Headline
RHSA-2023:0194: Red Hat Security Advisory: java-17-openjdk security and bug fix update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
- CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Synopsis
Moderate: java-17-openjdk security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
Security Fix(es):
- OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147476)
- Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [rhel-9] (BZ#2153097)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2147476 - Extend the support for NSS DBs (PKCS11) in FIPS mode [rhel-9, openjdk-17] [rhel-9.1.0.z]
- BZ - 2153097 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [rhel-9] [rhel-9.1.0.z]
- BZ - 2160421 - CVE-2023-21835 OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411)
- BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Enterprise Linux for x86_64 9
SRPM
java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm
SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511
x86_64
java-17-openjdk-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 5282cf0b80ac07ba7f2ceb219b36750ba30871aeca6db92badba4502fd25f480
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 812da7f95da6767408261d7a9975a15e40b81df7f36d23959ed5088d52594695
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: cfbe7e00758e87c5b2c12c062cbad3e103696d510f07e59a1a51461eb47feeec
java-17-openjdk-demo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: abf7c183d14dcca3c152ee41fcf2f4628b0647fc9aa7e64d30912943ff56b82e
java-17-openjdk-devel-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 122ec1ece77b51c995f775226339d405c2e684bb81d38866fd14b8b7c795bb00
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 81faac50ec04ee605a53152a6cd1deb54bbbd4a58574b79382d2716f19876e89
java-17-openjdk-headless-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: a2e1ab06c824843be21d1b2d9fd7a35e40a76794c1262f4dbbaa7d667588c375
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 796fbfffa646061725eb84c96196c3fe52e29e683afde1fc63f20cdb7f115601
java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 92c1f63e1815ea3e992d21f01ebf25ac993df4b18920b92e8dc037be68db123a
java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 7b5961ccb0d08b4dc18a2a2f7fdfd1d4eeab21f7228739b4c0d10aa14340ae05
java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 3cedb9dc986b74229f0c0968d4a9df45365ccf505be0a98b38b24be8131594c1
java-17-openjdk-src-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 1434cc9e10cc9540c82731aff329b5453d2f71a1efac0deffb8903d94734c00f
java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: d8831131937ac7adc2abedaea62c9a69ea2b4d56eff37df8e690c28c10f2779c
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm
SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511
s390x
java-17-openjdk-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: ef37592af9e2caa6bcc96ebc674badfc03c39472c0808b9fa451b5807a1359b5
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: eb8f0258c7a02171721b697bb4690c875d8373d53f84529b8a2441ee7252c0c9
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 3eca5e8fbb6698332d0138f6d442e5679762317fd8174bd9a57656d0150a9bef
java-17-openjdk-demo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: f31a587229abad78b930ae8964dd09e13cc64d9a42486aaf3527787c2029b451
java-17-openjdk-devel-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 65ac3a34e30d1b2eb73b2f8d224967118d41299afa0b1c184023fb634c04843c
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: bc833a224b8077699d497c60fbc4c712eae9ee100f55893ce8e5fa195874117b
java-17-openjdk-headless-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: dc5baac60dca894471afd0f32f9f76bda1418af8070699e6671900d1d5e19a7b
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 85be75fe9ec3cd2d57205c8dd8d17c7becc0c048a914f9dce3cd020e24fe95c7
java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: bcd761d1e4027122db4a0583fd1669689f44819dab175d28907ae57e2b865836
java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 6d069696eeee9f0a4db6c10f3e1dbbf2fa32e24300f7acdc121dbbe281921413
java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 2ff5b6c606c4cd28cfa4316930212b03374114cbca1c205e8935642a09e3732c
java-17-openjdk-src-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 852b98337360bfdb10f00aa14f527bf97a33ef6e1a6c3b6a1abb7d9af5640505
java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 810e8890208354e511b31898ae5e88c0b5dfe9b7e68d6537dae8c14bf472d90a
Red Hat Enterprise Linux for Power, little endian 9
SRPM
java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm
SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511
ppc64le
java-17-openjdk-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: a943dc10384f520743da3b442a2e45dd4f125b4fd4196ebc51c7a01f21abebd4
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 3af016257192e6ee90f6385a2ddd130a5d639279fa32b3c6aa1c458d726a5c11
