Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1342
java-1.8.0-openjdk and java-11-openjdk security and bug fix update
21 April 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: java-1.8.0-openjdk
java-11-openjdk
Publisher: Red Hat
Operating System: Red Hat
UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-2163
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1297
https://access.redhat.com/errata/RHSA-2021:1298
https://access.redhat.com/errata/RHSA-2021:1299
https://access.redhat.com/errata/RHSA-2021:1301
https://access.redhat.com/errata/RHSA-2021:1305
https://access.redhat.com/errata/RHSA-2021:1306
https://access.redhat.com/errata/RHSA-2021:1307
Comment: This bulletin contains seven (7) Red Hat security advisories.
This advisory references vulnerabilities in products which run on
platforms other than Red Hat. It is recommended that administrators
running java-1.8.0-openjdk or java-11-openjdk check for an updated
version of the software for their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-11-openjdk security and bug fix update
Advisory ID: RHSA-2021:1297-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1297
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-11-openjdk is now available for Red Hat Enterprise Linux
7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* JNI local refs exceeds capacity warning in NetworkInterface::getAll
(BZ#1937736)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1930527 - Build static libraries with bundled sources [rhel-7]
1937736 - JNI local refs exceeds capacity warning in NetworkInterface::getAll
1938082 - Prepare for the next quarterly OpenJDK upstream release (2021-04, 11.0.11) [rhel-7]
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
java-11-openjdk-11.0.11.0.9-1.el7_9.src.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
java-11-openjdk-11.0.11.0.9-1.el7_9.src.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
java-11-openjdk-11.0.11.0.9-1.el7_9.src.rpm
ppc64:
java-11-openjdk-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.ppc64.rpm
ppc64le:
java-11-openjdk-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.ppc64le.rpm
s390x:
java-11-openjdk-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.s390x.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.ppc64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.ppc64.rpm
ppc64le:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.ppc64le.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.ppc64le.rpm
s390x:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.s390x.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.s390x.rpm
x86_64:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
java-11-openjdk-11.0.11.0.9-1.el7_9.src.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-devel-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-headless-11.0.11.0.9-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-demo-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-src-11.0.11.0.9-1.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9Yj9zjgjWX9erEAQgpIA//diHdgpzJUYi2ONbX2zGLXAabG8HACrcV
gCspCqzigtystaw49TibtNhDsn4OMfjowQOQS2SRRzFXVXHlZPGTCeZeQiei07M3
qd/hWctE/9rfAOYyryHFlDNw5YNpFYJvSdKtjdK2zUMR4RLrV3BIiE/pPvKiNGSI
LuZaKGPqR4eu8MKHfTohZKn50GIHp/THE04sRNpVpVeEaEMfRyngfJeh1UVwnijB
c4zXaJe2eunhEROlqp+gPBeC31qrpWAOy4t+2VrsVWnplTqk3/P28gUhQFQEGyVG
WTukqG9MjqZ0lzdgh1K2H+FQ5ZOzEK6iwF0IhKH+ZnUSK2H0uV3OneTAs3hpJOMU
I1zVh8TCRz8zQsZ2jtyv8OBpho0XCIXzwbcCWeUyyr9LkVYjX3v5MHlMhBA+Udah
