Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4233: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
  • CVE-2023-22036: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
  • CVE-2023-22041: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
  • CVE-2023-22045: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
  • CVE-2023-22049: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
  • CVE-2023-25193: A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Red Hat Security Data
#vulnerability#web#apple#linux#red_hat#dos#java#oracle#graalvm#auth#ibm

概述

Moderate: java-11-openjdk security and bug fix update

类型/严重性

Security Advisory: Moderate

Red Hat Insights 补丁分析

标题

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036)
  • OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041)
  • OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049)
  • harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193)
  • OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006)
  • OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Prepare for the next quarterly OpenJDK upstream release (2023-07, 11.0.20) (BZ#2217709)

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

受影响的产品

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

修复

  • BZ - 2167254 - CVE-2023-25193 harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
  • BZ - 2217709 - Prepare for the next quarterly OpenJDK upstream release (2023-07, 11.0.20) [rhel-7.9.z]
  • BZ - 2221619 - OpenJDK: font processing denial of service vulnerability (8301998)
  • BZ - 2221626 - CVE-2023-22006 OpenJDK: HTTP client insufficient file name validation (8302475)
  • BZ - 2221634 - CVE-2023-22036 OpenJDK: ZIP file parsing infinite loop (8302483)
  • BZ - 2221645 - CVE-2023-22045 OpenJDK: array indexing integer overflow issue (8304468)
  • BZ - 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)
  • BZ - 2223207 - CVE-2023-22041 OpenJDK: weakness in AES implementation (8308682)

CVE

  • CVE-2023-22006
  • CVE-2023-22036
  • CVE-2023-22041
  • CVE-2023-22045
  • CVE-2023-22049
  • CVE-2023-25193

参考

  • https://access.redhat.com/security/updates/classification/#moderate

Red Hat Enterprise Linux Server 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

x86_64

java-11-openjdk-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 0d9128a4e0779c683f06de77712eff92db1ab5a9e8443ed72cc70f49d1cbaa66

java-11-openjdk-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: aab6d219f44c296bf135a2a5870db8542bed47297b95f0dc61428888e5b82b15

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: ab0dad92995f2341279a2a357f52840084bfb4f224f85c32731e23feb98400c9

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: c5378decaf3ec4aaac7520fdba7d7a02c076a386764efb800988e6f65981572a

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 9bbe514cc823eadb35353ec55a7f20d71fae042d333256f3050d4966bb688d54

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: e65dcddf006b36b09db99247dfaa396f5877820e286d361d21b6bcfefc85804e

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 5619c987f8e7a3bce0c0216bbff22df04e268bd0b622a4e59ca04225df225e54

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: b35e3bcb4ae34acdad978610cd3563bafaf20a238214b8ffbbeb60ffb8ff40c0

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 73a1a2024928fc951cabfec6c38384a295391ee5a1507c8e62c5d2df1666fe3b

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: f088a3ce4cc92c750d75b84d3bbc46410ece280392a34f7851fcc9f7ecc6fe63

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 1e95e9b920884338a819c9d4e23135f2c88f33820ead7e2c6a649a0dee711fa4

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 1456fc188c0b048d939456d4edabb74240692948feefd46147d693bd57ec64ed

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 6f4d3be93a2e9b9fecbfa799732a54370f388ba0e855627ddfa35ff7ea7d34ec

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 62e59f88820cf881ef3d694b199e228db0f75b5317ccbd29105eed0848528eb6

java-11-openjdk-src-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fc22bfcbf5260bd97d9496d9bd83d26f777ed6daf701afe17ea3debc12ef422f

java-11-openjdk-src-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 9c91e4406e362b48ff28144c514c2ba4fa1f3028a10f16453a92757c699c16da

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fbb5806f8568a2fc434ae4f9d3fea4efdc08c14ad657a08feb5deb41c47bed0b

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 199d0deb098571de88bba2a4713835c32ce49d4fef6fb1e0460888b278cd976b

Red Hat Enterprise Linux Workstation 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

x86_64

java-11-openjdk-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 0d9128a4e0779c683f06de77712eff92db1ab5a9e8443ed72cc70f49d1cbaa66

java-11-openjdk-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: aab6d219f44c296bf135a2a5870db8542bed47297b95f0dc61428888e5b82b15

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: ab0dad92995f2341279a2a357f52840084bfb4f224f85c32731e23feb98400c9

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: c5378decaf3ec4aaac7520fdba7d7a02c076a386764efb800988e6f65981572a

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 9bbe514cc823eadb35353ec55a7f20d71fae042d333256f3050d4966bb688d54

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: e65dcddf006b36b09db99247dfaa396f5877820e286d361d21b6bcfefc85804e

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 5619c987f8e7a3bce0c0216bbff22df04e268bd0b622a4e59ca04225df225e54

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: b35e3bcb4ae34acdad978610cd3563bafaf20a238214b8ffbbeb60ffb8ff40c0

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 73a1a2024928fc951cabfec6c38384a295391ee5a1507c8e62c5d2df1666fe3b

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: f088a3ce4cc92c750d75b84d3bbc46410ece280392a34f7851fcc9f7ecc6fe63

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 1e95e9b920884338a819c9d4e23135f2c88f33820ead7e2c6a649a0dee711fa4

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 1456fc188c0b048d939456d4edabb74240692948feefd46147d693bd57ec64ed

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 6f4d3be93a2e9b9fecbfa799732a54370f388ba0e855627ddfa35ff7ea7d34ec

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 62e59f88820cf881ef3d694b199e228db0f75b5317ccbd29105eed0848528eb6

java-11-openjdk-src-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fc22bfcbf5260bd97d9496d9bd83d26f777ed6daf701afe17ea3debc12ef422f

java-11-openjdk-src-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 9c91e4406e362b48ff28144c514c2ba4fa1f3028a10f16453a92757c699c16da

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fbb5806f8568a2fc434ae4f9d3fea4efdc08c14ad657a08feb5deb41c47bed0b

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 199d0deb098571de88bba2a4713835c32ce49d4fef6fb1e0460888b278cd976b

Red Hat Enterprise Linux Desktop 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

x86_64

java-11-openjdk-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 0d9128a4e0779c683f06de77712eff92db1ab5a9e8443ed72cc70f49d1cbaa66

java-11-openjdk-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: aab6d219f44c296bf135a2a5870db8542bed47297b95f0dc61428888e5b82b15

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: ab0dad92995f2341279a2a357f52840084bfb4f224f85c32731e23feb98400c9

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: c5378decaf3ec4aaac7520fdba7d7a02c076a386764efb800988e6f65981572a

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 9bbe514cc823eadb35353ec55a7f20d71fae042d333256f3050d4966bb688d54

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: e65dcddf006b36b09db99247dfaa396f5877820e286d361d21b6bcfefc85804e

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 5619c987f8e7a3bce0c0216bbff22df04e268bd0b622a4e59ca04225df225e54

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: b35e3bcb4ae34acdad978610cd3563bafaf20a238214b8ffbbeb60ffb8ff40c0

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 73a1a2024928fc951cabfec6c38384a295391ee5a1507c8e62c5d2df1666fe3b

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: f088a3ce4cc92c750d75b84d3bbc46410ece280392a34f7851fcc9f7ecc6fe63

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 1e95e9b920884338a819c9d4e23135f2c88f33820ead7e2c6a649a0dee711fa4

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 1456fc188c0b048d939456d4edabb74240692948feefd46147d693bd57ec64ed

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 6f4d3be93a2e9b9fecbfa799732a54370f388ba0e855627ddfa35ff7ea7d34ec

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 62e59f88820cf881ef3d694b199e228db0f75b5317ccbd29105eed0848528eb6

java-11-openjdk-src-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fc22bfcbf5260bd97d9496d9bd83d26f777ed6daf701afe17ea3debc12ef422f

java-11-openjdk-src-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 9c91e4406e362b48ff28144c514c2ba4fa1f3028a10f16453a92757c699c16da

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fbb5806f8568a2fc434ae4f9d3fea4efdc08c14ad657a08feb5deb41c47bed0b

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 199d0deb098571de88bba2a4713835c32ce49d4fef6fb1e0460888b278cd976b

Red Hat Enterprise Linux for IBM z Systems 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

s390x

java-11-openjdk-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: c554c8beaa8cdf0dda86041b8685167a2d4ce601a9982b946f478f539d3fc6ed

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 6fdaa86b394aac47d840739c4ad6e0ea198175d83d499883a5fd021f07d1b13e

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 6fdaa86b394aac47d840739c4ad6e0ea198175d83d499883a5fd021f07d1b13e

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 894543fe5942b0eaff910284c0375849c8e78fa5e93dc698207c79f182ba7c39

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 2db15355ca7611975008781d88efe2c15ff6923d087faace06e832a9fbb99122

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 9b6c3e1c1e153df51dd8ecfadfa938f764bb23dd18e21308d4b58a655077d8a2

