Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0194: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
  • CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Data
#sql#vulnerability#mac#linux#red_hat#js#java#ibm#ssl

Synopsis

Moderate: java-17-openjdk security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835)
  • OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147476)
  • Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [rhel-9] (BZ#2153097)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2147476 - Extend the support for NSS DBs (PKCS11) in FIPS mode [rhel-9, openjdk-17] [rhel-9.1.0.z]
  • BZ - 2153097 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [rhel-9] [rhel-9.1.0.z]
  • BZ - 2160421 - CVE-2023-21835 OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
  • BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Enterprise Linux for x86_64 9

SRPM

java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm

SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511

x86_64

java-17-openjdk-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 5282cf0b80ac07ba7f2ceb219b36750ba30871aeca6db92badba4502fd25f480

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 812da7f95da6767408261d7a9975a15e40b81df7f36d23959ed5088d52594695

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: cfbe7e00758e87c5b2c12c062cbad3e103696d510f07e59a1a51461eb47feeec

java-17-openjdk-demo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: abf7c183d14dcca3c152ee41fcf2f4628b0647fc9aa7e64d30912943ff56b82e

java-17-openjdk-devel-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 122ec1ece77b51c995f775226339d405c2e684bb81d38866fd14b8b7c795bb00

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 81faac50ec04ee605a53152a6cd1deb54bbbd4a58574b79382d2716f19876e89

java-17-openjdk-headless-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: a2e1ab06c824843be21d1b2d9fd7a35e40a76794c1262f4dbbaa7d667588c375

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 796fbfffa646061725eb84c96196c3fe52e29e683afde1fc63f20cdb7f115601

java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 92c1f63e1815ea3e992d21f01ebf25ac993df4b18920b92e8dc037be68db123a

java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 7b5961ccb0d08b4dc18a2a2f7fdfd1d4eeab21f7228739b4c0d10aa14340ae05

java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 3cedb9dc986b74229f0c0968d4a9df45365ccf505be0a98b38b24be8131594c1

java-17-openjdk-src-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 1434cc9e10cc9540c82731aff329b5453d2f71a1efac0deffb8903d94734c00f

java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: d8831131937ac7adc2abedaea62c9a69ea2b4d56eff37df8e690c28c10f2779c

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm

SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511

s390x

java-17-openjdk-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: ef37592af9e2caa6bcc96ebc674badfc03c39472c0808b9fa451b5807a1359b5

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: eb8f0258c7a02171721b697bb4690c875d8373d53f84529b8a2441ee7252c0c9

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 3eca5e8fbb6698332d0138f6d442e5679762317fd8174bd9a57656d0150a9bef

java-17-openjdk-demo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: f31a587229abad78b930ae8964dd09e13cc64d9a42486aaf3527787c2029b451

java-17-openjdk-devel-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 65ac3a34e30d1b2eb73b2f8d224967118d41299afa0b1c184023fb634c04843c

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: bc833a224b8077699d497c60fbc4c712eae9ee100f55893ce8e5fa195874117b

java-17-openjdk-headless-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: dc5baac60dca894471afd0f32f9f76bda1418af8070699e6671900d1d5e19a7b

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 85be75fe9ec3cd2d57205c8dd8d17c7becc0c048a914f9dce3cd020e24fe95c7

java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: bcd761d1e4027122db4a0583fd1669689f44819dab175d28907ae57e2b865836

java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 6d069696eeee9f0a4db6c10f3e1dbbf2fa32e24300f7acdc121dbbe281921413

java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 2ff5b6c606c4cd28cfa4316930212b03374114cbca1c205e8935642a09e3732c

java-17-openjdk-src-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 852b98337360bfdb10f00aa14f527bf97a33ef6e1a6c3b6a1abb7d9af5640505

java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 810e8890208354e511b31898ae5e88c0b5dfe9b7e68d6537dae8c14bf472d90a

Red Hat Enterprise Linux for Power, little endian 9

SRPM

java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm

SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511

ppc64le

java-17-openjdk-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: a943dc10384f520743da3b442a2e45dd4f125b4fd4196ebc51c7a01f21abebd4

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 3af016257192e6ee90f6385a2ddd130a5d639279fa32b3c6aa1c458d726a5c11

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: f4f79fed6ba352f543fbff32ed36bae531b094f2fed5d041f2955b4e589aea54

java-17-openjdk-demo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: c606c64fc57b4dd010d7dcff7fd304fcde0855bf4b139126b7b5e5da58cbe806

java-17-openjdk-devel-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 81b61512da478a31f45b0484d23b2772379718873b5e46ca0d27cb59bdfe30a7

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 8522c8d4e48852a60e4ce538781f1e87125401e5b5d4fbb4da741ecca64a7850

java-17-openjdk-headless-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 1ccb324f145a46e0a2a32542124325ab06cd0e0a57f6b1a47b25e53ecb8c51ee

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 65634730ed99504779458ecd5716129f63e3460cc01db0fbb4f12ac5b38b50fd

java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 236f8599cc6eabaacb804610b479b0a4b8b58f75a33ce205519ce59cd0b6fcb0

java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 9bc5b8a9b3008aac9b49daec7848bdfe97575952881f2b1ffdf9c6abf4ab08b4

java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 4fe718fde47562a37187e305de0e441feff59407b4a1d7b46da80a91223b1176

java-17-openjdk-src-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: d42875cd6fd6a6527eaa60e03e61910569ccd79531ee2082942c60657677c1a5

java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: a77c96ffd389474ae08833abe6bb336ede8748480da0c91c2448227121f26d19

Red Hat Enterprise Linux for ARM 64 9

SRPM

java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm

SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511

aarch64

java-17-openjdk-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 0af32b008ba79f8c4995d41ef7f5c0ac187b22761a699521f2a5dbbbd6c162fb

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 0f500d27fcabf83e6c6c96d1545c4c27d866d9aaceff66b235a8eef28f9e6899

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: db07195d6593a87f083a8083bd9782727d16702f952880d30bc4b33ec8a7ba31

java-17-openjdk-demo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 3c180d7f0ac75d4058321a6e96ccc419230313c6b83f406b39a0887e6d3697fb

java-17-openjdk-devel-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 7c741c3b9f889193e470a78abe9f8e9b28a3fd7c73399be64178c0cf277a4b73

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: f75a8173575cca18dd9d7a432a01e248107f76ee40a5cf668f1b66bd358f599c

java-17-openjdk-headless-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 3f18264d514ed622ed2326ee87f852bcc2d132c3118836fdafd29fec7c88693b

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 21d4c964a0a5e0d5efb3f06466d9dee4310fb7d11a41ecaaf4a89fccfefdf409

java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 797470f1e22adf7c2b0337275ba0ba16591de597cbf62cbc35d2a23b3f12bf9e

java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 34ea925aded28897a6e022d3bf1a5d074a6f42cbb99de5a5bc342a55a4688b68

java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 8ea00578d7742b155bfd3aaa30fb941d801d8b2dc6c017a8a711a5f354c0d945

java-17-openjdk-src-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: ad92c5e99dec52eb6d4c2714ae9c026a0bf5fc829669694e8898d174d5c3964c

java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: aa26dfdf5654f225aa554166b6efa922861e3ac9c61bc5efc07baed8e62f7c10

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 812da7f95da6767408261d7a9975a15e40b81df7f36d23959ed5088d52594695

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: cfbe7e00758e87c5b2c12c062cbad3e103696d510f07e59a1a51461eb47feeec

java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 7e1106a5643e66ce82781f5b1c64e0ba4a92fb8d9426edb6a47478be9d1bd438

java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: e799e00cf921583afb4bcb7fd74cb982d37d0c1ed882193ac401dddcbc20f6cc

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 81faac50ec04ee605a53152a6cd1deb54bbbd4a58574b79382d2716f19876e89

java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 871dccf7bba4be0b0cb9733bf7200cb95e2a000489a38866c5aeb6f4e9757c31

java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 8d1d778bcd0eeb0b7a6125b074e437b9d4a5caa06fd9c08dd07ca2587dabb0eb

java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: a2ec855c01c1e2b42c813743ccf07226c9f94b252875a28e90348aa0c5b8be29

java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: caf332194e634d88e0bf5972fbea00f951bf94a0bacf5aa7d5ebb4c7d51ee883

java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: f56a0315aa0ed4edf8796de42260219656516be19703f9711d95e7641c4d9600

java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 842f65cab8945e9dd05858f0096cf8cbde08c4c67b4726f95332985920a7f0be