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: f4f79fed6ba352f543fbff32ed36bae531b094f2fed5d041f2955b4e589aea54
java-17-openjdk-demo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: c606c64fc57b4dd010d7dcff7fd304fcde0855bf4b139126b7b5e5da58cbe806
java-17-openjdk-devel-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 81b61512da478a31f45b0484d23b2772379718873b5e46ca0d27cb59bdfe30a7
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 8522c8d4e48852a60e4ce538781f1e87125401e5b5d4fbb4da741ecca64a7850
java-17-openjdk-headless-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 1ccb324f145a46e0a2a32542124325ab06cd0e0a57f6b1a47b25e53ecb8c51ee
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 65634730ed99504779458ecd5716129f63e3460cc01db0fbb4f12ac5b38b50fd
java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 236f8599cc6eabaacb804610b479b0a4b8b58f75a33ce205519ce59cd0b6fcb0
java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 9bc5b8a9b3008aac9b49daec7848bdfe97575952881f2b1ffdf9c6abf4ab08b4
java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 4fe718fde47562a37187e305de0e441feff59407b4a1d7b46da80a91223b1176
java-17-openjdk-src-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: d42875cd6fd6a6527eaa60e03e61910569ccd79531ee2082942c60657677c1a5
java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: a77c96ffd389474ae08833abe6bb336ede8748480da0c91c2448227121f26d19
Red Hat Enterprise Linux for ARM 64 9
SRPM
java-17-openjdk-17.0.6.0.10-3.el9_1.src.rpm
SHA-256: c7d14a5c6c8347866cc83e3926ad63db4219c01f080754222289c5acddfc2511
aarch64
java-17-openjdk-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 0af32b008ba79f8c4995d41ef7f5c0ac187b22761a699521f2a5dbbbd6c162fb
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 0f500d27fcabf83e6c6c96d1545c4c27d866d9aaceff66b235a8eef28f9e6899
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: db07195d6593a87f083a8083bd9782727d16702f952880d30bc4b33ec8a7ba31
java-17-openjdk-demo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 3c180d7f0ac75d4058321a6e96ccc419230313c6b83f406b39a0887e6d3697fb
java-17-openjdk-devel-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 7c741c3b9f889193e470a78abe9f8e9b28a3fd7c73399be64178c0cf277a4b73
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: f75a8173575cca18dd9d7a432a01e248107f76ee40a5cf668f1b66bd358f599c
java-17-openjdk-headless-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 3f18264d514ed622ed2326ee87f852bcc2d132c3118836fdafd29fec7c88693b
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 21d4c964a0a5e0d5efb3f06466d9dee4310fb7d11a41ecaaf4a89fccfefdf409
java-17-openjdk-javadoc-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 797470f1e22adf7c2b0337275ba0ba16591de597cbf62cbc35d2a23b3f12bf9e
java-17-openjdk-javadoc-zip-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 34ea925aded28897a6e022d3bf1a5d074a6f42cbb99de5a5bc342a55a4688b68
java-17-openjdk-jmods-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 8ea00578d7742b155bfd3aaa30fb941d801d8b2dc6c017a8a711a5f354c0d945
java-17-openjdk-src-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: ad92c5e99dec52eb6d4c2714ae9c026a0bf5fc829669694e8898d174d5c3964c
java-17-openjdk-static-libs-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: aa26dfdf5654f225aa554166b6efa922861e3ac9c61bc5efc07baed8e62f7c10
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 812da7f95da6767408261d7a9975a15e40b81df7f36d23959ed5088d52594695
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: cfbe7e00758e87c5b2c12c062cbad3e103696d510f07e59a1a51461eb47feeec
java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 7e1106a5643e66ce82781f5b1c64e0ba4a92fb8d9426edb6a47478be9d1bd438
java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: e799e00cf921583afb4bcb7fd74cb982d37d0c1ed882193ac401dddcbc20f6cc
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 81faac50ec04ee605a53152a6cd1deb54bbbd4a58574b79382d2716f19876e89
java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 871dccf7bba4be0b0cb9733bf7200cb95e2a000489a38866c5aeb6f4e9757c31
java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 8d1d778bcd0eeb0b7a6125b074e437b9d4a5caa06fd9c08dd07ca2587dabb0eb
java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: a2ec855c01c1e2b42c813743ccf07226c9f94b252875a28e90348aa0c5b8be29
java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: caf332194e634d88e0bf5972fbea00f951bf94a0bacf5aa7d5ebb4c7d51ee883
java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: f56a0315aa0ed4edf8796de42260219656516be19703f9711d95e7641c4d9600
java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 842f65cab8945e9dd05858f0096cf8cbde08c4c67b4726f95332985920a7f0be
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 796fbfffa646061725eb84c96196c3fe52e29e683afde1fc63f20cdb7f115601
java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: d176c35bff41194794df2baa4924d850272b216a6d2cd1ddeb3408fe2d2b480c
