Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7002: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • CVE-2022-21628: OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Red Hat Security Data
#vulnerability#linux#red_hat#java#ibm

Synopsis

Moderate: java-1.8.0-openjdk security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
  • OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
  • OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
  • OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2130371 - Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) [rhel-7.9.z]
  • BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)

CVEs

  • CVE-2022-21619
  • CVE-2022-21624
  • CVE-2022-21626
  • CVE-2022-21628

Red Hat Enterprise Linux Server 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

x86_64

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b

Red Hat Enterprise Linux Workstation 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

x86_64

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b

Red Hat Enterprise Linux Desktop 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

x86_64

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

s390x

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: c0a4bba6e50c693cc2e301fcfbfb0b003419801965a4ac5a0e0f3daae29b4216

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: 035f65b27c3d94ec48aac8ea4ed2d6cf471936147f4a1a18e21228f3a37783c5

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: cbf58993384875f108d15125dcd633ccdc045c14b1b1b2316056c3b783b1120a

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: cbf58993384875f108d15125dcd633ccdc045c14b1b1b2316056c3b783b1120a

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: 6c0106e4230a32cc440cf8ced23adc3f191b29d70fc83e0dbde72f7f1e4d7fdc

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: 28a2e35ea662b2ee3950e85c1f64e989fe4840592149ee71cc45e9cf198be652

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: 90e09e127ae8bbfaf66aa80727093d08ec13b80ff8c6ef87091280c2d5997f05

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.s390x.rpm

SHA-256: 0d341fa448f948fcf76b53f233b9784dd919f43deda5c97fea89f85ab49d775e

Red Hat Enterprise Linux for Power, big endian 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

ppc64

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: f28c3590f760d28e88394d46402f0db3436912edd1464e192694a5a589a80a11

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: 4856b161d3446121aac3726fc3a9c4537c01b80157591a142da25389f848b67b

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: 8093672a74e6e6e1e44be726ebf4dc1c654a46fd6e8bcfece7ceae26276652f5

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: 8093672a74e6e6e1e44be726ebf4dc1c654a46fd6e8bcfece7ceae26276652f5

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: c1062c4979a83e4cc3cba0d9732f3ca4b37b8bcce9260b6846dda4032b0c61fa

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: dc146b8b6357f8902136996c03b11f659dfbed68ae884751473721fb5a34e9dc

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: b6f7b8c2577ea8a61da93ef524ae1823529e1550d4fd5d4d419ba968cd87756f

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.ppc64.rpm

SHA-256: 8b8b88a4ee99889777451126ab8e9d401fd388d5eba8b82a81ef72ea04c31ba5

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

x86_64

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm

SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm

SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b

Red Hat Enterprise Linux for Power, little endian 7

SRPM

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm

SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5

ppc64le

java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: 77af58d00b2c2720354868ec2e3c5c3e7beba75826523319bd38b363c6c9d96d

java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: 224193ffdfc840435f68271aeeac7f2c1334862955a21b01973d29eec978701a

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: d0c29f79d2642e8ff32d990dc1373d8512199785e129866b4e129bc24155b582

java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: d0c29f79d2642e8ff32d990dc1373d8512199785e129866b4e129bc24155b582

java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: 507d1d30becf58c9c240d9f2663c65e87f09b60ddb6c4f6e8b2883758e03fb84

java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: 33b0aa3f7a1aef0586f5051a9eeb8e960c56c50656af9e24ee47d68106e838de

java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: f743f26ac8460f6073d8feba572bfc291286338012e7724a78f5747e9077260a

java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1

java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm

SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac

java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.ppc64le.rpm

SHA-256: 4c3aec42ace51e93f7dc4ddd9c2c92989849edf2e0943cff110d37dddd8a3d96

Related news

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-0128-01

Red Hat Security Advisory 2023-0128-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-8938-01

Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.

RHSA-2022:8781: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

Red Hat Security Advisory 2022-7434-01

Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.

RHSA-2022:6882: Red Hat Security Advisory: Openshift Logging 5.3.13 security and bug fix release

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-7216-01

Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.

Red Hat Security Advisory 2022-7050-01

Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7007-01

Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7054-01

Red Hat Security Advisory 2022-7054-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7003-01

Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7009-01

Red Hat Security Advisory 2022-7009-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7004-01

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7010-01

Red Hat Security Advisory 2022-7010-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7001-01

Red Hat Security Advisory 2022-7001-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

RHSA-2022:7051: Red Hat Security Advisory: OpenJDK 17.0.5 Security Update for Windows Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...

RHSA-2022:7050: Red Hat Security Advisory: OpenJDK 8u352 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection co...

RHSA-2022:7013: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7012: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7000: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7008: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7008: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7008: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7008: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

RHSA-2022:7010: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7010: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7010: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7010: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7011: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7011: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7011: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7011: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7006: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7006: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7006: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7006: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...

RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7001: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

RHSA-2022:7005: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...

RHSA-2022:7003: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

RHSA-2022:7004: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...

RHSA-2022:7009: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).