Headline
RHSA-2022:7002: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
- CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
- CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
- CVE-2022-21628: OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Synopsis
Moderate: java-1.8.0-openjdk security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
- OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
- OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
- OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
- OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2130371 - Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) [rhel-7.9.z]
- BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
- BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
- BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
- BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
CVEs
- CVE-2022-21619
- CVE-2022-21624
- CVE-2022-21626
- CVE-2022-21628
Red Hat Enterprise Linux Server 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
x86_64
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b
Red Hat Enterprise Linux Workstation 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
x86_64
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b
Red Hat Enterprise Linux Desktop 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
x86_64
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
s390x
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: c0a4bba6e50c693cc2e301fcfbfb0b003419801965a4ac5a0e0f3daae29b4216
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: 035f65b27c3d94ec48aac8ea4ed2d6cf471936147f4a1a18e21228f3a37783c5
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: cbf58993384875f108d15125dcd633ccdc045c14b1b1b2316056c3b783b1120a
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: cbf58993384875f108d15125dcd633ccdc045c14b1b1b2316056c3b783b1120a
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: 6c0106e4230a32cc440cf8ced23adc3f191b29d70fc83e0dbde72f7f1e4d7fdc
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: 28a2e35ea662b2ee3950e85c1f64e989fe4840592149ee71cc45e9cf198be652
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: 90e09e127ae8bbfaf66aa80727093d08ec13b80ff8c6ef87091280c2d5997f05
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.s390x.rpm
SHA-256: 0d341fa448f948fcf76b53f233b9784dd919f43deda5c97fea89f85ab49d775e
Red Hat Enterprise Linux for Power, big endian 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
ppc64
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: f28c3590f760d28e88394d46402f0db3436912edd1464e192694a5a589a80a11
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: 4856b161d3446121aac3726fc3a9c4537c01b80157591a142da25389f848b67b
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: 8093672a74e6e6e1e44be726ebf4dc1c654a46fd6e8bcfece7ceae26276652f5
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: 8093672a74e6e6e1e44be726ebf4dc1c654a46fd6e8bcfece7ceae26276652f5
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: c1062c4979a83e4cc3cba0d9732f3ca4b37b8bcce9260b6846dda4032b0c61fa
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: dc146b8b6357f8902136996c03b11f659dfbed68ae884751473721fb5a34e9dc
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: b6f7b8c2577ea8a61da93ef524ae1823529e1550d4fd5d4d419ba968cd87756f
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.ppc64.rpm
SHA-256: 8b8b88a4ee99889777451126ab8e9d401fd388d5eba8b82a81ef72ea04c31ba5
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
x86_64
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: bcadd020dbf89154b3a0314324c5c1d145c12b89bfc08ae6d463c6f817dccfa6
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: b943634486a6473bbc461a21adf3d6b1fe49c36d1ede40ceeee61112097e17e3
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d7d52da462dbf0c207d29a9de5c142c75aa409c11a6f6612efa8605e0fd52a68
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 6c7a15ca91fe75007edfb2b61b9b6aedcaa5fddf86d9a07c5fe4214a3de7cd92
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 0f3f2abc4efde74b7679f6fff1d54351d56c3838fde2df99f93c299fc7200bef
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 89d41cdffee187872d0a9fbf2b97f352b3925920c6f6fe4c25f1a913db72ec37
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: d96139a480c4ff73cc4e8b1ed4a315d87feae13f14f20902145fc116a6ec696c
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 25ec75a1ac4ac215f600cc8c6517e906ecac289ff4f771936190ad16548b5478
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: f6546592240048282ccd461b765c3d9d26f504413ff4d8ce6f29e030813a6a55
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 5ab327f78d4d2f9061b4561e00fb73d11fa4d0de42017fa35b176fccf1d5d8dc
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: 8a4a157c4d0a3addb73a52f12a433335fd43a6a39b0d8229171803912c3796d0
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 0087abb6c65b696ef8e05d01bfdfbe3b7a701890bab3440e859ec9ccec54996c
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm
SHA-256: b596c98d78dc61671e0813914ae8d9f8496675fe1417153621d9b716fd333bb3
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm
SHA-256: 7ef8465698949ad760941361209eff141b15c854bf502694ac270ee30b84e84b
Red Hat Enterprise Linux for Power, little endian 7
SRPM
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.src.rpm
SHA-256: 5178487257d403ae8c162e5d22d3f9e249b484bd22554269f3830203851846b5
ppc64le
java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: 77af58d00b2c2720354868ec2e3c5c3e7beba75826523319bd38b363c6c9d96d
java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: 224193ffdfc840435f68271aeeac7f2c1334862955a21b01973d29eec978701a
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: d0c29f79d2642e8ff32d990dc1373d8512199785e129866b4e129bc24155b582
java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: d0c29f79d2642e8ff32d990dc1373d8512199785e129866b4e129bc24155b582
java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: 507d1d30becf58c9c240d9f2663c65e87f09b60ddb6c4f6e8b2883758e03fb84
java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: 33b0aa3f7a1aef0586f5051a9eeb8e960c56c50656af9e24ee47d68106e838de
java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: f743f26ac8460f6073d8feba572bfc291286338012e7724a78f5747e9077260a
java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: 74440a8107b7eaa1378ef7b2a01b88f73d92c1c82e545eae042b5955900f01b1
java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm
SHA-256: c14747d2d59269d5434784ac323e762f2d041bfb1af1115ea25365cd855dc0ac
java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.ppc64le.rpm
SHA-256: 4c3aec42ace51e93f7dc4ddd9c2c92989849edf2e0943cff110d37dddd8a3d96
Related news
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Red Hat Security Advisory 2023-0128-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...
Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.
An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.
Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7054-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7009-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.
Red Hat Security Advisory 2022-7010-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
Red Hat Security Advisory 2022-7001-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 ce...
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection co...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServer no connection count lim...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK: HttpServ...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).