java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: c4773279ca629474721a4cd1b3dc3eb144e384f5d37f075c3b861a1844e23331
java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 26566019e5a49741ee5298bb8bc4aba388b2e8efacdf13226cf25bfacf1dc0a7
java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: f394e695f27e5a0c63c00a8d81bf666e05fad1762f88001ed0e7a73e3819de23
java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 1c5b26dda8067ef946ef9666df083ad864a32fb2859243f5b1ce125076e6d2d6
java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 7727409d61906b11aa11c2eaf89d3f36df73b3805ee3b448774d37adb46d7f6e
java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 3383beb953d628fbede70d04058e7cdbbd5853fa583b6944ccba23e242d3cd52
java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 551f6a113f04fe75c367ed7ae7d8b5a7b8f622bcedee4889a42f9a3f4531723f
java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 07b0998e2b5ccd924706d3ca50f25f8ba307e64eddda93afe78adfa70b80f9a0
java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 119d297cc59ffa6d9209b434426549d1d5e5b9a59dbcac53c5c0f33d5ed3d10c
java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: 539a94913d9b06d574cd4849c87e9720aa9ec76eaa649c54d25b858c5bd118b7
java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm
SHA-256: e119d6209fbe77f81ead4a4b0a3bf4a96fd023e90feed597aa72899becc42a84
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 3af016257192e6ee90f6385a2ddd130a5d639279fa32b3c6aa1c458d726a5c11
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: f4f79fed6ba352f543fbff32ed36bae531b094f2fed5d041f2955b4e589aea54
java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 8a3b189011f53df76e5d451cfbaaf27379cf1360b395e451d09870fde7cd9897
java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 92a8061579db418c6421a261b3af163972d6c1c5c46acd38ffcfae5f37e248ff
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 8522c8d4e48852a60e4ce538781f1e87125401e5b5d4fbb4da741ecca64a7850
java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 260977593723ea92f8a7214c94d65c82555f2023a063cbdf5182a75f87278a29
java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: a460dee679803e9eb56b40c95cc695f10b16a7c4ffb0fead99ff26e0ebc615a9
java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 8f733f56c92af0600b3d8de67a13a4e6922542c452245601ac441a931d82f7bf
java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 326e90c86aa7b8ab97ec331fb7ea2211b1a2490ef6ca45828088e5979af3edca
java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 86056c206a83af0387ea340eb492a09571a7e4270d79a8c472e8d46f5d2fb182
java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 96eedcca69ffe7e9522bef086a91106ae3e1c3ac1747b86422aa79616c199aa1
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 65634730ed99504779458ecd5716129f63e3460cc01db0fbb4f12ac5b38b50fd
java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 9006e2ac70c8082aa5aa76c59057b7e07ffdf5fab49e5ea4bebe8c125097df94
java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: ee887f96fe665f1f46f2faceaaae0ee4f999bbf54ff11f443331743dd8a3272d
java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 9c55f4c43a130d7bb3cab647cc677f7626f3d8b0f615f0e515e436edccbb5c6b
java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 6b088460bd889c971b45d38bcab3b13ce3ee5fcda543dc5de01e2185a4028acb
java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: d9202bcd289ad028362d4b6f69a08672379cd600b3cb1d000e50c9bd6e330673
java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: c9a0245df209940474af5c76c7464d69b0b9fff90785e658477bc8054ffcc817
java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: f9e691e6f2ca75b5dacd2ee465da4a405df4b148898161cee4a18ee5eb522734
java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 38bbd58d372abfe955ede57d51948de7b2d7910299515fa2f044f908eb1cc970
java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: d0b6c3f080888a7cd51a1adb69b0794442e0af240c36c694020f6fa91405de07
java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: 7ad13189ccbb87e5f3c78d9ce419e80bb97d2a66963d17d699a9ce13863bf38f
java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: fea03eb5a74d947de83a018bc492d7bb860e9d55a75714d20335f832a93bbc06
java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.ppc64le.rpm
SHA-256: ef99d38d1bee0be069d9a42669a6a4161e36cdabbf9226dc4678bf8623bfad84
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 0f500d27fcabf83e6c6c96d1545c4c27d866d9aaceff66b235a8eef28f9e6899
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: db07195d6593a87f083a8083bd9782727d16702f952880d30bc4b33ec8a7ba31
java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: a30ef128e3f428a102a7cd5c43ba88c69cf6d9c927faa8dbdf9e462a583f892f
java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 887f207d13c26ad129a788cacf3a64eee231275bf324f39fa43ae1ed40d8dea2
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: f75a8173575cca18dd9d7a432a01e248107f76ee40a5cf668f1b66bd358f599c
