Headline
RHSA-2023:0208: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
- CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Synopsis
Moderate: java-1.8.0-openjdk security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
- OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705)
- Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910)
- solr broken due to access denied (“java.io.FilePermission” “/etc/pki/java/cacerts” “read”) [rhel-8, openjdk-8] (BZ#2163595)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Fixes
- BZ - 2139705 - Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() [rhel-8.7.0.z]
- BZ - 2159910 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] [rhel-8.7.0.z]
- BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
- BZ - 2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
- BZ - 2163595 - solr broken due to access denied (“java.io.FilePermission” “/etc/pki/java/cacerts” “read”) [rhel-8, openjdk-8] [rhel-8.7.0.z]
Red Hat Enterprise Linux for x86_64 8
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm
SHA-256: ba2f8cc3130da6ad29d97310cfd1c5908af0d889474dd14d05386b6675ee9cd4
x86_64
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: bd4828db130193f1e8ce7185c9c7d50e29b3810eca6023540c2480a4a7cfad03
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: fcf75fd85b1a49e52a52f545e9d42895fc612d0182f21103a5b0dc848574847a
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: fb0da9aeec3bd514969c5532710bc61f71a31188dc5459fbf9d5a616e62f322c
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 55fd46e10d941406e61ae717ddc41fdf697c768119292756acdae03fb01129cd
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 1275fe18ddd2f05ba6279cdc2e90b2b4c389957ed3c0f48517b4c972c4f07c0a
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: d725254a61740f90289e5f89a92c8681ab239e1ffa9f45ba8598d6d4362f115d
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 999d40d3289be3a6d987392ea97e0ef569c55497d0a9f72fdf200c86f34177b4
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 10798a74328b1601dc05f32537b714f44d8c5523761c505dfa288bd2f14c26a3
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: b9aa1051a8aa5bf5660b604c22fbd890f1e75b80de850a70a9883e9efbdc7d7d
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 5b52a05bb4e02550b65a4b68adf748d2e701096b17c1f1eef2de46fada1960db
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 30012bc532fae02352407159e185b1eca9368d82c36d10f337ca280dfe25e03d
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 38365ed36efcb07d6cbf505574e40663e3bc9a3ee9ac2d60d20b7f5202837623
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: c0afc83ca0fb05ac59fdbcf5053170990d8c32ccf8e03e10b35e8d4144f68997
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm
SHA-256: ba2f8cc3130da6ad29d97310cfd1c5908af0d889474dd14d05386b6675ee9cd4
s390x
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 7c12904e20e1c2487776c06d97b0af986fbd0c4a6775e51f292b51d619dac710
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 003500a7167207e65e4c8899afd9aba93d03054246835e321ed9d031349fc6ff
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 17d46d7a30828e22a15c350efb8bc0fed9c9899ea67bae4392df16f62ffec34a
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 2055adb2b88a6b997c2be90305788fc40b2e053c6cf0c2dad1f195d39789c7b8
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 26dd5dcbed06da33172a723c0a91ec377ee622d8f78d2a56c1c6e898a886b66a
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 3e3d26af1f398972d8d783c452d968c58711fe5a758489b5d5021c01528a0d38
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 15e469868750368587e7a54c96a5be9d765e833ac84e673757ef9da2ee0f32c7
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 5cbe8620d08f805c442d8c7ecc4a919ce3f41e6842a1a18e2bb5ea786bc466df
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: cf0862eebfd25f0a7c4c8e3567610854c2523d6f2480ea653a678ad17db21c97
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: 3150da7c1da24b4fe8c685fe1666593e9d0b7a8b5dae1e113a65bcc630196127
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 30012bc532fae02352407159e185b1eca9368d82c36d10f337ca280dfe25e03d
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 38365ed36efcb07d6cbf505574e40663e3bc9a3ee9ac2d60d20b7f5202837623
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.s390x.rpm
SHA-256: bb3110fbab5edd76d9440900e5f8416e47962f301b02544568d07ed06a8c304c
Red Hat Enterprise Linux for Power, little endian 8
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm
SHA-256: ba2f8cc3130da6ad29d97310cfd1c5908af0d889474dd14d05386b6675ee9cd4
ppc64le
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 3e9eb3b761f83b89a77bdc2dab802b0c34df67a7971cbf5b0193c6701abd8a75
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 207af3514d9c7ce315bec34384a8d719dc22c203a31b9a4e99eb9ee2a25c0a35
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 63cb97a38e9b3e4a27a6fd98774b0ecb2a43212616f4f24c71445937824ff56b
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 96c03bbf1ee5bae04fde08c91baa349117c925dff052d7ce0dff9ff3f0226cde
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: c68cdae5fe38936d33ac517a0a50fe76f3ee512c901dd7c28df22585b4d09f60
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 4456a1982be380a910a700d36170b7555e7785264724e0ff20aa27518858cdea
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 54ae3c33a19c1bf0163c2a7fcb01045f7be2bf58b54719d6d918a7a23537bbaa
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: a8e006b340e852fe34b4d9501d35883cb96fed5001320602e2782ee56381bb0e
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 451657e4ce805f9ef091e482d1746d7aecf9fc8bd7ba51ec92dc4e8653c3050b
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: d0edd1830e7f12e85e50a04cbcd74aa50179031cb3b70e2a26577e7e5acd7159
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 30012bc532fae02352407159e185b1eca9368d82c36d10f337ca280dfe25e03d
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 38365ed36efcb07d6cbf505574e40663e3bc9a3ee9ac2d60d20b7f5202837623
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 84af77b34443ad473bf64908ae15dca74c7c1f50fc14192ac5786f0140a18667
Red Hat Enterprise Linux for ARM 64 8
SRPM
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm
SHA-256: ba2f8cc3130da6ad29d97310cfd1c5908af0d889474dd14d05386b6675ee9cd4
aarch64
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: f36ea4d5eff10535f0551432a13abaa234ab254a69c10b3f29b6b81ab96346b3
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 83ed737308d48c19e6960afa02bda878dfc35e0f8f2b16de0d2106d7e4f30385
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 4e446d15576de13a79bdb3f01a18cac660b63fc91fe9762387f4603adb82cdfe
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 204821f56ab4ea1625d757ddb7590cdbe9fa1ca743a4671184d53f81dc15c6af
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 1af9b62407a068093ab215bdf650f9d04aaf408efb28a70434db257b88afa604
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 085cbcb149fd6d4ae73a9bb3aca9153869ef34439fc1a0f3094a05a7dcb0799a
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 311bf0dec40aa666bcd1c2334afd7181d48bfd2552c426f3027ad761e279c971
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: cecad0bcc79b69756f950ecf9b2f6ef920440db283dded9aa6cbdb68a7df0c45
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 072942e34939757fc01395114ceaa7089a64f05a4963bf24d5fd2e5175af4b95
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 0aa61c26dc2f1cf3cfa743a97e43ca5cdbe90599ff92bcd811cf7e150d79bf2a
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 30012bc532fae02352407159e185b1eca9368d82c36d10f337ca280dfe25e03d
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm
SHA-256: 38365ed36efcb07d6cbf505574e40663e3bc9a3ee9ac2d60d20b7f5202837623
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 2e7fdc3005b1365e9901ddf5529b92b6e276148bed9ade283d7d23cfaceece15
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 483ba86a0ae540010ac47e1ae659f92f896ed12a171b2cc7d1444a548757b36c
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: e731c0393f7e092c8f902fc6579f1b03403e6b0d38aec2fe4f0c42e5d9c3317c
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: fb0da9aeec3bd514969c5532710bc61f71a31188dc5459fbf9d5a616e62f322c
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 55fd46e10d941406e61ae717ddc41fdf697c768119292756acdae03fb01129cd
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: d725254a61740f90289e5f89a92c8681ab239e1ffa9f45ba8598d6d4362f115d
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: fd1ed1b3f2fce8b5deed9e788b8063bbbd29f44d0879a586d1acff47d2fcca34
