Headline
RHSA-2022:5684: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859)
- CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
- CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Synopsis
Important: java-11-openjdk security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
- OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)
- OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)
- OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2108540 - CVE-2022-21540 OpenJDK: class compilation issue (Hotspot, 8281859)
- BZ - 2108543 - CVE-2022-21541 OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866)
- BZ - 2108554 - CVE-2022-34169 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
x86_64
java-11-openjdk-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0327b30183065db2d8ec5f0b59d6933704635ca731b4115da011951abedf1dce
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 739f3db46f1e15dec9aab8cfb095ab3eadd055a66360e9428ff79c873eb259a7
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 89b51d2d9dd0ec0b4461d22129aeb0db50f9b4ec61802e26bec0ba763f4f8901
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 6565d7617ee5795ac12fb7cf6aa386f5d576a763770a90d1e1f9b7956884739b
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 8c6c425cd4a4a74198b81a6c4a542f32e522f206cc2e2a0de20b934e34e4916e
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: be5342afeda9adcaba5163f5ce96f98f9003da3ec2e035a75ee686d1d208730b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: f936c2029e079e4030421bd1d0942fa45d78dc64e7e679a2879c6bcac6fbed60
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0349f8e5c8cb11ed2468c96097a9348dbab4b1bc0acdfd2422e1a3a77f0513fa
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 320020155c312d36ef9521e1036785bde1f681c30932afe775c8ff3343828bf9
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 292e2a7fb014a80d625ea9d3d5e39c90669b5b45c0adbf4b04aaaa621a58d569
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d55b1c0685087e6187ca8093df0e834918d0826871596fc6cab9fc7676fe4ac0
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 625e33170c5c8c5037f03b67c76fc1be4fa8d766cd9376002211ebbe0049bbf1
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: c8dbc4c6e4a49e1bb8089b189bc29824bab5148ba8d34498ef83c878a7738834
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d6fab203d451331ac22f3971c4f26d4b737788d28e23d3d0215c3b44faa7078e
java-11-openjdk-src-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d8de9eef1b1f743bf0d275e8df05d5c88bbfcc91e2b79b4f57a56ea43c9342d4
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: ff281bc44761827a14fdb8de49c6235528e9c84399bff4b37220be59bc6d91e3
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
x86_64
java-11-openjdk-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0327b30183065db2d8ec5f0b59d6933704635ca731b4115da011951abedf1dce
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 739f3db46f1e15dec9aab8cfb095ab3eadd055a66360e9428ff79c873eb259a7
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 89b51d2d9dd0ec0b4461d22129aeb0db50f9b4ec61802e26bec0ba763f4f8901
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 6565d7617ee5795ac12fb7cf6aa386f5d576a763770a90d1e1f9b7956884739b
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 8c6c425cd4a4a74198b81a6c4a542f32e522f206cc2e2a0de20b934e34e4916e
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: be5342afeda9adcaba5163f5ce96f98f9003da3ec2e035a75ee686d1d208730b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: f936c2029e079e4030421bd1d0942fa45d78dc64e7e679a2879c6bcac6fbed60
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0349f8e5c8cb11ed2468c96097a9348dbab4b1bc0acdfd2422e1a3a77f0513fa
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 320020155c312d36ef9521e1036785bde1f681c30932afe775c8ff3343828bf9
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 292e2a7fb014a80d625ea9d3d5e39c90669b5b45c0adbf4b04aaaa621a58d569
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d55b1c0685087e6187ca8093df0e834918d0826871596fc6cab9fc7676fe4ac0
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 625e33170c5c8c5037f03b67c76fc1be4fa8d766cd9376002211ebbe0049bbf1
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: c8dbc4c6e4a49e1bb8089b189bc29824bab5148ba8d34498ef83c878a7738834
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d6fab203d451331ac22f3971c4f26d4b737788d28e23d3d0215c3b44faa7078e
java-11-openjdk-src-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d8de9eef1b1f743bf0d275e8df05d5c88bbfcc91e2b79b4f57a56ea43c9342d4