java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 7c8a7b090457e811dba0746e1b9ae61efda8ac8795dcac8c2001c26c111ecaa3
java-17-openjdk-devel-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 1a3a6ce3782f452b716e87ce2a0f00ced953d8e56ae1570ee683dd98c9feae33
java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: a6c37af1e71261dd7b69d706aa324491c4725b38a2d0da98f6334cb6cd683d6c
java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 080bda0665bc171b7efdf6c61433f9e2016e2b6d1698892fed4f8f3eb980f224
java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 8f233333b47416eda57a345451073f0babe19cec70f18fd386f0c0f7df6f575d
java-17-openjdk-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: defc9dcc838d7a0b89c12657a41010c04bb38eeb8c8033d93998aedab88ba299
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 21d4c964a0a5e0d5efb3f06466d9dee4310fb7d11a41ecaaf4a89fccfefdf409
java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 7f9a1864702beca7d8315db054a570394a907a224c095288d11ca9b5884fad71
java-17-openjdk-headless-fastdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: d00f3954ac1eabd2b8ae1b336dda0204dff00b5161762a0a4e6c7565e74235f8
java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 4302dd8fd0f1e62f9314192c64439ae1a853ebf9bb0774e600a28bdc3ede52c2
java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: f3a1a1955c8b3ac3f49460a1544a53490a5740236f709e1f80c76856707f2370
java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: d3aa508421b434a0a6f87a9024014c7a393bda238e870c1cc88117dd3b892be7
java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: dd1f8b8196020bccd2af9a570832bf99553560a1a6ae256d72e1c6c536bb6948
java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 7771cfcaad0adde07e6c8d8acf84cc4f59731c08ad5884b5cbaf6ac38f33f170
java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: aa883833ca143e94f67446c394379e95cb20e7ff0760586f870b70172cdf9e0f
java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 94f84a1dd093dc5e5ac090caae1e22a7705abeb1625b4dc2bffa10b600cad064
java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 3703734a19a355fe934016c7baef06983448b5ebd696f5b8b976ab64b48b6b3e
java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 601b71f304b1964070592e6f622822474e97a96b8de96c150652bdaa1c47ccf4
java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.aarch64.rpm
SHA-256: 0989399932c89a7a8d31d9335227048b93dede69f5bbf53b3a38a804dfe84567
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
java-17-openjdk-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: eb8f0258c7a02171721b697bb4690c875d8373d53f84529b8a2441ee7252c0c9
java-17-openjdk-debugsource-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 3eca5e8fbb6698332d0138f6d442e5679762317fd8174bd9a57656d0150a9bef
java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 5879db3940a8f4834947e18410a0e3917c405a05e2330acf67f6067569c8d841
java-17-openjdk-devel-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: bc833a224b8077699d497c60fbc4c712eae9ee100f55893ce8e5fa195874117b
java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: ecfeb3b61c27102e4dcb31a2339cf79246fd1678a527e18182852dad18ead660
java-17-openjdk-devel-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: c3d9da748497ec72df209e8643921d4b311089be53e6784b95df91a50d2f4299
java-17-openjdk-headless-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 85be75fe9ec3cd2d57205c8dd8d17c7becc0c048a914f9dce3cd020e24fe95c7
java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: f69b9d23937af768a4a6f2ebf5f160f71888c15eb945579e9a4d16fe8c7ec6bc
java-17-openjdk-headless-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: eb0fc8f34972fa7484539f84fdc53a64052f000dd02a10892411789d538373a9
java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 5056622f770701ded7fcd53f7add83f6defe588e3d0bf35f8e4f68f32b6792fb
java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: d366f5dea50721bcf279f68ee3427470324eeeac219740e9166f65e3c373fb8e
java-17-openjdk-slowdebug-debuginfo-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: c6ff440187e666693092922f6f9e17b4bf30ff70e02eba54b2bd106f9e54661f
java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: 1a92f05375d042ec0100ed3203c7019e1a8321cbddd25e34b873efeedad07c15
java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.s390x.rpm
SHA-256: f6b1390222fc5ce57bfa77bc35a75a9e515b5381521a3f17304e4e07b7a7293d
Related news
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated...
Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...
Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.
Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0237-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0202-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0198-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0199-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0200-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0197-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).