Red Hat Product Errata RHSA-2020:0465 - Security Advisory

Issued:: 2020-02-11
Updated:: 2020-02-11

RHSA-2020:0465 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR6-FP5.

Security Fix(es):

OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604)
OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) (CVE-2020-2593)
OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583)
OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le

Fixes

BZ - 1790444 - CVE-2020-2583 OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909)
BZ - 1790884 - CVE-2020-2593 OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)
BZ - 1790944 - CVE-2020-2604 OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)
BZ - 1791284 - CVE-2020-2659 OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
x86_64
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 8c2cc6d3c45ad328ce00fc0fa074a122d53b2abee8d2574c130ce98d2b0b7b30
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: b50ddd422dd82f9afeea710cc428c0f457d91190b4db79cbd31a91095636d71f
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 444055f93dc8d2b273ff4333aff39891e4ab8e3599bc465304d3990a504fb721
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 524b172ca3f2e37167b79a6b28038d5020bd165acd6f291a8ef5623f6e07a27a
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 37a3c0ef7ee1961703f6b0636550cf59ee5eb5195e9b15fc59bb811a1d59350c
java-1.8.0-ibm-plugin-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: b76f5f96a6a2e1dc17191d755dc4add4764fcaf1991f0f83e1253bbbdfaceec0
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 7bde1a673002089664d59795cdbc82406890d9e8678c150ba6d8439088aad7e2
java-1.8.0-ibm-webstart-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: ac4b0537b28fa5329a7c001cde57ced97ccb9b753c528eec4030968f533afb43

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1

SRPM
x86_64
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 8c2cc6d3c45ad328ce00fc0fa074a122d53b2abee8d2574c130ce98d2b0b7b30
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: b50ddd422dd82f9afeea710cc428c0f457d91190b4db79cbd31a91095636d71f
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 444055f93dc8d2b273ff4333aff39891e4ab8e3599bc465304d3990a504fb721
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 524b172ca3f2e37167b79a6b28038d5020bd165acd6f291a8ef5623f6e07a27a
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 37a3c0ef7ee1961703f6b0636550cf59ee5eb5195e9b15fc59bb811a1d59350c
java-1.8.0-ibm-plugin-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: b76f5f96a6a2e1dc17191d755dc4add4764fcaf1991f0f83e1253bbbdfaceec0
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: 7bde1a673002089664d59795cdbc82406890d9e8678c150ba6d8439088aad7e2
java-1.8.0-ibm-webstart-1.8.0.6.5-1.el8_1.x86_64.rpm	SHA-256: ac4b0537b28fa5329a7c001cde57ced97ccb9b753c528eec4030968f533afb43

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
s390x
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: 786f5c15a1b87829604e53e71c6b720bfc14a80fe5ea00ea6688b470e2607fef
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: be182a2887a2c07b364247653be5be69db9be5c95a4f05cf8b8d33b629c6e7b5
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: aa4c3107a7261735cfd11c3dd0ad19bff96fce54f4ab4a47755fc6d155adaac4
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: cfe81bacf7028880346a9c411475ecd8a18a870624735982c65cd92b6afb9017
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: bbd426b590be18ddbaaac4a908955e1a41efdad848e8674ef61d9a9561391fc6
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: afddedd93fde0709eb208f4cbba520c3f47717ea84f78e2a1c050a34f4757b66

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1

SRPM
s390x
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: 786f5c15a1b87829604e53e71c6b720bfc14a80fe5ea00ea6688b470e2607fef
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: be182a2887a2c07b364247653be5be69db9be5c95a4f05cf8b8d33b629c6e7b5
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: aa4c3107a7261735cfd11c3dd0ad19bff96fce54f4ab4a47755fc6d155adaac4
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: cfe81bacf7028880346a9c411475ecd8a18a870624735982c65cd92b6afb9017
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: bbd426b590be18ddbaaac4a908955e1a41efdad848e8674ef61d9a9561391fc6
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.s390x.rpm	SHA-256: afddedd93fde0709eb208f4cbba520c3f47717ea84f78e2a1c050a34f4757b66

Red Hat Enterprise Linux for Power, little endian 8

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 3b961c1ce6bdad11c4ee0b7b57d9d1dc3c8c4a15d186abb6f91d582d2c59de55
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 0e2069edea952aa8ab18c1f393118dd5a66ef60624ee1a9f0f0024b271d69e2a
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 31f7c08b923eb278caa2e552115ef32f59f38eea1e4d31b7b1b76152b1e139d2
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: f0257b988a8976f547a8a8cf3cb256474fb385c66dd38dbbb57c2d253ba46775
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 491180b807b6427cd9c1ce51e3cfc27c5f76e5a84cc7e4f811914afd74d453bc
java-1.8.0-ibm-plugin-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: be0dc0b2d3c776426677bb6afc638abc1287a6c0767c7e638f324ef0174914fe
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: ea0663d97e4a6140ad4cdfc7e5bdd38de0b00188df9ec7beab591090909ee664
java-1.8.0-ibm-webstart-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: fa0ac05102a287c3a6ac54ec1a461156280cfe12854cd86a14df2b3de04040a7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 3b961c1ce6bdad11c4ee0b7b57d9d1dc3c8c4a15d186abb6f91d582d2c59de55
java-1.8.0-ibm-demo-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 0e2069edea952aa8ab18c1f393118dd5a66ef60624ee1a9f0f0024b271d69e2a
java-1.8.0-ibm-devel-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 31f7c08b923eb278caa2e552115ef32f59f38eea1e4d31b7b1b76152b1e139d2
java-1.8.0-ibm-headless-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: f0257b988a8976f547a8a8cf3cb256474fb385c66dd38dbbb57c2d253ba46775
java-1.8.0-ibm-jdbc-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: 491180b807b6427cd9c1ce51e3cfc27c5f76e5a84cc7e4f811914afd74d453bc
java-1.8.0-ibm-plugin-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: be0dc0b2d3c776426677bb6afc638abc1287a6c0767c7e638f324ef0174914fe
java-1.8.0-ibm-src-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: ea0663d97e4a6140ad4cdfc7e5bdd38de0b00188df9ec7beab591090909ee664
java-1.8.0-ibm-webstart-1.8.0.6.5-1.el8_1.ppc64le.rpm	SHA-256: fa0ac05102a287c3a6ac54ec1a461156280cfe12854cd86a14df2b3de04040a7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories