Headline
RHSA-2023:0203: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
- CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Synopsis
Moderate: java-1.8.0-openjdk security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
- OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830)
- OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2150191 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-7.9.z]
- BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
- BZ - 2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
Red Hat Enterprise Linux Server 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
x86_64
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a
Red Hat Enterprise Linux Workstation 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
x86_64
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a
Red Hat Enterprise Linux Desktop 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
x86_64
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
s390x
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: 439f27eb4acb233ea432a887a0b2ae41ed1859429d3379fa0b2874295b3b7ee5
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: 0c232fd2a2921479f0b8c5da282e21a4153844fa17dd6c92cb2cffc6b7ddb48c
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: f954848d832437b1fe052725800258b3aaed7101fdbc22a6f133a0fd2a7a5930
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: f954848d832437b1fe052725800258b3aaed7101fdbc22a6f133a0fd2a7a5930
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: 6c2501cfde23dd89f2dab5f532d9e44c67391ed53d8bd1c84d0c795dd59144c0
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: 2fdc32fc94516ba31d52bc4e25dd9bf1b385880311964e322ff4f6217e45a111
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: 7ab6bfd875ead7e56665d02f838e9354cc9db9407077fbd943fae303293b005c
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.s390x.rpm
SHA-256: c9ea24413804a51659c509caae783b28d5b4bd28aef3818b4718398c05fa599f
Red Hat Enterprise Linux for Power, big endian 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
ppc64
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 862bd58c5319cf444dcac305f100ce1ce0e1b488e9c25ebc57c5a80f292e55c7
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 6fc70ec95ae3a4d395e93a46d05aee2dce3b9786b450eef056e5a9cc365f81eb
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: cb3a4fc1dc8235de75d576cc195b49d764880ff169723d6363e6d148f290b5a1
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: cb3a4fc1dc8235de75d576cc195b49d764880ff169723d6363e6d148f290b5a1
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 51862e8d3637eeb59184d4930b75e1f0bb11a737f9ebebe193b6d92c0527b9b4
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 56436f99f31f9487dc57b53bfaa1568f5ee7d3cfb2c150792f637d12e727bae8
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 5b4e3310ad649cd7fe8f272c754bdd8da08ecd6ebfe59b7be2edfb039d06edde
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64.rpm
SHA-256: 6b4a595df2c868169c17ec47d7016b0e273299a0c69cb338e4f2adca03899593
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
x86_64
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm
SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm
SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a
Red Hat Enterprise Linux for Power, little endian 7
SRPM
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm
SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483
ppc64le
java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 3037189903c3dd715ced0830d152bcf85eaa5fa029409a276da547d381dcca07
java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 4391feaafe4addb314bc3f154e599deedf221405509a752cb01b7d8af97d23c3
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 79d11b23af46a84a90ba91db67417d3826f28157eba538a3d82a88c02e935709
java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 79d11b23af46a84a90ba91db67417d3826f28157eba538a3d82a88c02e935709
java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 733f55f713bd1558050374e0167a80bd4756aa13ea48b39d244b654a15cd504f
java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: a65a07ecab48abb5575debe33b282366ae1ca01e50203f764a79e120a47d5f52
java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 4a2648ac65e08dbdf9de3a0dcb6fb31aa272e09b1c27b780137f77b3a6b2437a
java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm
SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b
java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64le.rpm
SHA-256: 4b4ea43b4359c67717a5e179ec419c61a430ade77e074b5a515a0f6c14fbf00d
Related news
Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-3136-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8. Issues addressed include a deserialization vulnerability.
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated...
Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.
An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30123: A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. * CVE-2022-41717: A flaw was f...
Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
Red Hat Security Advisory 2023-0354-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Advisory 2023-0190-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)