Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1879: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
  • CVE-2023-21937: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
  • CVE-2023-21938: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
  • CVE-2023-21939: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
  • CVE-2023-21954: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
  • CVE-2023-21967: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
  • CVE-2023-21968: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
Red Hat Security Data
#vulnerability#web#apple#linux#red_hat#js#java#oracle#graalvm#auth#ibm#ssl

Synopsis

Important: java-17-openjdk security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
  • OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
  • OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954)
  • OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
  • OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
  • OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
  • OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186804)
  • Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186811)
  • The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186807)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2186804 - Add missing attributes when registering services in FIPS mode [rhel-9, openjdk-17] [rhel-9.1.0.z]
  • BZ - 2186807 - C_GetInfo can throw an exception if called before initialization in some PKCS #11 tokens [rhel-9, openjdk-17] [rhel-9.1.0.z]
  • BZ - 2186811 - Enable XML Signature provider in FIPS mode [rhel-9, openjdk-17] [rhel-9.1.0.z]
  • BZ - 2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)
  • BZ - 2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)
  • BZ - 2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
  • BZ - 2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)
  • BZ - 2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
  • BZ - 2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)
  • BZ - 2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

CVEs

  • CVE-2023-21930
  • CVE-2023-21937
  • CVE-2023-21938
  • CVE-2023-21939
  • CVE-2023-21954
  • CVE-2023-21967
  • CVE-2023-21968

Red Hat Enterprise Linux for x86_64 9

SRPM

java-17-openjdk-17.0.7.0.7-1.el9_1.src.rpm

SHA-256: bf7f7c83e1672001b31459f2b624849cc221d19a1d8c80470e02337681221324

x86_64

java-17-openjdk-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 6ead12b9c654ba902ee25a735824ce6f3121d94ffcdebf0075d4104a265525c2

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 0afd36906b4d6e279c287d62feb2d165c55a163096589067c06a87eb407cc4db

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: d5d649c6ce3e5973c37e4fcf3217c836f5ef57afde8991bf1f46ddbabaa236b4

java-17-openjdk-demo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 2e63ae2d7a966aeef87f6a8f0b51c8b981100eb18fc9ce8a32df7aee528697d8

java-17-openjdk-devel-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 18e6bf6981606fb778e1ec9dde170d4f1e3d105ef630321829fab42a8f456d08

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: f52185fc44ca9a24088b44bd0cf32dc0f0bb745423b63085ff10aa338500bee8

java-17-openjdk-headless-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: a8e6996f7edc83e5d6e65e216bf117784ca7e78396a8c748da9140c0e2404676

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 3df5de58d73130b1937ede48290a6c11c83bdec8e280df75c6805ebf65654831

java-17-openjdk-javadoc-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: b5f949b2af78b01a65836d8676793f811bb3d1af765f4ede05c0a199f65c2d2a

java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 34e55b15a9dcea54a4e22c5664d6067794a70d1f9156eaa020882acf8cb76dbd

java-17-openjdk-jmods-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 370e8a369c56c30dfce824add6d21b69913cb3bf52a4b671c0da4aadac5a7931

java-17-openjdk-src-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 3073c776849a10099aed4c3134e9dc631dfe6210cc2c65b6c2eb081b1347de72

java-17-openjdk-static-libs-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: f3f44c80244f6e552dd01318cec562c1afe259ac26a1b27af523176338b4bd35

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

java-17-openjdk-17.0.7.0.7-1.el9_1.src.rpm

SHA-256: bf7f7c83e1672001b31459f2b624849cc221d19a1d8c80470e02337681221324

s390x

java-17-openjdk-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: d096fa2637e1f7236c12e0aa1a6fca5fb5515ccb9cf5af97bd5aa5709a241ce4

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 91faf26225eed43ed0aeea68f78fed067e404acaab5ee30f179595fe654f9b07

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 682b75ccba7d1050844c23ebfc332ba7aac7a6d91ea1be71c733418a675bdce2

java-17-openjdk-demo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 5102801387b030481134c794da2ad3b9f800a0ac7a5d2129bbea4279fda58d9b

java-17-openjdk-devel-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 2fa9443becf82f5637d06d8431e2e76d7fe41a7b896a4e7c7e755f9ea69e6a3f

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 9e56c9b9f37f2104c3479fa9ae2c62fb56097dffaec295bc8397e7bc65a4efd0

java-17-openjdk-headless-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 35cd6c5f56fcb57776db5c027134804cb57d5811cf98775a4b2f9ace0436f40d

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 62f4d6d2b3cf416fe689ca4bb322e85eae2c7ec811445fe27f7ddd051fd120a8

java-17-openjdk-javadoc-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 2d03ded8602a743b2cb34a96cd3b9ad239d244577a1f450d853e2dc6e4ddb92c

java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: c753999b996e4725bbf0273c41c145ce066e3057170068eefbd103be75978d12

java-17-openjdk-jmods-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 461ec4c72763a9cc9932fdc49a63126a8301d06e966c2ffb46c4e1d88017edaa

java-17-openjdk-src-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: befd6ad49329cd78c74b882ad6598c267cd8c79462412aaa5b3ce6b4c9410c8d

java-17-openjdk-static-libs-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: a2b182b9c76edecc6fbfab23c12a8a9bf0b946208eb064ebc49481d5ab94a37e

Red Hat Enterprise Linux for Power, little endian 9

SRPM

java-17-openjdk-17.0.7.0.7-1.el9_1.src.rpm

SHA-256: bf7f7c83e1672001b31459f2b624849cc221d19a1d8c80470e02337681221324

ppc64le

java-17-openjdk-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 8b9583bd02be62f4bed80ce05551e175dac137f0986fd05399dcedf601d56b16

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: d424b0333c03f1e773c49d2393cf0a6c64185c618ca4ced7d20753fc0edeaf00

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 8aa9165db13b6970643911f710778d1e4111c01605e659fc650298a92b3dc77f

java-17-openjdk-demo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: d39d2a2eeddfb89e7d38db0a6a2ad17b4ec81334b8348aa07875d01b6a8de258

java-17-openjdk-devel-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 39c1ed468c43310b205b4d3f9f1c9ff64c6aa99a06e8cc31889f8c9637a92798

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: e515551ec5ce46c4ea031f66dbb2343f0a58e2dad68c49c7e25b331b11122e77

java-17-openjdk-headless-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: de06513460cd8429c41f159808a1746db1224a54c4f001afbd5e627cdce93d3b

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 29499abf9977d1595829be770c3bea231905e00000770243c4c805b115104553

java-17-openjdk-javadoc-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: e9de03eeab48068148085594f6b03290e292f8373258864146b2132df5c6cd16

java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 7bb1fcf5fb51e93d71b9dc9c00ccca256e67735c9db8f64ffbf8981f9587633a

java-17-openjdk-jmods-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 3e24670e5d8d83b06cc5419bd7c80b3ba7ccb8df567f13f575c04d709651796f

java-17-openjdk-src-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: d1ad193833713231bda877cb6dcc7609a0ae46dd8c4133e72f6f8ad8ce0ab3f4

java-17-openjdk-static-libs-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 3d2d287127c18eb5570903e52b9805016e4cc1f3533af6847a8db98a700373c9

Red Hat Enterprise Linux for ARM 64 9

SRPM

java-17-openjdk-17.0.7.0.7-1.el9_1.src.rpm

SHA-256: bf7f7c83e1672001b31459f2b624849cc221d19a1d8c80470e02337681221324

aarch64

java-17-openjdk-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: cebdf63f7f6d0963b9d86690ff745060e789c6142e8ff4b19ead5dee678a0f19

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 963e907c7dd43dd4138c734e4e1b57374646440879002bfad3f3c2d0cd29ab88

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 8ef346b77045ae12f969852a1d0217939b72a28e34be286268720434b79cc794

java-17-openjdk-demo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: e7e4f4e20081e9a7325d8aaf36a4b5966f9efae64a694263ba2725785dde087f

java-17-openjdk-devel-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: bab7e7924beff299d34f46975cb7803c28a0b4dab1ab0256e9aa92ac9f4839db

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 97e4991c1755a5bb0c78ba3f463b6f8ec5f905d6393b6baceffd91f868c99408

java-17-openjdk-headless-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: dc0f720e8af786d564fb70318f82441c31952fb6ba39f5612ad69c13d5eeec9e