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: ff281bc44761827a14fdb8de49c6235528e9c84399bff4b37220be59bc6d91e3
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
s390x
java-11-openjdk-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 4507eaf1e9212dc420dc78d3d298d813c34adbe1c488d1374a46bf385a599d72
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 865dcb6fcb308625dcf7eedf3bd1f16bbb0b7dfe8f0dacee95c141bd1dbfb16e
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: dbe159493a5fa0fbee0fb374866cbfc56005b5bab1348b8e6caf673a8f8251f9
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 3f0ab0669ccda8de2314f6ed5f6156a5fae446a5b35123284616338bb06a9908
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: f0ac4728ba294e019c2992a0c1dd22c630ef790629d2d73b4d8cc88e66b2adae
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 5ee7beba14a3ca65bf3a8adbb77970b7c44d74f4c22c8925e411deb88a1efbc1
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 1d1b4c9a24a83b115382d418cdea79f320bb4dcb77c3f821d1119c4c6bbe4819
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: e4518581f2f329b59309d7291ce00cc9fb22709174052df64971dd3a9442b67e
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: bf7690d3548283c29717fc1bbf502836f1dcc9855699b992dc19db57763aceaf
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 1beb42d70b6b9ce2bff887f054e6c7a3e555e968763910b86c195818b592678c
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: e273d903e8636abdcb30741b855e480b118853d0b502c11f9c685e689edd2cb4
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: e2b81be8240b32144379c46ca019fd724f4b53c70bc0857b19e96c982cd4a630
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: fe13c5c21d887beccfccd3b652244c761d1ef11ce82640aa93caa1565bd3f2e8
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 3076260ef0666abd5f13219966fc07a03c4543007db1146ea5118a7378ff1e7c
java-11-openjdk-src-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: c613fe39f0d7fd8477f3731e43f4652e2a7fcdc4448d6b2dca874920535265bf
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.s390x.rpm
SHA-256: 4d504ae7f41acc4b350858232a5964eea058558692bb045bbc01ea7ecc4afcc5
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
ppc64le
java-11-openjdk-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: af9384343e65c8df69fc2bcca8f9328e723a705cd352df2923061b86dac8f0e3
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: adde08e502ea6685f25837aaa9c06708fe0d38369ef684f2818cb3eededc0576
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 98f91121c7623084d547f69d5d2821de3c441bfdac17a7761a169b5c4fa2605a
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 9e9e6b5fb58e33115204ad1f3a411657d3b03a56026a1ce85ce00f2557ada3b9
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 8b1bd492460a29f0bbe08927b0fb3e6ada45086f12e299203a0086d3bc370169
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: f4016bcda8d8abf870535d69a7587eaf31dd71e773e88e45a01a3437c6f89801
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 9413538266e5732c9660f2e28cb78a557563da0cc871e50dae14683c111a8ef3
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: b4c93228c7e0d9ba1713bb0d8e5a2216b8d3ffaed5b24281920fe64aa527bcd3
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: bf3c911d395c5875a4dc2c9833ea5ec8f3c002f72acf4dd0cfbd7e91acfb98c7
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: afadd3030fc6e97ad0d3b5338d2d547c4cdbc8f9af9bce141e7ee636853db29c
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: d8005b3d8fab4a2feff0b37806d80069fd2db210c7a76875abc2679073913bb1
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 00bbb5eb6069bfa354c66e48b52bd13d9dda3c1615672ab8b6943c3433eb53f6
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: baea95c92b87488ec61432051ca9e73eb6ef32464ade44c7e9fb8db56a6d63e2
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: bda8daee387245be98a31239036860c41b8d8f1cd91bb5774659d22025244441
java-11-openjdk-src-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 48d92ab269172441cb955bc384040d12d4fa42b41167a4698595d9e9c06cce21
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: de6835d7119c43c16aa74bd6e6bec48268cc6984a942fc7290015b5dd3c196ee
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
x86_64
java-11-openjdk-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0327b30183065db2d8ec5f0b59d6933704635ca731b4115da011951abedf1dce
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 739f3db46f1e15dec9aab8cfb095ab3eadd055a66360e9428ff79c873eb259a7
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 89b51d2d9dd0ec0b4461d22129aeb0db50f9b4ec61802e26bec0ba763f4f8901
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 6565d7617ee5795ac12fb7cf6aa386f5d576a763770a90d1e1f9b7956884739b
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 8c6c425cd4a4a74198b81a6c4a542f32e522f206cc2e2a0de20b934e34e4916e
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: be5342afeda9adcaba5163f5ce96f98f9003da3ec2e035a75ee686d1d208730b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: f936c2029e079e4030421bd1d0942fa45d78dc64e7e679a2879c6bcac6fbed60
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0349f8e5c8cb11ed2468c96097a9348dbab4b1bc0acdfd2422e1a3a77f0513fa
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 320020155c312d36ef9521e1036785bde1f681c30932afe775c8ff3343828bf9
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 292e2a7fb014a80d625ea9d3d5e39c90669b5b45c0adbf4b04aaaa621a58d569
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d55b1c0685087e6187ca8093df0e834918d0826871596fc6cab9fc7676fe4ac0
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 625e33170c5c8c5037f03b67c76fc1be4fa8d766cd9376002211ebbe0049bbf1
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: c8dbc4c6e4a49e1bb8089b189bc29824bab5148ba8d34498ef83c878a7738834
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d6fab203d451331ac22f3971c4f26d4b737788d28e23d3d0215c3b44faa7078e
java-11-openjdk-src-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d8de9eef1b1f743bf0d275e8df05d5c88bbfcc91e2b79b4f57a56ea43c9342d4
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: ff281bc44761827a14fdb8de49c6235528e9c84399bff4b37220be59bc6d91e3
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
aarch64
java-11-openjdk-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 40698c89d2219e59e626e0ba40e6a0c3f9de0b63fbfeafa917b58a3de7b88b62
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: b764a9978a015bf1cff0a209e385f699eac964680af9f1560d871670c437cf0c
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: be034d321d61518f4f23e31ed35995f1992a31ab46f006d452828afc02a21805
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 6930f9214608efcc24408c4a2fe933858dff801c18aff1be36ba3ba18df54e36
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 6a6171d426bc1dd3648383eccb725f432cc4ee86fd3183c2907973f06072de3b
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: c244fb78cfd7fe40d4850b1d980f282368f4909e5e488569b585d8b0dd50657b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: a3d0ba16e32abc701c6106d3e5c3b01819605fdb7f97b0848bfed91c49f140f2
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 126682d154a807e469d4339df4bd1a33efe0c96eade97c0de263c471c15d91c8
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 0ef763cc4713a0da9e90f388e1d8d3e4932a29e35776a092b9dc24a34f0e7c80
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: ca9ac67ce43af5cd991734eee299ad99cd4cb3278bee671cf2cd3fa1ee3fec5c
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: fdf904fe160b15c9784890dd535bc56b5dd5750a1e57b60b1f0debd36f0ef847
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 4daf6d47b39b3ed52c092e4f6e857d978ba195dba7610ae60e9a2ce2c51de848
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: fb5d6c37165f8c6706f529f2fefc1760a85110dc167aeb042833d744aabaa83a
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 7eb57897a0a56e65d716195ff36c0d2a10bdbb77b10b7593fb823b8b686e15f9
java-11-openjdk-src-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: 2807ad898fc5a5dd50f1791c3bf05acf2b1e9f74154e442b25c686270e5ba395
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.aarch64.rpm
SHA-256: b8809d52faf3cb7c8a7df934b6c44f9e4cf2827d3acbb8cd44ab8403b755f5db
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
ppc64le
java-11-openjdk-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: af9384343e65c8df69fc2bcca8f9328e723a705cd352df2923061b86dac8f0e3
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: adde08e502ea6685f25837aaa9c06708fe0d38369ef684f2818cb3eededc0576
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 98f91121c7623084d547f69d5d2821de3c441bfdac17a7761a169b5c4fa2605a
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 9e9e6b5fb58e33115204ad1f3a411657d3b03a56026a1ce85ce00f2557ada3b9
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 8b1bd492460a29f0bbe08927b0fb3e6ada45086f12e299203a0086d3bc370169
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: f4016bcda8d8abf870535d69a7587eaf31dd71e773e88e45a01a3437c6f89801
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 9413538266e5732c9660f2e28cb78a557563da0cc871e50dae14683c111a8ef3
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: b4c93228c7e0d9ba1713bb0d8e5a2216b8d3ffaed5b24281920fe64aa527bcd3
