Red Hat Product Errata RHSA-2020:3100 - Security Advisory
Issued:
2020-07-22
Updated:
2020-07-22

RHSA-2020:3100 - Security Advisory

Synopsis

Important: java-1.8.0-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583)
  • OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593)
  • OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) (CVE-2020-14556)
  • OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) (CVE-2020-14578)
  • OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) (CVE-2020-14579)
  • OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621)
  • OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1856448 - CVE-2020-14583 OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920)
  • BZ - 1856784 - CVE-2020-14593 OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)
  • BZ - 1856885 - CVE-2020-14621 OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136)
  • BZ - 1856896 - CVE-2020-14556 OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117)
  • BZ - 1856988 - CVE-2020-14577 OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)
  • BZ - 1856991 - CVE-2020-14578 OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731)
  • BZ - 1856995 - CVE-2020-14579 OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736)

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0

SRPM
java-1.8.0-openjdk-1.8.0.262.b10-0.el8_0.src.rpm SHA-256: 1a9705257d1cf8b716eb0a3bac33f56ea5ea11ff5fadf870d9d97e1eaeae4c09
ppc64le
java-1.8.0-openjdk-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 652af017e32e3a8bb72c6f62b808ae2658674f9569de13d9cf29e9f40f51695f
java-1.8.0-openjdk-accessibility-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 150f0cf2811722c49a91e38bdd5b99a403d32036743a396bc6ead7abffc0c522
java-1.8.0-openjdk-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 5d06f258f18d2d0e62a18497e1b7802c1864169d7fe86c04160b03fbd04736c8
java-1.8.0-openjdk-debugsource-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: b01f45306fe9fc39ce7eb0b39cda7d2727b983861f07e927a741cc2c5e5e3eb9
java-1.8.0-openjdk-demo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 4fd64025d45cc52b63bbadd622fbc7464cde39c711d4f7744c37eada07653779
java-1.8.0-openjdk-demo-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: a3fbd6832fbbb56137f6912a04ad1f18c26af7f9ef68ac9e95e4c43e49c82915
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 2511d8684f60b8624f83e5a860f3bf08b86be4935427f99ff617f4d37dc722e2
java-1.8.0-openjdk-devel-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: ecf3edaa8b0db17f41a8d81910496b49ecf4c990ee39c1b64e2938cb47238a5d
java-1.8.0-openjdk-devel-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 63ba34ef6c092a03b3b4e3c76b94b796c0493ef74da249ae8e1a2327ac9fc3b3
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 67f7a3647b1acd658281df45fae1d7786aa4c17b3ff29d4219ab1ed60e8dc7cf
java-1.8.0-openjdk-headless-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: d1753be1b3e6be9691afbe2e65da6a2c7bcb33151d37aacca6c7661f6a838e4b
java-1.8.0-openjdk-headless-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 89ff2feb3a27969fae93e071f0575194f4e397aa241e87624088feff68112409
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: b33c16e3799e4c00b752e6e8062e74f39e4d6f45ee64dea269d9f1120cdc7ad1
java-1.8.0-openjdk-javadoc-1.8.0.262.b10-0.el8_0.noarch.rpm SHA-256: ae6eaaf3b6a33ac9c7cfb578babb4e5b06ef5009669fc7bb619e528ed8e87ed9
java-1.8.0-openjdk-javadoc-zip-1.8.0.262.b10-0.el8_0.noarch.rpm SHA-256: 7772bc086b896f553896bb48d133e7c1b554a391d644c29420b5a83708c66eec
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 2101763120bc79fa4bf4355aa057cac67adcbe4e6cd857aff6cb88bd63cdfcab
java-1.8.0-openjdk-src-1.8.0.262.b10-0.el8_0.ppc64le.rpm SHA-256: 449f16f94798b09ac078575c2e7c0b237b6d6ff8b857d16f00e54beec2ce2c37

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0

SRPM
java-1.8.0-openjdk-1.8.0.262.b10-0.el8_0.src.rpm SHA-256: 1a9705257d1cf8b716eb0a3bac33f56ea5ea11ff5fadf870d9d97e1eaeae4c09
x86_64
java-1.8.0-openjdk-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 4cad4ec08572e3af76a42f068fc35354c1206fdf9ab37be36c9f76e3da235e89
java-1.8.0-openjdk-accessibility-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 5e5a097a5a7c835bc5247a53c08136a2c9ca701ba41f96e11dcb22f37f36a12e
java-1.8.0-openjdk-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 2eede4974af00673aed009b2711fd11f4992d2ed68109edff71d83a34555e046
java-1.8.0-openjdk-debugsource-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: d53946b1425a9a497b42e3a91fc0b8b09bdbbb2b5ac70175974aa48b243503fa
java-1.8.0-openjdk-demo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 1b8b55ecc46c0886970d421215f37c4969ccd718847dc78aae2f9c2f3b5fe181
java-1.8.0-openjdk-demo-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 32ee71047ff0de75b85b68e11d3924791822616b76c0690e03e21c2a96c7dfce
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 41d91ec3fd02f613d054442f794e11b4e30d8d430e61e5bf5399e1424b4250e3
java-1.8.0-openjdk-devel-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: d75f881b7da983cf1b941dea3f6071ae94a98859aecea88d2ae0584527e4bbf0
java-1.8.0-openjdk-devel-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: b705e0f9628793ec711d13902ed06d5cdea53ea1336099304ccdbd4e9f98970a
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 2dc9736e5e304870676b00c5251b85411e599ec788a87fbedc47028ba9e3271d
java-1.8.0-openjdk-headless-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 40e8bbcb2fe0b4870dd2a10bcd8bc414d2172bcce05190180e2ea7ef3fac4cb3
java-1.8.0-openjdk-headless-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 06769eaf6d070b6c02c74f2bf181e72881f4760a7754945e2e090eca79bf35bb
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: fb504ee03d338414df45dc4e5da5755b8f670ebcaf4a0efe7bb302088bb73e24
java-1.8.0-openjdk-javadoc-1.8.0.262.b10-0.el8_0.noarch.rpm SHA-256: ae6eaaf3b6a33ac9c7cfb578babb4e5b06ef5009669fc7bb619e528ed8e87ed9
java-1.8.0-openjdk-javadoc-zip-1.8.0.262.b10-0.el8_0.noarch.rpm SHA-256: 7772bc086b896f553896bb48d133e7c1b554a391d644c29420b5a83708c66eec
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: 58fe188f0029ba363d91508fc3e379fc1c3a709faa9128401b82ac4ddc1daa02
java-1.8.0-openjdk-src-1.8.0.262.b10-0.el8_0.x86_64.rpm SHA-256: fcb3982363415aef42e216827abee5d63ec6a6c85231021660cfecbd2d67b51d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.