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: a7917592377acfa9d76112050d1e9cda406b5cb10523535fa0bac101a07f59da

java-17-openjdk-javadoc-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 1af47132a940fa73261036cbfdffd48d09105a1540ff2ac5960e0af682420dc0

java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 375a262a42cfc0db1f566c7361c89ea31022b177b23f0894725ab05270a0c064

java-17-openjdk-jmods-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 7cb0f626da6cf2aa2f3d82a5d8e1ee41a9efa1a4eda5a236e55688f5425c5ed3

java-17-openjdk-src-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: ff098500ff827bfc87e5d4135e60bfb2d69d7f8d11772273db7a0f7fb55c7aed

java-17-openjdk-static-libs-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 14bc397eaf11177e932dfe2ebefca7d7050b0abd6381a8a192bcc9291fd27d14

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 0afd36906b4d6e279c287d62feb2d165c55a163096589067c06a87eb407cc4db

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: d5d649c6ce3e5973c37e4fcf3217c836f5ef57afde8991bf1f46ddbabaa236b4

java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: d190c626fe84774a83519791646c7b3eee0c054c94c3095f0ce2e1638dab9fbf

java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 48aa27e37ec14e59b4a0525d2b45f40d4dad5c99577d6d508ea77266cd4de6ff

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: f52185fc44ca9a24088b44bd0cf32dc0f0bb745423b63085ff10aa338500bee8

java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: a2261447bc3afb44490c0326dd63a054382f6eaca188e593493524f956af2c8d

java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 7faa3405aefaa92a412116bc561f7e0f4613ed41e6d676f30ed99b7668dbafc6

java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 280e89c230492d3b464bc8f0f5af62b5266b669a2be6f73fdd64cd8e0a90620e

java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 4784e383d684e0e5dcc6e4acbb46b88182d8d30bd14c3d851da26e88beee0440

java-17-openjdk-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 9f432bc2aa3ac8fc0284cc4ac4960ccb1c7fd22cecba65a977492a0b002025f3

java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: d8dafe2cfb01e4c43ebbca25186de947d61bd6beab3b12c3b0c2c26aaa9491af

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 3df5de58d73130b1937ede48290a6c11c83bdec8e280df75c6805ebf65654831

java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 36d0056fb87424125882e8bdfed62755aa88ea93b8f77936a4d10902550d91c0

java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: df34ce14371545a50e4a059d2c1afc4b663982bb9c5dbe4037623a9560dd7d3b

java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: b8a276a8d4638112e224aeac98f46322f366ea8d823c3ba773ff3d0a0b4b9f96

java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 352428bd1e18deb4a68edfe61df016ca374533805f731786fa7c66088c794592

java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 675877b6b6c30a605df9d34f9b3baa20c412bd5086f6ea0f2b94b9af616c8d58

java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 5603c5180a4a927a04a46e36cd77dbfd5f0dabe2061b680a92059853ae75fa61

java-17-openjdk-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 3c12f0b614ade203ca0179534a7936e0c9114c583a11eacd5ccb7b84b28d8660

java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 34fcb45a1e475a5de3740e87e40c008c420a78ca27c264caf0d45707a5895b8e

java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: fd0ecfc3f11c352eb00bdaab9e2a21241350fe60eb02a435c1b1734c725c7a07

java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 27f459ba2887aed99c4abe85dd0db1593bf2d3e81f7cf92f4145ada141e98fc2

java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 6f21f62fcaa32c6e96200afe691e2132cc5ee4314324e77d81bffb3edf005fdc

java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm

SHA-256: 2fb31491c50cdb174f1710e3b5b022e0e767e912eb5d84a2a4cbb0b0835f2be2

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM

ppc64le

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: d424b0333c03f1e773c49d2393cf0a6c64185c618ca4ced7d20753fc0edeaf00

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 8aa9165db13b6970643911f710778d1e4111c01605e659fc650298a92b3dc77f

java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 3363216b76f5fb2678e15ad22e646f5fb671e09eca7f17d5dfa64cf2b2306bf4

java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 862da6a25c24f9dd29eb37c534af4ea608c3456c9335eb14657eaa000033fad8

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: e515551ec5ce46c4ea031f66dbb2343f0a58e2dad68c49c7e25b331b11122e77

java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: ef353c288d5246c1e069937767723cc8161b7a75953a216ee47319963c2888a2

java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: f230eeb6c903ff52a220218cb1734ccda9743e9950976713b14c8e1bddc5777c

java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 2a8b716834d04bad63cbacbf7a0aa2ae383aab00518c33204d85724f993338b7

java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: a36579b1f8b9155fa4d7f3f4de37e2ad31a2dbf1db2e5a197243032eba7d65af

java-17-openjdk-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: cd43b5fc00fd10a2cbfe4305b945dfd9839fc4fe91ee44966d3c63a696034cb7

java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 4a8e9832ded1fabd1cd4c223c9e71edefa10b7b672715b364481df73d275f097