lbst5VpLZCuNXCvnLGy7+vL6FWxENEWQujQ38qEFDY/DEq70mejmpH0hWqqBcA4h
1tVJW6pEP5UdwQaNZjqB97Bn4sCur+UYPZKQ7xjJVudJ77JWTKZ3oV1na+OFX0vw
YUceq7PB6lgQMo4T4i+cBb54ZSFFJ8KVUj72j2DrrNHFm+/Kg5/z3cQkT5EsWByD
FBSaCm5cXEzvjBCjAevcTQgWeXmk85Cb9o/HeF3RVdn/PfNbjN9WZxwTPsjOi9fh
eI+6OXarfiw=
=i6Cj
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-1.8.0-openjdk security update
Advisory ID: RHSA-2021:1298-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1298
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise
Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
3. Description:
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1938081 - Prepare for the next quarterly OpenJDK upstream release (2021-04, 8u292) [rhel-7]
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.src.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-1.el7_9.noarch.rpm
x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.src.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-1.el7_9.noarch.rpm
x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.src.rpm
ppc64:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.ppc64.rpm
ppc64le:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.ppc64le.rpm
s390x:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.s390x.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-1.el7_9.noarch.rpm
ppc64:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.ppc64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.ppc64.rpm
ppc64le:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.ppc64le.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.ppc64le.rpm
s390x:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.s390x.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.s390x.rpm
x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.src.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-1.el7_9.noarch.rpm
x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9R/9zjgjWX9erEAQj08BAApOLLAKWzGEM19XOmBesJauWoc2mnPEy4
Mn4fDCZsEdjxSIHf1RrdD558CbyYWH5MkRT5CbNiWiUltEXL5JPhKzfAeO7NOI7Z
EwPpchr2JD7BfIFY4vPcC8lCVE4yM3I5Em+ln1qO0huS1yuxEW9q2aflcN3T+DTJ
L2zDiuU+jFDI+PkX9uVKueMVC8CbCdBWS9cD5oRQ89nfmsyJNkeE56EKHAIvlAkP
WfNYE2oZ4nnI59GmfzJiJj1pwXAUsPY0PpKzcuGjWMreKChgAFgBb7h/coUbwX/q
M+1kTZD0QQyS0UJ1ktXDnkoLrGa7MZLuwhDgwkA8Jki8/SlqyWneZPPRk3MfsJ0n
N6sULqFD0wJs0H8wIsiH09iM6niat/CKQgTD4kQJtxnKFhWvCYru7HVqTs4VIoFL
zgcFI5utGn/DYmc7olYlMQfRA10W0S4rX7GLCceW/px1NAwdIUJK0V15csLfO5D/
zRtx3iSUHrpEQJGyJl5IDvbkNLTMa9Geyw1v3ial/eYeq6fbL5GCH3DXzZfB9xO2
zyjClAFG6EASWDSMOTk3RI9/x9V+YxcMd9lgeVCqoESHlxtGzgTZc1WOvvrhvDtB
sfMyviCKveaTFhXnnXjSsd2Z20EVk44zpFluJPjAAXgfT9c5BblXo83tXurYhIly
e0pRvU6LGAU=
=TYzU
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-1.8.0-openjdk security update
Advisory ID: RHSA-2021:1299-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1299
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise
Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.2):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_2.src.rpm
aarch64:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.aarch64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_2.aarch64.rpm
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-0.el8_2.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-0.el8_2.noarch.rpm
ppc64le:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.ppc64le.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_2.ppc64le.rpm
