Headline

RHSA-2023:1877: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVE-2023-21937: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
CVE-2023-21938: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
CVE-2023-21939: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
CVE-2023-21954: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2023-21967: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-21968: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
Red Hat CodeReady Workspaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2023-04-19

Updated:

2023-04-19

RHSA-2023:1877 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-11-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954)
OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

BZ - 2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)
BZ - 2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)
BZ - 2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
BZ - 2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)
BZ - 2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
BZ - 2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)
BZ - 2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

CVEs

CVE-2023-21930
CVE-2023-21937
CVE-2023-21938
CVE-2023-21939
CVE-2023-21954
CVE-2023-21967
CVE-2023-21968

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

java-11-openjdk-11.0.19.0.7-1.el8_2.src.rpm

SHA-256: 2af677aacddcc4381b2d423124d0d8290de3c48f84a8fa61f4a2f6fc76c895b0

x86_64

java-11-openjdk-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2bcbbd015fd8dd3583b3b6f2e1b38eb3a524b5610b504ad781b08d052167f455

java-11-openjdk-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: b371fba350d966f92c01726c508a162797392f097a83269e3a57e295d984d7f4

java-11-openjdk-debugsource-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: c2c43441fc19000ca38878a02261900508d4c3386d2e1256c4e7fd108d307505

java-11-openjdk-demo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 801eb01b854bd395fe26d83d39b3b57498e9fa5f19c48c9a9ece3745c0d2f79b

java-11-openjdk-devel-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2fddd23127046c5cce5364acf6d50838e19a0aba1875b03733fa24344d239c3c

java-11-openjdk-devel-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 599d0fc722c4cae99e4b1c82e04fbbcd12f57fe27eb2b29fa623c7825e189332

java-11-openjdk-devel-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ea3d488b75fa73bcb2346a4cc3b822ff6ed0ede31d55a3384cce9f02caf3cb26

java-11-openjdk-headless-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e4587adb1a2c4f7f8b5443c6bf7ab0283351c6276b83a9f3789ecd47f2c92cce

java-11-openjdk-headless-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 00cbef6d66224859e0b2f7000a0f1bc3a05c863735835ca4a147890e15684e3b

java-11-openjdk-headless-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 58196a4aa6b982683bbf96ac3504cded87fe1f9ffb74c998597bc30c854823cb

java-11-openjdk-javadoc-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: baeaabda5007797d16c24877ac3f00805b51920669c318e5c65880749c6ec5d5

java-11-openjdk-javadoc-zip-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 635895d31d6809d79bc5602b28d735cd2386c92edaef6a2fd7aac01f5b8a2b27

java-11-openjdk-jmods-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ddb5c3e3c5be7bb15e7d0dc187e8bcd8eeaa5bcb817c20b7c1158fc0d5794ec2

java-11-openjdk-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e6be92469690bb2401c73bd7970adfdc411a64661ec3e7c0bf58be60803bc0d3

java-11-openjdk-src-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: da9de06c48c6cdc9d7052c6e8a20b6522dc6f80754266717631d8a8a53646880

java-11-openjdk-static-libs-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 9c5fdf2c60eae508cca16bc489a004bee5f9eda9a14276a557db3ba24fd5b1c4

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

java-11-openjdk-11.0.19.0.7-1.el8_2.src.rpm

SHA-256: 2af677aacddcc4381b2d423124d0d8290de3c48f84a8fa61f4a2f6fc76c895b0

x86_64

java-11-openjdk-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2bcbbd015fd8dd3583b3b6f2e1b38eb3a524b5610b504ad781b08d052167f455

java-11-openjdk-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: b371fba350d966f92c01726c508a162797392f097a83269e3a57e295d984d7f4

java-11-openjdk-debugsource-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: c2c43441fc19000ca38878a02261900508d4c3386d2e1256c4e7fd108d307505

java-11-openjdk-demo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 801eb01b854bd395fe26d83d39b3b57498e9fa5f19c48c9a9ece3745c0d2f79b

java-11-openjdk-devel-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2fddd23127046c5cce5364acf6d50838e19a0aba1875b03733fa24344d239c3c

java-11-openjdk-devel-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 599d0fc722c4cae99e4b1c82e04fbbcd12f57fe27eb2b29fa623c7825e189332

java-11-openjdk-devel-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ea3d488b75fa73bcb2346a4cc3b822ff6ed0ede31d55a3384cce9f02caf3cb26

java-11-openjdk-headless-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e4587adb1a2c4f7f8b5443c6bf7ab0283351c6276b83a9f3789ecd47f2c92cce

java-11-openjdk-headless-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 00cbef6d66224859e0b2f7000a0f1bc3a05c863735835ca4a147890e15684e3b