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 7257ec3d67c1cd72da2f8e1bda18a5f6a73f00f6ea500d46469b5b3f82426af9
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 5fa5d252ac85906cee9fc6feed2f8118cad9d8ea9c16a08d86bc56a3a4228b7c
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: ad1005d4f6507fac4b04a158612409a02a5f4617ce6f6cf45ed5041201477e22
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 10798a74328b1601dc05f32537b714f44d8c5523761c505dfa288bd2f14c26a3
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: e903a3c14a5fcda81a0ea5d09a66f129b289ab70c94604a0f29e467b0a86ab91
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 9f19f6d24dd84cb99b6da55f7ab737785809d899d11dffa5dc2d9de861bcb9d3
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 6d2e65ac861bf20e524b7243544f16a8d958c987a356623cacf2f83f968b536d
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 905af78be9ba7bf125034327432545cb45238627beb23104e36f84696f2286a3
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: fc32911113f336a25f70189a4bf3a7aa5d29511c952b2dda4877b95783b98164
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 7177865eede1ee49f1096500a04c67a764f6b3418fe8f2718219d5b2b617345b
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 5b52a05bb4e02550b65a4b68adf748d2e701096b17c1f1eef2de46fada1960db
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 8bcba8981ddd9e60f7d0a9898160dadd7517cd9fa69d4c064fc7d3634d01d42b
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 17b05738ef8fd73a5d8520365d35ea978d43d68b4db4d522a1a4d97397a33b28
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 88969dbc8c6f01157a7a83c043e64c4f2019e4a481e22f7cf2df62ddd84a2991
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: c86c203dd78f49629448ac09610d218bba9de0649cd76f4a5f9b7ce7155d6c7d
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 223769bacc60e5bff6c728b81382dcc4689c33f515f7e33279ccb00777e91d68
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: cb23bee3135550952474a0db4d1b50685bf5b7045725fee4e77fcd1e6cde2a62
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 3d8b0f2374ae6c7e7a5b9dd422250224c8f4859a3635b5800674ff4f246eedc4
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm
SHA-256: 00cb369b17b33f19c9df68d1b7504dbeff798584720489f746585a1b7aa223dd
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: fc9b2eb69d2abda986431b4ad0a7c8b577bad1148f4c002be6241cb21f48c095
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: e9a3a206f53c0406e236bf306f5209714fd44bd6f65875f7581bf1a5800eae56
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 63cb97a38e9b3e4a27a6fd98774b0ecb2a43212616f4f24c71445937824ff56b
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 96c03bbf1ee5bae04fde08c91baa349117c925dff052d7ce0dff9ff3f0226cde
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 4456a1982be380a910a700d36170b7555e7785264724e0ff20aa27518858cdea
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 89608bb8b980ab05a9619484839cb5be59627b7c84bb45c2c10cfcb84aa1e0ae
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 0d713be191be9b6e3beb54705f0a5359cb3f5351a5aecfa7956b811d69c6fd58
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 275a2320a4c351a72ecdfaf989d25a88133b7e94f5e8961570d5856e4d3a1498
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: b8f0892720c6e679d232cf251a7017ca6ca16ae1c20c05a5812c240ae270a136
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: a8e006b340e852fe34b4d9501d35883cb96fed5001320602e2782ee56381bb0e
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 982d446a9dc8ee8533ea9d25ee84165b5edefc247adf403033803533ea701088
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 8160a39e782192b29f5345e4187fa56e93107cce1adeb7b7ff30a889ca80f6be
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: c7b0e0abfe96c5773f1b914fdefc6308aea441500189fc86846b71aeac1238a0
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: c13e2d613e150a876accf44187f2da70480206588d47f7e7efe234aef0ed4169
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 5cb23a654e8647b3d94cdc1d2570709006682413cad4b1bbfc0872a3d1162c27
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 1cee84d56d0fbaf1782b8ce33f7d6d85bee43baed91d17bcb4cee18a4bdc5327
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: d0edd1830e7f12e85e50a04cbcd74aa50179031cb3b70e2a26577e7e5acd7159