s390x:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_2.s390x.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_2.s390x.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_2.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9NTtzjgjWX9erEAQhE0g//bpVSk553caKduahTlfSk/bE3Fe7J/hn7
1dSIzgBeOP3qVep9O99jYIyF7cpM9mWMR8A25+leiUnSJHx2konxma0znv6R1LJ5
SswNqv6fcIZuhg56ibmyl5jFDUBezJgEcNJlUoL6j1mI4AXoSQ8Nzlx6h4DBBKW6
h0Hk301j5N7nfWfbhKuRH70BzUTztxKdfZhuREOB1r9KJUy+Ek0V5t2W/sW2EW5M
9R8goWH4jYGH03PG/5h1U6FI0S1VMWYvrc5iHzF/InK/APGQIw0cLREWkdjtUbvn
7XmZjbwkxyheMnlLmJR5ygKu6RwZQvVyaV6+kG1EtIkMNu/3uSPZTKvIMtZeSBtq
63ksb9dDFz/i864Q8zRAQfg4VD4STyI3ZEZW1/Wxhn5CkhmhJ9rrU43YogodTy0N
QtwZfSFOh+h4nmQRpqDqSra9XGDgTvwMqDNZCU/NtkNUvsWGCO4JNC8utbGVxZqk
cB6MU56aXtnDUgeSgmbd62WCigth8pWE2hq4cW6yNGLaBNdu+O8U4hIiErsx/asG
xoW1jkRWQqRqg7CEmwsqS/TIY3Iur8YLcOjPnSUzHzncFuhlaeMXD26Cm7AH1G8u
GrNvXE6S5l7IDmor4Cui/ijBrHV1THaU1qipBoJxVn5i6cl8L/f8aRupt+q5M/2g
/Hd+Xui4Gm4=
=fbfH
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-1.8.0-openjdk security update
Advisory ID: RHSA-2021:1301-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1301
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise
Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.src.rpm
aarch64:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.aarch64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_3.aarch64.rpm
noarch:
java-1.8.0-openjdk-javadoc-1.8.0.292.b10-0.el8_3.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-0.el8_3.noarch.rpm
ppc64le:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.ppc64le.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_3.ppc64le.rpm
s390x:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_3.s390x.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_3.s390x.rpm
x86_64:
java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-debugsource-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-demo-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-devel-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-headless-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.292.b10-0.el8_3.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.292.b10-0.el8_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9I2tzjgjWX9erEAQj5oA/9FMlZ4LjGpVievC4cDrPJDgaYjG6WfWVV
7DVhkkzipq9Ra/CdogBo05rRD5PVmcr7zy9U1ZtyXEkYm2jaf40zgiLl0s1PH2yO
DrctdLNFRI4KiucAST6r3acXzZgpEbt/ILS+6zj9XvU/3sVz45upnx8NTohgDlWM
sw6tB8X9Jir9SGU5mTXS1OJ0BLFlYhQwmz9vQAM+QLhIg8bY1vNGBMW209vDKG7d
VtA7L83EwKHygnIKGfU0hhcYZVNlepTl6yvD4oqdpeCrBUvIe7WeLWbIL10p+p6i
PfASdbERXgiFZJQS9FCyFCC+epAW/o/V5s3AWJD/afN8Rw48nCKGnDazNWjeFCze
T1LV4zKsdbJQFf2bYfu53dS5XQvoh9UgdfHtRIGhd41UlyZwJ7a1tSuzfeCPI8oa
yUNBSfFmvhlIy902E/cExamXQUmvoAOPgeYIPR4PY53+UEq8j4KnG9TXPUKuDHvS
In77RfU2+lsSleOYN8/V21FvRb7U0zTq68wg+MlQpOjYooEF+H9zfAyejstGbeN/
XRIkkOvMSLprdZI2SS64MOBGklPaBN/1KJGTqrgB6hdcgiXL4HX1qx9S8b0VElm2
180DLH0k19fa8p/osphnHyJpyhgTNa8f8ewQ8oHFWyCVe4ob0nQO10cOS4/yqK5m
rV9oi0WNEJ8=
=nuSo
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-11-openjdk security update
Advisory ID: RHSA-2021:1305-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1305
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-11-openjdk is now available for Red Hat Enterprise Linux
8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64
3. Description:
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.1):
Source:
java-11-openjdk-11.0.11.0.9-0.el8_1.src.rpm
aarch64:
java-11-openjdk-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.aarch64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_1.aarch64.rpm
