Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0203: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
  • CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)
Red Hat Security Data
#vulnerability#linux#red_hat#java#ibm

Synopsis

Moderate: java-1.8.0-openjdk security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830)
  • OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2150191 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-7.9.z]
  • BZ - 2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
  • BZ - 2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)

Red Hat Enterprise Linux Server 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

x86_64

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a

Red Hat Enterprise Linux Workstation 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

x86_64

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a

Red Hat Enterprise Linux Desktop 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

x86_64

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

s390x

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: 439f27eb4acb233ea432a887a0b2ae41ed1859429d3379fa0b2874295b3b7ee5

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: 0c232fd2a2921479f0b8c5da282e21a4153844fa17dd6c92cb2cffc6b7ddb48c

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: f954848d832437b1fe052725800258b3aaed7101fdbc22a6f133a0fd2a7a5930

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: f954848d832437b1fe052725800258b3aaed7101fdbc22a6f133a0fd2a7a5930

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: 6c2501cfde23dd89f2dab5f532d9e44c67391ed53d8bd1c84d0c795dd59144c0

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: 2fdc32fc94516ba31d52bc4e25dd9bf1b385880311964e322ff4f6217e45a111

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: 7ab6bfd875ead7e56665d02f838e9354cc9db9407077fbd943fae303293b005c

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.s390x.rpm

SHA-256: c9ea24413804a51659c509caae783b28d5b4bd28aef3818b4718398c05fa599f

Red Hat Enterprise Linux for Power, big endian 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

ppc64

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 862bd58c5319cf444dcac305f100ce1ce0e1b488e9c25ebc57c5a80f292e55c7

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 6fc70ec95ae3a4d395e93a46d05aee2dce3b9786b450eef056e5a9cc365f81eb

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: cb3a4fc1dc8235de75d576cc195b49d764880ff169723d6363e6d148f290b5a1

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: cb3a4fc1dc8235de75d576cc195b49d764880ff169723d6363e6d148f290b5a1

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 51862e8d3637eeb59184d4930b75e1f0bb11a737f9ebebe193b6d92c0527b9b4

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 56436f99f31f9487dc57b53bfaa1568f5ee7d3cfb2c150792f637d12e727bae8

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 5b4e3310ad649cd7fe8f272c754bdd8da08ecd6ebfe59b7be2edfb039d06edde

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64.rpm

SHA-256: 6b4a595df2c868169c17ec47d7016b0e273299a0c69cb338e4f2adca03899593

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

x86_64

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 5ad93be5e54ea2e6161b51bb8d98d4d94260d311051170ecc167e02bc4519f2f

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 894cf3d452ff0eff0108170b406b93dca1646efbe06b4fc877e26a5b440855d7

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 837dd5b7d0fa8481ee8a74ccf617bccecc0a5970b3f423728347b8dd4661c3fb

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: e5e106d5326443b2089e289e34c2ba0e730cc86c6d7d76d9a29c77c26c021679

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 2e33e6d7270fdef65ade2da44f1673b8ae167ca2172a0398a018420b51dd4419

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 66dbd95c945d313717798758c97d3d9b646673652d6bb3a92b51cdf2547d1ef6

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 95d0c3744fc67760d56a49d35ccb765c5d97e4f600b47b2758f5063b0d4a4e9b

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 38ba1620d1d381504708829514504baafd17c0f2ff639ea86392f410eda34359

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: b39233eef205143dc87c30f7ca89cbe6067f726510d31ab5cf8defc811059d78

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5065b311afdb5400f3f7f54f13b7297f37507d500a30e150c9dc96667ce344b4

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: c8d8ba916b3adaf43e19e53d434e311495259071d1c0ee73fc7e02a2f4b2538d

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 42ea287417672478435ba3fe8598b324106fb7c23ef2321b129ca603b4a0bb1e

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm

SHA-256: 844f58d2c1c8fc74a22e83e89db7cef0c9ad28fa9c9d59511e0d2c9f26418c9a

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm

SHA-256: 5893cb3c92cbccdddf5156181fdf2c192052cef07fea96054afa9dfe7373c20a

Red Hat Enterprise Linux for Power, little endian 7

SRPM

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.src.rpm

SHA-256: 5051ce7d1f9edae8afb7a3fc348ae4afbcb072a70ec4d754e475e24af25bc483

ppc64le

java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 3037189903c3dd715ced0830d152bcf85eaa5fa029409a276da547d381dcca07

java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 4391feaafe4addb314bc3f154e599deedf221405509a752cb01b7d8af97d23c3

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 79d11b23af46a84a90ba91db67417d3826f28157eba538a3d82a88c02e935709

java-1.8.0-openjdk-debuginfo-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 79d11b23af46a84a90ba91db67417d3826f28157eba538a3d82a88c02e935709

java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 733f55f713bd1558050374e0167a80bd4756aa13ea48b39d244b654a15cd504f

java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: a65a07ecab48abb5575debe33b282366ae1ca01e50203f764a79e120a47d5f52

java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 4a2648ac65e08dbdf9de3a0dcb6fb31aa272e09b1c27b780137f77b3a6b2437a

java-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 951ce7052e8088d55e82339d8071cd1cf73099c5c4a64751676b6eed92fd1912

java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm

SHA-256: 8438f2e15d04540e40f19def396e0c7ec9ea2f8e67e0260680a9993798de369b

java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.ppc64le.rpm

SHA-256: 4b4ea43b4359c67717a5e179ec419c61a430ade77e074b5a515a0f6c14fbf00d

Related news

Gentoo Linux Security Advisory 202401-25

Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

CVE-2022-43909: IBM Security Guardium is affected by multiple vulnerabilities

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Red Hat Security Advisory 2023-3136-01

Red Hat Security Advisory 2023-3136-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8. Issues addressed include a deserialization vulnerability.

RHSA-2023:3136: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated...

Red Hat Security Advisory 2023-1047-01

Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.

RHSA-2023:0632: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

An update is now available for the Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30123: A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal. * CVE-2022-41717: A flaw was f...

Red Hat Security Advisory 2023-0208-01

Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2023-0210-01

Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

RHSA-2023:0208: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0210: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0203-01

Red Hat Security Advisory 2023-0203-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2023-0387-01

Red Hat Security Advisory 2023-0387-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2023-0354-01

Red Hat Security Advisory 2023-0354-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a deserialization vulnerability.

RHSA-2023:0389: Red Hat Security Advisory: OpenJDK 17.0.6 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0388: Red Hat Security Advisory: OpenJDK 11.0.18 Security Update for Portable Linux Builds

The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0354: Red Hat Security Advisory: OpenJDK 8u362 Windows Security Update

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0387: Red Hat Security Advisory: OpenJDK 8u362 Security Update for Portable Linux Builds

The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0207: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0209: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0206: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0205: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0204: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21830: OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0195-01

Red Hat Security Advisory 2023-0195-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

RHSA-2023:0195: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

Red Hat Security Advisory 2023-0190-01

Red Hat Security Advisory 2023-0190-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0196-01

Red Hat Security Advisory 2023-0196-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0192-01

Red Hat Security Advisory 2023-0192-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0191-01

Red Hat Security Advisory 2023-0191-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include a denial of service vulnerability.

RHSA-2023:0190: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)

RHSA-2023:0198: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21835: OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) * CVE-2023-21843: OpenJDK: soundbank URL remote loading (Sound, 8293742)