Red Hat Product Errata RHSA-2020:2238 - Security Advisory
Issued:
2020-05-20
Updated:
2020-05-20

RHSA-2020:2238 - Security Advisory

Synopsis

Important: java-1.7.1-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 7 to version 7R1 SR4-FP65.

Security Fix(es):

  • OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)
  • OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)
  • OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)
  • OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)
  • OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)
  • OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)
  • OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)
  • OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1791217 - CVE-2020-2654 OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)
  • BZ - 1823215 - CVE-2020-2756 OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541)
  • BZ - 1823216 - CVE-2020-2757 OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)
  • BZ - 1823527 - CVE-2020-2800 OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825)
  • BZ - 1823542 - CVE-2020-2830 OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201)
  • BZ - 1823694 - CVE-2020-2803 OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
  • BZ - 1823844 - CVE-2020-2805 OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274)
  • BZ - 1823960 - CVE-2020-2781 OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5bc0d8c6ea53e465407d5bdfcd9b0d6550feceac0af29f0fd1bfe27db3d9a1e4
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 0e28bb41e21029e1e435648970f389f95ef909f38393192160bce653110a1bbc
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5451061634dac1655c027dcd1ad07e2f85c64a1a552685f9dd975a5bc53a14d7
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 699bf6892acc0a4c67aa7f6cf61deb88455b54108c5e1d9e3e09f6929435478d
java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 82b396ba313e76ff56dc517dffb1d30ae8c58000cf665918428bf3c73c00b8de
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: cc5a53ed523f3e0e5d0db9433f070d4617fab83cd7fca110d931f03b088c005d

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5bc0d8c6ea53e465407d5bdfcd9b0d6550feceac0af29f0fd1bfe27db3d9a1e4
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 0e28bb41e21029e1e435648970f389f95ef909f38393192160bce653110a1bbc
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5451061634dac1655c027dcd1ad07e2f85c64a1a552685f9dd975a5bc53a14d7
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 699bf6892acc0a4c67aa7f6cf61deb88455b54108c5e1d9e3e09f6929435478d
java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 82b396ba313e76ff56dc517dffb1d30ae8c58000cf665918428bf3c73c00b8de
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: cc5a53ed523f3e0e5d0db9433f070d4617fab83cd7fca110d931f03b088c005d

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5bc0d8c6ea53e465407d5bdfcd9b0d6550feceac0af29f0fd1bfe27db3d9a1e4
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 0e28bb41e21029e1e435648970f389f95ef909f38393192160bce653110a1bbc
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5451061634dac1655c027dcd1ad07e2f85c64a1a552685f9dd975a5bc53a14d7
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 699bf6892acc0a4c67aa7f6cf61deb88455b54108c5e1d9e3e09f6929435478d
java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 82b396ba313e76ff56dc517dffb1d30ae8c58000cf665918428bf3c73c00b8de
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: cc5a53ed523f3e0e5d0db9433f070d4617fab83cd7fca110d931f03b088c005d

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.s390x.rpm SHA-256: d2432e4806a301db5c55046b5d346c0f8be349e33366bd2519400b6d18fcca92
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.s390x.rpm SHA-256: d28f1e7f4127eb0fc7528830a9a03e1e153760660340ed99a659a17aec351c22
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.s390x.rpm SHA-256: f30eb4a8cbe7e2a3a0ee812e6fdaf10bbece13af64105dbd5fcdbeea463e1f1b
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.s390x.rpm SHA-256: e11ea484f12ddedbd508ab4b1daf10cd61e283e06e88c1974ef9061f9a9102dd
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.s390x.rpm SHA-256: 78f6782af2c9820564e32033188de064745da5665f73beacecff37422b0b236e

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.ppc64.rpm SHA-256: e1c72bd7533425577cc45487b4b7abdb7ad297e2afaae6afbb0edf691aaf83cf
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.ppc64.rpm SHA-256: b84a56be37d4f6fc55a49d840e23fe53b52d15c0c8c5b355d7c57adca7492907
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.ppc64.rpm SHA-256: 07e0b50772c91b4d53221c70c4c5d3576b48699a2bc4006d29673281c2958bf7
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.ppc64.rpm SHA-256: 641bf53515b24d55d1bc6ae23368f96e61416e7a09b17ddb1628ccf54e30ce7c
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.ppc64.rpm SHA-256: 0644d2bb9e97b668fffbc3b3bb1a53ece0a5db6a509dd29f2572da072d85cdbf

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5bc0d8c6ea53e465407d5bdfcd9b0d6550feceac0af29f0fd1bfe27db3d9a1e4
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 0e28bb41e21029e1e435648970f389f95ef909f38393192160bce653110a1bbc
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: 5451061634dac1655c027dcd1ad07e2f85c64a1a552685f9dd975a5bc53a14d7
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.x86_64.rpm SHA-256: cc5a53ed523f3e0e5d0db9433f070d4617fab83cd7fca110d931f03b088c005d

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7.ppc64le.rpm SHA-256: e7a4b196c27dea69243cdb858c6bbfaee27f672a68f0fb9d1061a3b42cdaede1
java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7.ppc64le.rpm SHA-256: 4f133f21c1a0a97318bc9d841f0f7cf546163b3007cfe5a55cbb975cc5522924
java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7.ppc64le.rpm SHA-256: 5bdca06b4410fda670b1c2eae014730a7b73e14499e2411360545ea401200861
java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7.ppc64le.rpm SHA-256: 5ffd7e894c262bcf955d870f6a7c834016a02f7a29dc2cf0a4a98be55273b151
java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7.ppc64le.rpm SHA-256: 93a0e9876d2f1aed5b29d7674eb08576c09f0e7039f04b40bdef17d46cc4afc3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.