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 056c69717f57cbf9495cb2c196cbdcecccb7bc363e62e1e416e83a07bd286bcb

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 5e268928bb0304d55fc3daa5adc9386c23cd10de88b411a920b4856add87bd82

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 9885310b9bc47d0d64d508f8d865ab337ed7ed28b92d59e650fa7ecb6f3a7170

java-11-openjdk-src-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 8044b96e3340fc3c661fc564d1242cfca0d6ce5d227d3866d099bebc7f2c5c0d

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.s390x.rpm

SHA-256: 3dc289e02c26121b18c3adace6434ab409a017331e0ca0f5d5373b2d293918b1

Red Hat Enterprise Linux for Power, big endian 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

ppc64

java-11-openjdk-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: ee7fc9f757b78294ed327a56fbf2bba059e3157875fba9cb5653103dba933f1b

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: 269af1164bf334e14761829f673da56f1f8e719d7721a9abfc90b6e99b679528

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: 269af1164bf334e14761829f673da56f1f8e719d7721a9abfc90b6e99b679528

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: 139bc3e93bd6c23a7d3e6a0cd74ed8711b47307e608c4fda99df35bc65c09339

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: 0405851100042c20dac82c07ab24d309cb50df06f10a9cd27153b3df53055fbe

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: e0f2cf53a67bde723e4ae8a544fd47bf1c5b230eeca7c3edb1dd67ec671f356e

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: c3d20d8e9d31f53f8fc0c5038a67a83238e842660523a7c6c41f05b576dcb03f

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: 6d4e0f444b13a6951cc7d18b1dad5dfe134bb45b7f130358354b2cd0249c5c9b

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: dcd9175d982b42602d6586eff4a65c492bda299bc352a7000c61889bb6271321

java-11-openjdk-src-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: f05d74bfec6349c6062fdc83a472d9b64abf66d000b396026d112cae63dbe4a8

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.ppc64.rpm

SHA-256: cda341017ac86d9eb87b080fe34bed705654b8b01e69184d0817753c43d2438e

Red Hat Enterprise Linux for Scientific Computing 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

x86_64

java-11-openjdk-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 0d9128a4e0779c683f06de77712eff92db1ab5a9e8443ed72cc70f49d1cbaa66

java-11-openjdk-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: aab6d219f44c296bf135a2a5870db8542bed47297b95f0dc61428888e5b82b15

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: c5f713d9a89aaed43d9538991a5d904bad70c005fa04c1182133276847d381d6

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 7cd636a510f83446d1bc9bce508ff16c18e389b5395c569954eaf61327f546c1

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: ab0dad92995f2341279a2a357f52840084bfb4f224f85c32731e23feb98400c9

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: c5378decaf3ec4aaac7520fdba7d7a02c076a386764efb800988e6f65981572a

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 9bbe514cc823eadb35353ec55a7f20d71fae042d333256f3050d4966bb688d54

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: e65dcddf006b36b09db99247dfaa396f5877820e286d361d21b6bcfefc85804e

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 5619c987f8e7a3bce0c0216bbff22df04e268bd0b622a4e59ca04225df225e54

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: b35e3bcb4ae34acdad978610cd3563bafaf20a238214b8ffbbeb60ffb8ff40c0

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 73a1a2024928fc951cabfec6c38384a295391ee5a1507c8e62c5d2df1666fe3b

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: f088a3ce4cc92c750d75b84d3bbc46410ece280392a34f7851fcc9f7ecc6fe63

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 1e95e9b920884338a819c9d4e23135f2c88f33820ead7e2c6a649a0dee711fa4

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 1456fc188c0b048d939456d4edabb74240692948feefd46147d693bd57ec64ed

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: 6f4d3be93a2e9b9fecbfa799732a54370f388ba0e855627ddfa35ff7ea7d34ec

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 62e59f88820cf881ef3d694b199e228db0f75b5317ccbd29105eed0848528eb6

java-11-openjdk-src-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fc22bfcbf5260bd97d9496d9bd83d26f777ed6daf701afe17ea3debc12ef422f

java-11-openjdk-src-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 9c91e4406e362b48ff28144c514c2ba4fa1f3028a10f16453a92757c699c16da