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 796fbfffa646061725eb84c96196c3fe52e29e683afde1fc63f20cdb7f115601

java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: d176c35bff41194794df2baa4924d850272b216a6d2cd1ddeb3408fe2d2b480c

java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: c4773279ca629474721a4cd1b3dc3eb144e384f5d37f075c3b861a1844e23331

java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 26566019e5a49741ee5298bb8bc4aba388b2e8efacdf13226cf25bfacf1dc0a7

java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: f394e695f27e5a0c63c00a8d81bf666e05fad1762f88001ed0e7a73e3819de23

java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 1c5b26dda8067ef946ef9666df083ad864a32fb2859243f5b1ce125076e6d2d6

java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 7727409d61906b11aa11c2eaf89d3f36df73b3805ee3b448774d37adb46d7f6e

java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 3383beb953d628fbede70d04058e7cdbbd5853fa583b6944ccba23e242d3cd52

java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 551f6a113f04fe75c367ed7ae7d8b5a7b8f622bcedee4889a42f9a3f4531723f

java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 07b0998e2b5ccd924706d3ca50f25f8ba307e64eddda93afe78adfa70b80f9a0

java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 119d297cc59ffa6d9209b434426549d1d5e5b9a59dbcac53c5c0f33d5ed3d10c

java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: 539a94913d9b06d574cd4849c87e9720aa9ec76eaa649c54d25b858c5bd118b7

java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm

SHA-256: e119d6209fbe77f81ead4a4b0a3bf4a96fd023e90feed597aa72899becc42a84

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM

ppc64le

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 3af016257192e6ee90f6385a2ddd130a5d639279fa32b3c6aa1c458d726a5c11

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: f4f79fed6ba352f543fbff32ed36bae531b094f2fed5d041f2955b4e589aea54

java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 8a3b189011f53df76e5d451cfbaaf27379cf1360b395e451d09870fde7cd9897

java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 92a8061579db418c6421a261b3af163972d6c1c5c46acd38ffcfae5f37e248ff

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 8522c8d4e48852a60e4ce538781f1e87125401e5b5d4fbb4da741ecca64a7850

java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 260977593723ea92f8a7214c94d65c82555f2023a063cbdf5182a75f87278a29

java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: a460dee679803e9eb56b40c95cc695f10b16a7c4ffb0fead99ff26e0ebc615a9

java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 8f733f56c92af0600b3d8de67a13a4e6922542c452245601ac441a931d82f7bf

java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 326e90c86aa7b8ab97ec331fb7ea2211b1a2490ef6ca45828088e5979af3edca

java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 86056c206a83af0387ea340eb492a09571a7e4270d79a8c472e8d46f5d2fb182

java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 96eedcca69ffe7e9522bef086a91106ae3e1c3ac1747b86422aa79616c199aa1

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 65634730ed99504779458ecd5716129f63e3460cc01db0fbb4f12ac5b38b50fd

java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 9006e2ac70c8082aa5aa76c59057b7e07ffdf5fab49e5ea4bebe8c125097df94

java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: ee887f96fe665f1f46f2faceaaae0ee4f999bbf54ff11f443331743dd8a3272d

java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 9c55f4c43a130d7bb3cab647cc677f7626f3d8b0f615f0e515e436edccbb5c6b

java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 6b088460bd889c971b45d38bcab3b13ce3ee5fcda543dc5de01e2185a4028acb

java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: d9202bcd289ad028362d4b6f69a08672379cd600b3cb1d000e50c9bd6e330673

java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: c9a0245df209940474af5c76c7464d69b0b9fff90785e658477bc8054ffcc817

java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: f9e691e6f2ca75b5dacd2ee465da4a405df4b148898161cee4a18ee5eb522734

java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 38bbd58d372abfe955ede57d51948de7b2d7910299515fa2f044f908eb1cc970

java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: d0b6c3f080888a7cd51a1adb69b0794442e0af240c36c694020f6fa91405de07

java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: 7ad13189ccbb87e5f3c78d9ce419e80bb97d2a66963d17d699a9ce13863bf38f

java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: fea03eb5a74d947de83a018bc492d7bb860e9d55a75714d20335f832a93bbc06

java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm

SHA-256: ef99d38d1bee0be069d9a42669a6a4161e36cdabbf9226dc4678bf8623bfad84

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM

aarch64

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 0f500d27fcabf83e6c6c96d1545c4c27d866d9aaceff66b235a8eef28f9e6899

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: db07195d6593a87f083a8083bd9782727d16702f952880d30bc4b33ec8a7ba31

java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: a30ef128e3f428a102a7cd5c43ba88c69cf6d9c927faa8dbdf9e462a583f892f

java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 887f207d13c26ad129a788cacf3a64eee231275bf324f39fa43ae1ed40d8dea2

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: f75a8173575cca18dd9d7a432a01e248107f76ee40a5cf668f1b66bd358f599c

java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 7c8a7b090457e811dba0746e1b9ae61efda8ac8795dcac8c2001c26c111ecaa3

java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 1a3a6ce3782f452b716e87ce2a0f00ced953d8e56ae1570ee683dd98c9feae33

java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: a6c37af1e71261dd7b69d706aa324491c4725b38a2d0da98f6334cb6cd683d6c

java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 080bda0665bc171b7efdf6c61433f9e2016e2b6d1698892fed4f8f3eb980f224

java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 8f233333b47416eda57a345451073f0babe19cec70f18fd386f0c0f7df6f575d

java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: defc9dcc838d7a0b89c12657a41010c04bb38eeb8c8033d93998aedab88ba299

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 21d4c964a0a5e0d5efb3f06466d9dee4310fb7d11a41ecaaf4a89fccfefdf409

java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 7f9a1864702beca7d8315db054a570394a907a224c095288d11ca9b5884fad71

java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: d00f3954ac1eabd2b8ae1b336dda0204dff00b5161762a0a4e6c7565e74235f8

java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 4302dd8fd0f1e62f9314192c64439ae1a853ebf9bb0774e600a28bdc3ede52c2

java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: f3a1a1955c8b3ac3f49460a1544a53490a5740236f709e1f80c76856707f2370

java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: d3aa508421b434a0a6f87a9024014c7a393bda238e870c1cc88117dd3b892be7

java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: dd1f8b8196020bccd2af9a570832bf99553560a1a6ae256d72e1c6c536bb6948

java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 7771cfcaad0adde07e6c8d8acf84cc4f59731c08ad5884b5cbaf6ac38f33f170

java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: aa883833ca143e94f67446c394379e95cb20e7ff0760586f870b70172cdf9e0f

java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 94f84a1dd093dc5e5ac090caae1e22a7705abeb1625b4dc2bffa10b600cad064

java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 3703734a19a355fe934016c7baef06983448b5ebd696f5b8b976ab64b48b6b3e

java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 601b71f304b1964070592e6f622822474e97a96b8de96c150652bdaa1c47ccf4

java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm

SHA-256: 0989399932c89a7a8d31d9335227048b93dede69f5bbf53b3a38a804dfe84567

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM

s390x

java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: eb8f0258c7a02171721b697bb4690c875d8373d53f84529b8a2441ee7252c0c9

java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 3eca5e8fbb6698332d0138f6d442e5679762317fd8174bd9a57656d0150a9bef

java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 5879db3940a8f4834947e18410a0e3917c405a05e2330acf67f6067569c8d841

java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: bc833a224b8077699d497c60fbc4c712eae9ee100f55893ce8e5fa195874117b

java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: ecfeb3b61c27102e4dcb31a2339cf79246fd1678a527e18182852dad18ead660

java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: c3d9da748497ec72df209e8643921d4b311089be53e6784b95df91a50d2f4299

java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 85be75fe9ec3cd2d57205c8dd8d17c7becc0c048a914f9dce3cd020e24fe95c7

java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: f69b9d23937af768a4a6f2ebf5f160f71888c15eb945579e9a4d16fe8c7ec6bc

java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: eb0fc8f34972fa7484539f84fdc53a64052f000dd02a10892411789d538373a9

java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 5056622f770701ded7fcd53f7add83f6defe588e3d0bf35f8e4f68f32b6792fb

java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: d366f5dea50721bcf279f68ee3427470324eeeac219740e9166f65e3c373fb8e

java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: c6ff440187e666693092922f6f9e17b4bf30ff70e02eba54b2bd106f9e54661f

java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: 1a92f05375d042ec0100ed3203c7019e1a8321cbddd25e34b873efeedad07c15

java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm

SHA-256: f6b1390222fc5ce57bfa77bc35a75a9e515b5381521a3f17304e4e07b7a7293d

Related news

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

RHSA-2023:3136: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated...

RHSA-2023:1286: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...

Red Hat Security Advisory 2023-1047-01

Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.

RHSA-2023:0934: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...

Red Hat Security Advisory 2023-0709-01

Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.

Red Hat Security Advisory 2023-0210-01

Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

RHSA-2023:0208: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0237-01

Red Hat Security Advisory 2023-0237-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-0203-01

Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

RHSA-2023:0389: Red Hat Security Advisory: OpenJDK 17.0.6 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0353: Red Hat Security Advisory: OpenJDK 11.0.18 Security Update for Windows Builds

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0206: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0205: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0195-01

Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0195-01

Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

RHSA-2023:0195: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0202-01

Red Hat Security Advisory 2023-0202-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0198-01

Red Hat Security Advisory 2023-0198-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0199-01

Red Hat Security Advisory 2023-0199-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0196-01

Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0192-01

Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0200-01

Red Hat Security Advisory 2023-0200-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0197-01

Red Hat Security Advisory 2023-0197-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0191-01

Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0191-01

Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

RHSA-2023:0190: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0198: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0200: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0196: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0196: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0201: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0202: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

CVE-2023-21850: Oracle Critical Patch Update Advisory - January 2023

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).