java-11-openjdk-headless-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 58196a4aa6b982683bbf96ac3504cded87fe1f9ffb74c998597bc30c854823cb

java-11-openjdk-javadoc-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: baeaabda5007797d16c24877ac3f00805b51920669c318e5c65880749c6ec5d5

java-11-openjdk-javadoc-zip-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 635895d31d6809d79bc5602b28d735cd2386c92edaef6a2fd7aac01f5b8a2b27

java-11-openjdk-jmods-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ddb5c3e3c5be7bb15e7d0dc187e8bcd8eeaa5bcb817c20b7c1158fc0d5794ec2

java-11-openjdk-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e6be92469690bb2401c73bd7970adfdc411a64661ec3e7c0bf58be60803bc0d3

java-11-openjdk-src-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: da9de06c48c6cdc9d7052c6e8a20b6522dc6f80754266717631d8a8a53646880

java-11-openjdk-static-libs-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 9c5fdf2c60eae508cca16bc489a004bee5f9eda9a14276a557db3ba24fd5b1c4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

java-11-openjdk-11.0.19.0.7-1.el8_2.src.rpm

SHA-256: 2af677aacddcc4381b2d423124d0d8290de3c48f84a8fa61f4a2f6fc76c895b0

ppc64le

java-11-openjdk-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: c96ec78c98737e5c5dac47f00a3554a67eab6b041ceeec9fc954acbd3d6c141a

java-11-openjdk-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: c0501eec205ee00df135a593ec0027d349db1c8ea0decb3fb317ebad546b2a78

java-11-openjdk-debugsource-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 4dfbcdf93fcbb5ac79997e62de5ca1df402bf72b4fa270fdf732a4f013aa8120

java-11-openjdk-demo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 71ac9282a34f307d50a02fb3b22c52739c15d5286ce841474cf09255387f15cb

java-11-openjdk-devel-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 5784f860eab59aeb7bc259167703cbd82d659e8a90705297042122d374442e70

java-11-openjdk-devel-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 6ac9862d72ba4dc423dc0f55a4e10742b3e67d8eef800b6c55381683a0758f5c

java-11-openjdk-devel-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 8ae386cc3dbeef8d26ff74439b4fc6214249c1d395e6412b353df9f329adebf0

java-11-openjdk-headless-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 1560d2018f768ff07d0792578e4e3c92d09da92aecb44180db778f94f977b091

java-11-openjdk-headless-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 9faa0219df4232b7a95fecf75ec83f234e493ebe1accf8b67b2e8e1c3cc98550

java-11-openjdk-headless-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 722b1cc79e1916d50ec25989dfbcad1634989cd6de0d7f30e3a64508d8bd52fa

java-11-openjdk-javadoc-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 173544522d8d9fad77d89405c5172d020ce55a90f2acebd22e8f1fa144c54c43

java-11-openjdk-javadoc-zip-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: ccc97e005e5d17ee2328cafdef740d929ce5de99dcc7f18c0bbadb177c518f61

java-11-openjdk-jmods-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: 074e4508ccbd714e6ec941f75f0098a142979cdeebc2294e6d00795ed5f1ab8c

java-11-openjdk-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: fe565d305ee00db224913f56847f12f61c4579ec52cf1d3314e7e986ba48ce6d

java-11-openjdk-src-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: ea0d689aaef7b4466ac2345fded86970714d657461106e4ceca376663b6d06de

java-11-openjdk-static-libs-11.0.19.0.7-1.el8_2.ppc64le.rpm

SHA-256: a8c6bf7ee1c85555047eab4a12df4d8710f773ff58e3e93251147ad4e48b2367

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

java-11-openjdk-11.0.19.0.7-1.el8_2.src.rpm

SHA-256: 2af677aacddcc4381b2d423124d0d8290de3c48f84a8fa61f4a2f6fc76c895b0

x86_64

java-11-openjdk-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2bcbbd015fd8dd3583b3b6f2e1b38eb3a524b5610b504ad781b08d052167f455

java-11-openjdk-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: b371fba350d966f92c01726c508a162797392f097a83269e3a57e295d984d7f4

java-11-openjdk-debugsource-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: c2c43441fc19000ca38878a02261900508d4c3386d2e1256c4e7fd108d307505

java-11-openjdk-demo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 801eb01b854bd395fe26d83d39b3b57498e9fa5f19c48c9a9ece3745c0d2f79b

java-11-openjdk-devel-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 2fddd23127046c5cce5364acf6d50838e19a0aba1875b03733fa24344d239c3c

java-11-openjdk-devel-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 599d0fc722c4cae99e4b1c82e04fbbcd12f57fe27eb2b29fa623c7825e189332