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: bf3c911d395c5875a4dc2c9833ea5ec8f3c002f72acf4dd0cfbd7e91acfb98c7
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: afadd3030fc6e97ad0d3b5338d2d547c4cdbc8f9af9bce141e7ee636853db29c
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: d8005b3d8fab4a2feff0b37806d80069fd2db210c7a76875abc2679073913bb1
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 00bbb5eb6069bfa354c66e48b52bd13d9dda3c1615672ab8b6943c3433eb53f6
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: baea95c92b87488ec61432051ca9e73eb6ef32464ade44c7e9fb8db56a6d63e2
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: bda8daee387245be98a31239036860c41b8d8f1cd91bb5774659d22025244441
java-11-openjdk-src-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: 48d92ab269172441cb955bc384040d12d4fa42b41167a4698595d9e9c06cce21
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.ppc64le.rpm
SHA-256: de6835d7119c43c16aa74bd6e6bec48268cc6984a942fc7290015b5dd3c196ee
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.16.0.8-1.el8_2.src.rpm
SHA-256: 4dca3d4377453d77bab07367f1b16af5f204da4b0a07143d75c2c847407df870
x86_64
java-11-openjdk-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0327b30183065db2d8ec5f0b59d6933704635ca731b4115da011951abedf1dce
java-11-openjdk-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 739f3db46f1e15dec9aab8cfb095ab3eadd055a66360e9428ff79c873eb259a7
java-11-openjdk-debugsource-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 89b51d2d9dd0ec0b4461d22129aeb0db50f9b4ec61802e26bec0ba763f4f8901
java-11-openjdk-demo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 6565d7617ee5795ac12fb7cf6aa386f5d576a763770a90d1e1f9b7956884739b
java-11-openjdk-devel-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 8c6c425cd4a4a74198b81a6c4a542f32e522f206cc2e2a0de20b934e34e4916e
java-11-openjdk-devel-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: be5342afeda9adcaba5163f5ce96f98f9003da3ec2e035a75ee686d1d208730b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: f936c2029e079e4030421bd1d0942fa45d78dc64e7e679a2879c6bcac6fbed60
java-11-openjdk-headless-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 0349f8e5c8cb11ed2468c96097a9348dbab4b1bc0acdfd2422e1a3a77f0513fa
java-11-openjdk-headless-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 320020155c312d36ef9521e1036785bde1f681c30932afe775c8ff3343828bf9
java-11-openjdk-headless-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 292e2a7fb014a80d625ea9d3d5e39c90669b5b45c0adbf4b04aaaa621a58d569
java-11-openjdk-javadoc-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d55b1c0685087e6187ca8093df0e834918d0826871596fc6cab9fc7676fe4ac0
java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: 625e33170c5c8c5037f03b67c76fc1be4fa8d766cd9376002211ebbe0049bbf1
java-11-openjdk-jmods-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: c8dbc4c6e4a49e1bb8089b189bc29824bab5148ba8d34498ef83c878a7738834
java-11-openjdk-slowdebug-debuginfo-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d6fab203d451331ac22f3971c4f26d4b737788d28e23d3d0215c3b44faa7078e
java-11-openjdk-src-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: d8de9eef1b1f743bf0d275e8df05d5c88bbfcc91e2b79b4f57a56ea43c9342d4
java-11-openjdk-static-libs-11.0.16.0.8-1.el8_2.x86_64.rpm
SHA-256: ff281bc44761827a14fdb8de49c6235528e9c84399bff4b37220be59bc6d91e3
Related news
Gentoo Linux Security Advisory 202405-16 - A vulnerability has been discovered in Apache Commons BCEL, which can lead to remote code execution. Versions greater than or equal to 6.6.0 are affected.
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Red Hat OpenShift Container Platform release 4.6.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
Red Hat OpenShift Container Platform release 4.6.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS
Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2022-6040-01 - Version 1.24.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements. Issues addressed include bypass and denial of service vulnerabilities.
Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.
Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.
Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Red Hat Security Advisory 2022-5687-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-21549: OpenJDK: random exponentials issue (Libraries, 8283875) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21540: OpenJDK: class compilation issue (Hotspot, 8281859) * CVE-2022-21541: OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) * CVE-2022-34169: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.