RHSA-2021:2784: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es):

• OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)
• OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341)
• OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-2341: OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
• CVE-2021-2369: OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967)
• CVE-2021-2388: OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066)