java-11-openjdk-devel-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ea3d488b75fa73bcb2346a4cc3b822ff6ed0ede31d55a3384cce9f02caf3cb26

java-11-openjdk-headless-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e4587adb1a2c4f7f8b5443c6bf7ab0283351c6276b83a9f3789ecd47f2c92cce

java-11-openjdk-headless-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 00cbef6d66224859e0b2f7000a0f1bc3a05c863735835ca4a147890e15684e3b

java-11-openjdk-headless-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 58196a4aa6b982683bbf96ac3504cded87fe1f9ffb74c998597bc30c854823cb

java-11-openjdk-javadoc-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: baeaabda5007797d16c24877ac3f00805b51920669c318e5c65880749c6ec5d5

java-11-openjdk-javadoc-zip-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 635895d31d6809d79bc5602b28d735cd2386c92edaef6a2fd7aac01f5b8a2b27

java-11-openjdk-jmods-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: ddb5c3e3c5be7bb15e7d0dc187e8bcd8eeaa5bcb817c20b7c1158fc0d5794ec2

java-11-openjdk-slowdebug-debuginfo-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: e6be92469690bb2401c73bd7970adfdc411a64661ec3e7c0bf58be60803bc0d3

java-11-openjdk-src-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: da9de06c48c6cdc9d7052c6e8a20b6522dc6f80754266717631d8a8a53646880

java-11-openjdk-static-libs-11.0.19.0.7-1.el8_2.x86_64.rpm

SHA-256: 9c5fdf2c60eae508cca16bc489a004bee5f9eda9a14276a557db3ba24fd5b1c4

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthent...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #ibm #ssl

Debian Security Advisory 5430-1

Debian Linux Security Advisory 5430-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #debian #dos #js #java

Ubuntu Security Notice USN-6077-1

Ubuntu Security Notice 6077-1 - Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could possibly use this issue to insert, edit or obtain sensitive information.

1 year ago

Packet Storm

Open in Source

#vulnerability #apple #ubuntu #dos #java #ssl

RHSA-2023:2710: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 for OpenShift image security update

A new image is available for Red Hat Single Sign-On 7.6.3, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #android #linux #red_hat #dos #apache #java #perl #auth #ibm

Red Hat Security Advisory 2023-1884-01

Red Hat Security Advisory 2023-1884-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #java #ssl

Red Hat Security Advisory 2023-1891-01

Red Hat Security Advisory 2023-1891-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #java #ssl

Red Hat Security Advisory 2023-1892-01

Red Hat Security Advisory 2023-1892-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #java #ssl

Red Hat Security Advisory 2023-1890-01

Red Hat Security Advisory 2023-1890-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #js #java #sap #ssl

Red Hat Security Advisory 2023-1910-01

Red Hat Security Advisory 2023-1910-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #nodejs #js #java #sap #ssl

Red Hat Security Advisory 2023-1912-01

Red Hat Security Advisory 2023-1912-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

1 year ago

Packet Storm

Open in Source

#vulnerability #windows #red_hat #js #java #ssl

Red Hat Security Advisory 2023-1907-01

Red Hat Security Advisory 2023-1907-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #js #java #c++#ssl

Red Hat Security Advisory 2023-1905-01

Red Hat Security Advisory 2023-1905-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #java #sap #ssl

RHSA-2023:1910: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability ...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #sap #ssl

RHSA-2023:1908: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated att...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1909: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated att...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #sap #ssl

RHSA-2023:1905: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1911: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vuln...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1904: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated att...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

Red Hat Security Advisory 2023-1899-01

Red Hat Security Advisory 2023-1899-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #js #java #ssl

Red Hat Security Advisory 2023-1879-01

Red Hat Security Advisory 2023-1879-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #java #ssl

RHSA-2023:1898: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1895: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1884: Red Hat Security Advisory: OpenJDK 17.0.7 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ssl

RHSA-2023:1885: Red Hat Security Advisory: OpenJDK 17.0.7 Security Update for Windows Builds

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #windows #apple #red_hat #js #java #oracle #graalvm #auth #ssl

RHSA-2023:1883: Red Hat Security Advisory: OpenJDK 11.0.19 Security Update for Windows Builds

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #windows #apple #red_hat #js #java #oracle #graalvm #auth #ssl

RHSA-2023:1882: Red Hat Security Advisory: OpenJDK 11.0.19 Security Update for Portable Linux Builds

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnera...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #nodejs #js #java #oracle #kubernetes #aws #graalvm #auth #sap #ssl

RHSA-2023:1875: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #apple #linux #red_hat #js #java #oracle #graalvm #auth #ibm #ssl

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...