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.i686.rpm

SHA-256: fbb5806f8568a2fc434ae4f9d3fea4efdc08c14ad657a08feb5deb41c47bed0b

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.x86_64.rpm

SHA-256: 199d0deb098571de88bba2a4713835c32ce49d4fef6fb1e0460888b278cd976b

Red Hat Enterprise Linux for Power, little endian 7

SRPM

java-11-openjdk-11.0.20.0.8-1.el7_9.src.rpm

SHA-256: ed073d75430491d96ad6ab2b0b39551ea05c644a6e819f7f1512ae48973eaad7

ppc64le

java-11-openjdk-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: c3de75a2bb98e50079fb43f523408f773d43300f89bed43084fb9799b1f4e4ea

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 94fb9d2e233d886d448b2c78d4a6bfcc77de3903b7b3b7fa0b32a8e46d29a9c7

java-11-openjdk-debuginfo-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 94fb9d2e233d886d448b2c78d4a6bfcc77de3903b7b3b7fa0b32a8e46d29a9c7

java-11-openjdk-demo-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 9612a37b2a04519d216bd379e06f891841ecb55eb8b5dfb387f1683815b904d6

java-11-openjdk-devel-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 4bb8c4a0c1475bbbd36df635b1eacdb30dd8d1c1e80c09fb6a05ab41216112ec

java-11-openjdk-headless-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: c632e1a3094cd99ae98bb100cb1f40c38ceb1222114acb8925c9385c48835fe2

java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 90baed7346cd88e206dc631db76b080c666703256a2032873d4fe4366dd95fde

java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 89fdb7206fb4cc7f04974e27a2db8c3dc0afea9843f3d2e07a8e8c73374e7a75

java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 071360d86491b87f3e729252412964ebeced08c1f7819a19d8cdec58f27c0243

java-11-openjdk-src-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: 0054346f85172aadbe34fa69ad69693d71f655b391fbb2f8639fdbda9cb973d7

java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.ppc64le.rpm

SHA-256: aa6ac530c0b28eb0ad4e251675c22913ebba0c4ac5cebf81202cfc36947ddfde

Related news

Red Hat Security Advisory 2024-2410-03

Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2023-5480-01

Red Hat Security Advisory 2023-5480-01 - Red Hat OpenShift Serverless release of OpenShift Serverless Logic. This release includes security fixes. Issues addressed include a bypass vulnerability.

RHSA-2023:5480: Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.30.0 SP1 security update

Release of OpenShift Serverless Operator 1.30.1 and OpenShift Serverless Logic 1.30.0 SP1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4853: A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denia...

Red Hat Security Advisory 2023-4877-01

Red Hat Security Advisory 2023-4877-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP10.

Red Hat Security Advisory 2023-4876-01

Red Hat Security Advisory 2023-4876-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP10.

Red Hat Security Advisory 2023-4472-01

Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.

RHSA-2023:4472: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.1

Red Hat OpenShift Serverless version 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containin...

Red Hat Security Advisory 2023-4286-01

Red Hat Security Advisory 2023-4286-01 - Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.

Debian Security Advisory 5458-1

Debian Linux Security Advisory 5458-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.

Red Hat Security Advisory 2023-4166-01

Red Hat Security Advisory 2023-4166-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4159-01

Red Hat Security Advisory 2023-4159-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4159-01

Red Hat Security Advisory 2023-4159-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4159-01

Red Hat Security Advisory 2023-4159-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4159-01

Red Hat Security Advisory 2023-4159-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4178-01

Red Hat Security Advisory 2023-4178-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4178-01

Red Hat Security Advisory 2023-4178-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4209-01

Red Hat Security Advisory 2023-4209-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4209-01

Red Hat Security Advisory 2023-4209-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4212-01

Red Hat Security Advisory 2023-4212-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4212-01

Red Hat Security Advisory 2023-4212-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4211: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4210: Red Hat Security Advisory: OpenJDK 17.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4212: Red Hat Security Advisory: OpenJDK 8u382 Windows Security Update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22045: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerabili...

RHSA-2023:4212: Red Hat Security Advisory: OpenJDK 8u382 Windows Security Update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22045: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerabili...

RHSA-2023:4208: Red Hat Security Advisory: OpenJDK security update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4208: Red Hat Security Advisory: OpenJDK security update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4208: Red Hat Security Advisory: OpenJDK security update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4208: Red Hat Security Advisory: OpenJDK security update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauth...

RHSA-2023:4162: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected...

RHSA-2023:4162: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected...

RHSA-2023:4162: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected...

RHSA-2023:4171: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions ...

RHSA-2023:4171: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions ...

RHSA-2023:4171: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22006: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions ...

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-25193: [layout] Limit how far we skip when looking back · harfbuzz/harfbuzz@85be877

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.