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 82d419c3bc43d405f2906b4e54ec126baadef3500afba3d48ac48384560f21e8
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 66a935eb6722ed31e3386c96f487ffbc3b11f1a2bf4338165c30afb4225fcb26
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 76fe1f660fa74c6c2e99ab6bbb55616c922aa9f80eb876305f106e814bfe2843
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: c7233e11d653ade7a585432aed397544310a1adda83ece3ffc342b29423bb355
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 13b8d881a44ca40b794ff13d68aca8e4663ed4616dc5c7e09a522b68329c7369
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: e8596521774751de697942eb898b57203980c942060b3711289cc67828601e60
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 0c1ec13b426aa87a52d2bef0928d0d03297e82f370193e97097ba9b7a43e94e2
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm
SHA-256: 674d0a8260fed907feca5366a1f10553ea20387e4c44a7d33297ada9e20fc98b
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: df05a7a82cb70aaf8fbdcb32472457e1acee97f8ee0b280cdf6810c1eae9bf19
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: ed54c39d2befbfce744abff64d940f27d3e1baad33e7fa001624604f73768871
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 4e446d15576de13a79bdb3f01a18cac660b63fc91fe9762387f4603adb82cdfe
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 204821f56ab4ea1625d757ddb7590cdbe9fa1ca743a4671184d53f81dc15c6af
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 085cbcb149fd6d4ae73a9bb3aca9153869ef34439fc1a0f3094a05a7dcb0799a
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: e0f1875d5e068ec0edb5ae12be6dad895f56f7decda9a140598125171032ab38
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 0ffb4284c645faf6e2af4a619885277761e0fce5817cbc5602e5b41842f33393
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 88156648f029f2385dc5305405582648122743ce98acf9c139a17f045a6cb230
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 230b2ed17d1673c89870bfd17e85fdae523eb034baedefb6214dc618deb41306
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: cecad0bcc79b69756f950ecf9b2f6ef920440db283dded9aa6cbdb68a7df0c45
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: c43f6dc6356395255d2b36aa4215044e75cea9bd0bfff6fc035f6b993f988af3
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: cde57da160773b620a5e93b76ac5eafd895e59bdafc9dedd4587eb12983cbe44
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 4b7caec577bd76b08358147ef78c6bd3a1d4f70d56cdf6c4f8c8e1567d2267ff
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 15d6a3517abd7816846d248a9f1ddd38c637daa39109e8909118248b8ed1d720
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 29b56e2d2a554ddcfa3f8b8f4ac04509a5488be481a5c87a55174fa231536ac5
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 4b2f560c103be6d939cb3691df8b080ec02aca12708ecd34e1a6ef2f417c306b
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 0aa61c26dc2f1cf3cfa743a97e43ca5cdbe90599ff92bcd811cf7e150d79bf2a
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 7b795404bd2f3b26853ac890c94d496316428de84d0bb67848b3ad62d96be604
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: c1c1ee30c9cc20d0bfe2347f34ad327184a1582cddccf4906daaca5f41d45f70
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 8935fb9403e72e4d088f5e4a5f61029522642c18a47abac553492833af12716b
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 0fd1d33c6bec17dae6131136c4d245803e8bc1448c250247cc183598c5322949
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: 10d57d615631837a4dc96ae0ea405605cd34f5337c45ae77bf48352ce92bf693
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: a61e694f0a8174cf408f9eb97b1073b875a34ecfcbf56d98f4b5e5dd90a48db4
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: ada7dc2e05b1b7e438559c9f3c2e89962c2cd99a40cd847e8a153c688f9db91f
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm
SHA-256: bbc8200167599c32ad6fbd05c1d4f828ad5539e382e8c3a80d8b8555f98c9081
Related news
Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-3136-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.
Debian Linux Security Advisory 5331-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.
Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0354-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).