ppc64le:
java-11-openjdk-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.ppc64le.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_1.ppc64le.rpm
s390x:
java-11-openjdk-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.s390x.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_1.s390x.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_1.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9KBtzjgjWX9erEAQjD+w//S+J2I/jiNUIKi4qopWKbKhslI3S0OoKM
Ypp8qQSghD928xHNLCs6WWUF6nUceavRng3h097aIhepAHqLxmvTpR77TKBmloJa
fmDDOwqqck1J+TAIVeoDuhtYSsuzL1BsfPppSJMlLWANyEaQAXr7nK66LxiwLEep
q2FRG78c9o33CYrLfzxlGR/LWrPw+i1xddK2SSB3zWifP/fF+YEFwZuXk2fWf889
6/kclz5yJjvZXkiHLa9dhFOBReZJQujyKanfrKrLljy1KpRcxE44UspNAdaf4nXu
7GVG9B+ossibRdbYfjVwCYI3pHCjcRbFuKwVVdIWUBGVBiowswg+0URGvJWJOaIC
dEMZESSa7MHMt287Vx6NcV6Yl2Z1E7DWAmOYDLx7JknoN8LS1h3LcSJdFIkm8SLx
BRer7kF8JV5Xoe38CHIotwUPmjrvYteVfXKJVFHRowdm2ietxCIB+sRz30cOMtUt
oV7yiLBDxsmJEf3LWlFiFV3YGohfPQl6kiibigZ7HctZr2m2ODjnxlkSgw4ma8sM
p+JUJlcUFgTTaTOac3QEXZt7vgL2dd0UxI8iPdDIqA8XCKoqtMfQTDvs3BFZThjJ
ORc5czBRtYKxPXGoPYClybSJjKjANIPgN/5zDtTkFP3OQrhqOo0oLFiEkjwJSoPF
b4JcQR1zKGM=
=AaD8
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-11-openjdk security update
Advisory ID: RHSA-2021:1306-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1306
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-11-openjdk is now available for Red Hat Enterprise Linux
8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64
3. Description:
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1943342 - Build static libraries with bundled sources [rhel-8] [rhel-8.2.0.z]
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.2):
Source:
java-11-openjdk-11.0.11.0.9-0.el8_2.src.rpm
aarch64:
java-11-openjdk-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_2.aarch64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_2.aarch64.rpm
ppc64le:
java-11-openjdk-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_2.ppc64le.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_2.ppc64le.rpm
s390x:
java-11-openjdk-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_2.s390x.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_2.s390x.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_2.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9PatzjgjWX9erEAQg83Q/+PjCe4oGioFtzaEHPEZncR6wVZrzYNQYN
lcNEmPDK7WlzsDL4Up+kXXigTx1OqfMhG5pg9+2vbKXhNNZblvwdEmwbsFnqnUI6
Aah1H4xDUaRI8PMSW0TTuJ0j3SE1QUjYmTcsfuV9WP9autRy3t0Qt5i00k5ZrKBJ
intG7UPVI6x23eo/lJQ6Th0PQObb4+2Z2hFpwcf8C95J/Q/rjdTsMnFrgQ1Bem2P
Mpr3g0YLP/W7akQNegot6JCohwzvEKl+qVQiyRj19wqu6RwoxyM9ejCsNMln3A9l
YH4rQg8yaMkf1d9FUv0sbYRpw8lPO09mF1I3DBkMPFddzy2rqTD5qlHUuV+SdXOM
JCA9mVnGVByqiPux+N1qK2uKlWkqN3RmJZbUakJ454MBzgRXlpsfqjv9g3vFzLA9
S99hHpuI1N8bSojB9FsBPpVBE4U8y9C4m49vUc7yegnQheQ8Q0DWGtBglYkn6s5w
dbv3q9WbdBwZ75eva27HCAH6uHc426ZQCvcjk/RqUeYhuUoiD0exHTlZVluv6O0F
un3O46VwNEpcuu4UvOzgwgJZ5zGuTB0DtelEvgvJrAg4U6iOJ/x8isyKkhy7s11v
NcZ8WKejiH+rCAq/AQIs8d8cmzrTNI/efndMiy2lNkkqzbXVi/cxbLYggrwkXH2W
Qc83EyWzO3U=
=DopX
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: java-11-openjdk security update
Advisory ID: RHSA-2021:1307-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1307
Issue date: 2021-04-20
CVE Names: CVE-2021-2163
=====================================================================
1. Summary:
An update for java-11-openjdk is now available for Red Hat Enterprise Linux
8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
