- Issued:
- 2023-10-18
- Updated:
- 2023-10-18
RHSA-2023:5737 - Security Advisory
Synopsis
Moderate: java-11-openjdk security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
- OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- The /usr/bin/jfr alternative is now owned by the java-11-openjdk package (RHEL-13555)
- The jcmd tool is now provided by the java-11-openjdk-headless package, rather than java-11-openjdk-devel, to make it more accessible (RHEL-13562)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2243627 - CVE-2023-22081 OpenJDK: certificate path validation issue during client authentication (8309966)
CVEs
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM | |
---|---|
java-11-openjdk-11.0.21.0.9-1.el8_1.src.rpm | SHA-256: 769c965a4905dab667a23956291169c5cd2668a2f09d5ec396cc01eab7c9d7d5 |
ppc64le | |
java-11-openjdk-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: b95e303ea629a3c39c097299ad2cd82235221b12d27385bfb33585876f16196c |
java-11-openjdk-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 706dc13f996530e36c7ce50193da24a6b967e9e3e40f8ac202b8862948a31fdc |
java-11-openjdk-debugsource-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 4e8dc9e6f487d24d2a337283e85f837102282fae9e17ffa985c3363d6f652b1a |
java-11-openjdk-demo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 3ef4867af042fce749444649930f98e30d40a3032748cbb08b25381ae85e949b |
java-11-openjdk-devel-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 30b639212c338a30996341932a60c66ab8c3006c77a70c44fd9706afb9bdee89 |
java-11-openjdk-devel-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 61d0446e8011ca812fc5d6fe97608f79b80e20a7564297a927055d974cdb6030 |
java-11-openjdk-devel-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 4749e1d951564ec9b72feacb0c67af4f918af567c027f8d4b828465bd367489d |
java-11-openjdk-headless-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 25e4d313edd00cadeca2fe718e3de6d520e0bb96ec47b2dfb8e082fc174929d4 |
java-11-openjdk-headless-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 50ec9e0bfd1a7d7104f40b88d2b01676bf7e4cef5e48abb6f44747bbdd0321ad |
java-11-openjdk-headless-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: e5ad1b09d582d0710c8640527e1675ebabb8e4884428dd771d939c71e60d74ee |
java-11-openjdk-javadoc-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 51c641e75e32ed66e68a548d5cd206941675b2e5d2de101a6bfefe24c1f79482 |
java-11-openjdk-javadoc-zip-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 2b34f2e8d3ebebb71f42f507762ad6d23b7503e52199a2e93ddef7cad449f003 |
java-11-openjdk-jmods-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 942eadf4268ab1b3ace781bdfc6119966015d32c816bb7f03ce2e2469bf41352 |
java-11-openjdk-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: c2a13cac362d3f15975b59273c57afd899234c9f0e16b88f36127d6ba56a3df6 |
java-11-openjdk-src-11.0.21.0.9-1.el8_1.ppc64le.rpm | SHA-256: 8d5bc2b6d120b821cd9d992e7f12d68f584179523ef3f97f2f6eef34e23b2548 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM | |
---|---|
java-11-openjdk-11.0.21.0.9-1.el8_1.src.rpm | SHA-256: 769c965a4905dab667a23956291169c5cd2668a2f09d5ec396cc01eab7c9d7d5 |
x86_64 | |
java-11-openjdk-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 8a29dc451e706730e9e43c1a77e9c3d1627f051c0175f9e94a3fe57c7f91a5d9 |
java-11-openjdk-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: ea64d5c708c4e5b455917f418a0ac1777bd8137b5c9cd48764a67051a174b1a0 |
java-11-openjdk-debugsource-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 660beafab2c9790dfcf1f71921712dd42d4cd0bcd34a60e0d0e4a5a8f4a9b19f |
java-11-openjdk-demo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: a2633047855740d6cb45d20295b0bba94c09b767f66512cabadcb82c9975f17d |
java-11-openjdk-devel-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: ef95fc83db34bc9f7773579aba60ab24e943933a4272866456622346082bd384 |
java-11-openjdk-devel-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 7944caba3a353960f301eed243be9ed0e4601420c7c4e06ef0b971dafa80655e |
java-11-openjdk-devel-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 6d9481cbd9647a4df7eb20cf59041166746758296454aa6eca6290f8dd89de19 |
java-11-openjdk-headless-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 2849ce0660cf84ebea2be25ec907bdd6dd9aab83b7a6faa6c7de5e74c23b4b6b |
java-11-openjdk-headless-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: ffa6a04aac0b8257d90b11c2ea09102f269227983e51fc5cec487b1622ca14d3 |
java-11-openjdk-headless-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 24228ef73ac21b3237f945bd4e5d643e0d9d518da374fcb27b028c80f86acfa7 |
java-11-openjdk-javadoc-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 96ac03671a27fb5ad0997858e98cfe1bf4e3aeefb914722cc9a86d68de91584b |
java-11-openjdk-javadoc-zip-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 503f35f1119914b5505858ed544b8e2a5e71800d9d9e70bdaa4cb49b84ba3413 |
java-11-openjdk-jmods-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: d5c9af21ed3a3e538e77a997a5978a2072a2bcfb4b7a326f5bf432add0c343a5 |
java-11-openjdk-slowdebug-debuginfo-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 4faf4f86f8eb62dcefeafaadf6663a4dd4fe394be1173b954c11eb4eacae4ab8 |
java-11-openjdk-src-11.0.21.0.9-1.el8_1.x86_64.rpm | SHA-256: 078b2976e6653a32a3ebc6d2e42cabce6a9fe618bf74c5f4e8e05bad8e8ddbee |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.