96b3d6756714ddb169a4b7cf1ac82656f19a9f825734dcf5b9086d205
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 4a508512a5e734bc6f376627c142e603bbf5b4337a269ed678a2820ce4893502
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 41358c2b7622fbb0ff97d10cf99b2fea4366f410b1a6d2a317a7cbc82ef4897b
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 83621b327fd41b42b1a71a8436fc2619596cece666c70a9ccdd50b55e6d6477a
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 3d62cc853c88a8d192996d7eb5b20761e526e7ac9567de5352e6938dfef274bb
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 5fea0f914991b4cdf85dbf2c245d80035abf1f87bd41d48f8e8f8aa8a9b4e283
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: aa96e946a78577bdfb34fb7abc314e6e6f4df7b1e9d1c5bb6fc14374a902ebb1
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: 98df7b61e67564ef787318fb7b22f0d1745151697557878413942c947f78272d
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm
SHA-256: d38d0f979717dcca265b78ec34ab16a8bebe2eb4905844096e39eb15ed5c939c
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 4f4f15a5e105bddc89716b8e8cea60823687d090c57ba46f4cf49dc204047a40
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 74f6a89aa9905938c70503dee47ff862bc49a12fbba85b97ea53c6b148892b72
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 2d2c63f455e5673c6b9fa54714d85b4f71d5636e7dae78f7352ec473e08ae2a0
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 00528df65ee54c5d0ec7df44761c3a5eaead14a5173179e68535a5c5c04f8b65
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 282acfcc21206eae8a4e4773d8e27071cc09eccccac0562e14d2c5916d2d2dfa
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 7ab2e043daa93542ddb079039e36081b2bd1e6dbc803fc151ae1b5c0ef1da198
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 116dca7fdc2a9dd912213edce0e3dc7e6c145a9925a06550d7d4991dfdef8015
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 13eb21e5835f65f4f0a6f4056c46ed903aaad199895ebf8f245269a7c89ae17e
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 6fccb6455a0e38d684618ff0cf970f9a71ee8310c9bbfcc0719d97d28bcae5f1
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 98ae34fd76f1204b976204e545d3b95786eb2c0bef2374fa543d833934232217
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 2fa7663ee573549dbc5be39e1c830d5a30ef2b49b3235e41abff12be105ff8dd
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: db27ae55ccf84342808e9e7fed0296ef3799609090a25aef224e5adce0289fda
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 07486e2c032f7b79a9390985c1f656f1c902f9aba8d8e9ae086b90f141abb12f
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 347e7017709285f6ac67208700436ef5cd55bc0e21da9f11c9b3f2bf35bf4327
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: d9c06ead88cea5b89ec70185a7534b976a46463db20c4a938368f17f1b9f295f
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 5291b9947628a80410cd1709b0a604a5a2f6c4fc4f07149734a1582b9ea95a68
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: b1c045e45418ccbfe99e2dbf81e7b290333fb90236659b3dc9e64f82294fc88e
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: bc8dccf33c2591bdd4abab14bcbf28853ee61c0eaf31258291773ccc08780ec9
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 985af648e46d05632e352504b6a968541b8cdcaafcdbd68256a97c2de50abd8e
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 919c1524b60cb1aad35e349b2f077b6eb40e1c70f835c773762c818a8ac163f0
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: 27ee37cb887fff09d2d048e7d9269594e5583dbb30e29a2a061839218ff78056
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: e38315fa316c0cfdeb5a7952134a798ba6a3332f68d015aa9274b8e1b22df6b8
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm
SHA-256: cb18049579d5fa1c291c6ff8fd5d7f7406ce00a041ba4ed6b8b226f8d1851fe3
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: bb0cd73cf6aadb4c0e662e8e4ffad1dca8cbe796dc5bc6f1216acc4fdb654e70
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 017e6beb67b7b3d95543152c751a6baa54cd58c8b74bde584bdb71e80e535054
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 80dafffceb96e5f8e28cda78b00ca27b4af85f158c3e3af54dc85f50be51465f
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 7ab439ccc49eae9ec97e36844b0e39cc87a0e470c1659e723f9ecabc7162df8c
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 5ff6a294e9e93c1fb80c970a6ca37c0d2baffcb37e872121e4a1fdccd2b7abfe
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 5da94cacfc033b2b31b681760e8e2f5617b68996ee3b0e5d41d2bee3998b58e7
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 8985a052109a0e9d40caf58a1b69aa5aec9fe1dad02c1ea4d5774637a7c9557a
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 008595354d7b0f549809090aa9d7425fdfa7b99ddd9f12c1f226e865eeb47702
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 768117c43a8bfe4799d79880ec3caa0d4689c7afe9377b125b18532323a36215
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 4762a53ca3226eba2fec8c9d873c44d9db78f3f827971cafdceb9f39277e9895
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: c4bf3338aaac73a6b0fe21b79de588e9270543eada73fc61766ef248230cc151
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: e7c755996fb2f0f3ff826ed0b031e8e4c12ae70c36c4ed271636a1dfb8bda226
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 7a1007e152e2a3ac0d831ea1b52c7429c6a93c2e44162a7965c130308fa45ae8
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 70bebd7bf86e3ec9f5c9acf2a3ba78db6369bd7b2a4397e0305c4ec2786d9297
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 383f28fed21c63435c85a240448e3a01f26aabb315043b65cc50e4b318aa5a70
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 45cc0608b5d21ea309b455f56674c5ea45e0da5da362579934031ab8881aeacb
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 52409e3c86992fda6fcabc611549b210a14326088b2749482f947e0b9af278d1
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: e501370beb38c6e9b2810054854d8fbfea28a53fca7b59fcc57374a154bb7980
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: de8de9179586db8bb6452a00a96802b5f9a7c18d1d42ead7164b65967ed0a3c9
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: dafa1246f8b5d4a8cd6a3e3dbd366e1c23540fa3cb9b952e3a0aa64806cbf808
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: b27db2a56646dd4f47ee75c96d3a39b176c2ad199b6cfda0bd9e9f3e8c0ea1c6
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 4e85f16c98f00f3ac89c6a7be20dbb9738ce7fe380068e0ba4b5cb79be1c127d
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm
SHA-256: 4fb4c1ec4a24b69c295bf8743e09ef3e0d8f262621245e7e49d3df1927b851bf
Related news
Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated...
Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.
Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0202-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0198-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0190-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0197-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).