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 29499abf9977d1595829be770c3bea231905e00000770243c4c805b115104553

java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 55a03b7bfbe90b8d27f48ddbe12ffa62c9caf5a142572f38967610b4cb68e48e

java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: fb01b0bd161773ad6b4c36eb5c3d06b10413045b5b4c8e07842614d5ad87ef9a

java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: b2005610d0fde66880573271c93f7d96ca058e4cd6802bd427adc7fc02649506

java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 09172682d9fb50ab0f2e28f2500f4133081efe0ab61c78fda8aeb1416bbd1e7e

java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 12680eaab481508421834b664404ced01c65bd4fabca2c18310788715bbfc0c2

java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 26c8e1c230bb30ec3424ecb9cdbbba1bfc2183ebb4927b8610ca554beb01d9c1

java-17-openjdk-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 343fb3c442c4496431e6f9162014bafbdf1bf03f86f8039494b194a34fec9f13

java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: bc78fe678d4c4c93232d1b14ed67f49d05b18e4c902ac6da9eabbe00af7f99f0

java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: e3fe68177e7adefb2ce2b751b612befbfc54aed61cd3729de94e50a804be868e

java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: c01621a85f0ce242871bae37ac4ea70d6dcca2b65a704bda906efa0b57288413

java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: 3a007140efb1a1e0df7c053f4e292b05b8083f9798c26dcf7c69e145e4f4f7d3

java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el9_1.ppc64le.rpm

SHA-256: befc07289ad1b51afcf555f827be7c145799618f5093da388dbca419262346a9

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM

aarch64

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 963e907c7dd43dd4138c734e4e1b57374646440879002bfad3f3c2d0cd29ab88

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 8ef346b77045ae12f969852a1d0217939b72a28e34be286268720434b79cc794

java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 007d407b0ea54ec568b3118d0093582120d298d4a58ffc37a36705c37fb5a5a4

java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 9343dd6c42fd72cd5e6790c72f4d8415ecba7e257a38379a2c51ebcf420002ac

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 97e4991c1755a5bb0c78ba3f463b6f8ec5f905d6393b6baceffd91f868c99408

java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 0bf9453cc7b06182064b90c96a7002a76c880201a8df11db343d83bfe54d70b7

java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: c2769e603b3065da856ddd6c27fd92d95fed1f6d29112694c7521100b83274a2

java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 1548f4151f2e27d18d875d97cabb591ce55d70781a498b645c1d4a944d0990cc

java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: d75bd9342a6a869321278d542e65c7c0e3bc029f6f13e1d4c5bddd96205a4c11

java-17-openjdk-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: c9f4a89f019324bb9b5bf4e9ce8fccc93b90267f229912041406b7878593c8e2

java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: bb9f14f5eb56a2c2f38117ceb62673e8e93806dc5f0aaf80b870d5da716d396d

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: a7917592377acfa9d76112050d1e9cda406b5cb10523535fa0bac101a07f59da

java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 7190fe4861f53620e25642fed44663c2a67af401c97cf0a92853ab0cbb05a20f

java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: ad2f7f25acdc32a04da3087450b58e33d4bfc893201bee73dcfa1386773394df

java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 7a851ce21131c58e554dc90e3800e0e30212fef269a39bb861b20be554852003

java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: eb167604d950fe9d2ce785a3bcfb1848f22b3d354ca9b74f30c545c45be5775a

java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: d4f166415ccb88389ccba04b3f9563c178f40efc9a8622d680b69c2e7f4b8842

java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 65f1e9ac754d3bee1c5ae90d57ddd474ddea3a161bde4edda420a905888b3d0c

java-17-openjdk-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 8b1f7b3da1e53747858aa4c2ab6166f31f449bd938a5c767410dd17aad51cc2a

java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: b96d3ee2edf22740ca3adf6f622f9ec5c2e02fb66d9ea41268f22706dcaba689

java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: d605b19b21aa77a294831bb3e695db363ac4485a94af4b8c9a3f3342b104c810

java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 119e16cb8683b2416c676ddbb898df34a4fea9748bf1e534b2c2bdbe7c15d811