* OpenJDK: Incomplete enforcement of JAR signing disabled algorithms
(8249906) (CVE-2021-2163)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1943341 - Build static libraries with bundled sources [rhel-8] [rhel-8.3.0.z]
1951217 - CVE-2021-2163 OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
java-11-openjdk-11.0.11.0.9-0.el8_3.src.rpm
aarch64:
java-11-openjdk-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_3.aarch64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_3.aarch64.rpm
ppc64le:
java-11-openjdk-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_3.ppc64le.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_3.ppc64le.rpm
s390x:
java-11-openjdk-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_3.s390x.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_3.s390x.rpm
x86_64:
java-11-openjdk-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-debugsource-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-demo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-devel-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-devel-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-devel-fastdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-devel-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-fastdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-headless-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-headless-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-headless-fastdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-headless-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-javadoc-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-jmods-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-slowdebug-debuginfo-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-src-11.0.11.0.9-0.el8_3.x86_64.rpm
java-11-openjdk-static-libs-11.0.11.0.9-0.el8_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-2163
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYH9QH9zjgjWX9erEAQhvYxAApYeJO1lfJJ7S2G8OaW1cI0UL1Z3BMqMP
5AL3RvldsZ0npWlkU8i0mAEq8S8aJ9YtHN2wEA8/H5iimdceCyofVJqA2H12rxeB
qozyUymcgULIyV18NvKq0fQB5DtX/4ONSYTJThgKkk2Cryljh4dEwla5LS6AyEsY
GyhiJ968I7blPYu1K94QhUJoSFKNJqOYlWGeB/8gDoAYs5VPpZ9R7L5V2xykE5oG
hGb8H0sLInwRxQMQg5Xod8O2S4Bke13KkScU1cuEfKJobslC5/k145JJ4bmQx4ua
/jzZz3Ajv4JQEwIxsswiPragofEhsU1nS2jV1bF6N80g58gEOQ9SO9VVLrYw56Lk
zeqpuTQEmdIUt1wqKJCaqc1pzGmyY99yMwEN9eQCC2e64GJDRkHoULJu7fFPHpZn
pUv52PDRz8l+wXLO1S9ZwXfvTT4X+2AC0bacs0DG0rxyKnugZzKZddTg/UH6Ap3Z
IgfNCg/M6z4FKcW9wa8G7u9Mok/Kf89GlSEQQFgn1kSTD66yP/KeOW/BC/DpdtNl
YJcJhKsDazP1wwk3yAx8RGUdrkrJF8tf05kWwgvl72LpdQTa86XrzHOiPDJkFbL9
kAtGWhF8aPP3xovnLh3ylpslf2/4oocVrYuNpFrJ9T4Vl+tlCaSheXE/w0OTmj+k
SP2PgNdgBcw=
=1B8o
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYH982+NLKJtyKPYoAQhsqg//RrI3InJdYo4o8FP5FuUrc4lUUZblKEFY
ii+wC/YNGuEAnNhCVqc66S7DYHywDxoid/TzULxgy9yGiPVgD4hdKTJlGeVMeJZg
xN6hoDYuFtk5ZUboDN/mOTtHszKqIxoAgWCrWCt0gN16EVgBxusAw5nvSi03OJjQ
MIM2dNT9vuNPagrko+RWEGf2Rxjdzq/TeqgjT4mQGOymPqVs1G13AOpYXNq1CO84
42QsOLkYqD5XPXeu7He2wLWjVA/YEzCFj8cqyrwLJEkEPkVjlk/A6SZ8h5bkstxR
gm0xvhi0ZdtwV4BQv8cBAsKm7m1QJ7OPJi3DYLaP0n1b0Yv5pqJ5OGNSwq7Tj/40
r6y6LWcu98A7GU805vDqFnwmfhf7xo0wsMrlf8cKc0BB4jPWWzl+okAbGUkkkfl9
npvfh5XV1tzaAk6wBTgGBMuaHyqGUKIXi10O050TUH/eueofiwykPE5MW3rIf47S
c/SE+Q7bhBT3mRxSHkTxMHInX4wZkQ1ce06/2aLJ8WYYWIvvpCoqcbNmGzTZ3bLc
an6s1oo2nVCPp3HdRaItDdBr3jpKT1I2N2WW9NjCToW4WP29NkMiLUW4CHYh+oyz
bT4XHjWADKkUXAB8R3oZVqGeR2CSzztdz09wycamGNp5f6tBFiJ3bSfaaA7eD5l3
mgofr5CRv3o=
=Gg39
-----END PGP SIGNATURE-----