java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: 79a753b2c9a4cabda297bb4070123e28b4d261316c3e3865346736155bbeaf3a

java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el9_1.aarch64.rpm

SHA-256: b212f59461bf2406d50af6cfdb7394a60554eafe91b265b3c1df3f660b8d1d07

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM

s390x

java-17-openjdk-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 91faf26225eed43ed0aeea68f78fed067e404acaab5ee30f179595fe654f9b07

java-17-openjdk-debugsource-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 682b75ccba7d1050844c23ebfc332ba7aac7a6d91ea1be71c733418a675bdce2

java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 59a399b3005277150da3bc17412b697de71167cd5a4dd757ebb9cffb33716ad9

java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 9e56c9b9f37f2104c3479fa9ae2c62fb56097dffaec295bc8397e7bc65a4efd0

java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 6e93efc0d2a7504f041270d5099d9ea81b5f5ef24dc7cd30ad4b859ee9ed164a

java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 27cb2ff13dc9529190cb2810b31924a7b606f7079006a195306b6f560cb56ba3

java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 62f4d6d2b3cf416fe689ca4bb322e85eae2c7ec811445fe27f7ddd051fd120a8

java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: f4ce7b978a4dbbf00e75c08f2f84f601da387d599254f40fa46327d9f16c1738

java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: bb9ae6ff8fa0146e723e7a557af9b6a5d05f925d83121b190fa0f9d3896cd4f8

java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 91b6c88469b0428c776567f56306d7141bfa8a24931177a24253030d07174e34

java-17-openjdk-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 546e2e8bde77c37846e31b01341a67cad4c56dc9f955e3a15ed9ba1312ed6807

java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: b361fcaed1a3f802ef5d8dce71c0422f49cb5dd5bd0cdd74bb0f00e15c8ea0bc

java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 1f683d4e1cb0ffb265bbb13506b6e2adc59f0d3a3d0406d515c2b86e35e710b8

java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el9_1.s390x.rpm

SHA-256: 82bfbd99e53d5925b9b68ccdca648a209b453639d658ad16ab7c863c467e31a2

Related news

CVE-2023-32338: Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.

Debian Security Advisory 5478-1

Debian Linux Security Advisory 5478-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.

RHSA-2023:4103: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacke...

Debian Security Advisory 5430-1

Debian Linux Security Advisory 5430-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.

Red Hat Security Advisory 2023-2710-01

Red Hat Security Advisory 2023-2710-01 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.6.3 for use within the Red Hat OpenShift Container Platform cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include denial of service and information leakage vulnerabilities.

Red Hat Security Advisory 2023-1884-01

Red Hat Security Advisory 2023-1884-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

Red Hat Security Advisory 2023-1891-01

Red Hat Security Advisory 2023-1891-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Red Hat Security Advisory 2023-1895-01

Red Hat Security Advisory 2023-1895-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Red Hat Security Advisory 2023-1889-01

Red Hat Security Advisory 2023-1889-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Red Hat Security Advisory 2023-1910-01

Red Hat Security Advisory 2023-1910-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Red Hat Security Advisory 2023-1903-01

Red Hat Security Advisory 2023-1903-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

Red Hat Security Advisory 2023-1905-01

Red Hat Security Advisory 2023-1905-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Red Hat Security Advisory 2023-1908-01

Red Hat Security Advisory 2023-1908-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Red Hat Security Advisory 2023-1904-01

Red Hat Security Advisory 2023-1904-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

RHSA-2023:1912: Red Hat Security Advisory: OpenJDK 8u372 Windows Security Update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1903: Red Hat Security Advisory: OpenJDK 8u372 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1908: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated att...

RHSA-2023:1909: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated att...

RHSA-2023:1905: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361...

Red Hat Security Advisory 2023-1899-01

Red Hat Security Advisory 2023-1899-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Red Hat Security Advisory 2023-1879-01

Red Hat Security Advisory 2023-1879-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

RHSA-2023:1898: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1895: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1885: Red Hat Security Advisory: OpenJDK 17.0.7 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1884: Red Hat Security Advisory: OpenJDK 17.0.7 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1883: Red Hat Security Advisory: OpenJDK 11.0.19 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1882: Red Hat Security Advisory: OpenJDK 11.0.19 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compr...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1880: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

RHSA-2023:1878: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnera...

RHSA-2023:1877: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8...

RHSA-2023:1875: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attack...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...