Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:3388 - Security Advisory
Issued:
2020-08-10
Updated:
2020-08-10

RHSA-2020:3388 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: java-1.7.1-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 7 to version 7R1 SR4-FP70.

Security Fix(es):

  • OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601)
  • OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583)
  • OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593)
  • IBM JDK: Information disclosure via calls to System.arraycopy() with invalid length (CVE-2019-17639)
  • OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590)
  • OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) (CVE-2020-14578)
  • OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) (CVE-2020-14579)
  • OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621)
  • OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1790556 - CVE-2020-2590 OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352)
  • BZ - 1790570 - CVE-2020-2601 OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)
  • BZ - 1856448 - CVE-2020-14583 OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920)
  • BZ - 1856784 - CVE-2020-14593 OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)
  • BZ - 1856885 - CVE-2020-14621 OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136)
  • BZ - 1856988 - CVE-2020-14577 OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)
  • BZ - 1856991 - CVE-2020-14578 OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731)
  • BZ - 1856995 - CVE-2020-14579 OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736)
  • BZ - 1866497 - CVE-2019-17639 IBM JDK: Information disclosure via calls to System.arraycopy() with invalid length

CVEs

  • CVE-2019-17639
  • CVE-2020-2590
  • CVE-2020-2601
  • CVE-2020-14577
  • CVE-2020-14578
  • CVE-2020-14579
  • CVE-2020-14583
  • CVE-2020-14593
  • CVE-2020-14621

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 8abc64d33210a5052bb8053210ae3a304f1b560edf2f2be2f75985e9deda4eac
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: e460e89bc3c62293a423aa202e8020bf2099e9d63d691d7c903aa544cea5fd16
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: b52a119366c811762d9c35f5064d66fa4e20e8c4ae098108633f039004222080
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 7b3300372e5c9e2623e6674657197f0e0cdbfa221e1d3f3d4c4774e5069b931a
java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 1d3cb8a2e957ea82a91b5cb05264c40c3fcdf06c9658a7a1e24a2d741da7caba
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 6f35dabf4160650f3ca1539bfbf7188896881648e77a10a4b2c8c2da5035396a

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 8abc64d33210a5052bb8053210ae3a304f1b560edf2f2be2f75985e9deda4eac
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: e460e89bc3c62293a423aa202e8020bf2099e9d63d691d7c903aa544cea5fd16
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: b52a119366c811762d9c35f5064d66fa4e20e8c4ae098108633f039004222080
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 7b3300372e5c9e2623e6674657197f0e0cdbfa221e1d3f3d4c4774e5069b931a
java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 1d3cb8a2e957ea82a91b5cb05264c40c3fcdf06c9658a7a1e24a2d741da7caba
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 6f35dabf4160650f3ca1539bfbf7188896881648e77a10a4b2c8c2da5035396a

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 8abc64d33210a5052bb8053210ae3a304f1b560edf2f2be2f75985e9deda4eac
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: e460e89bc3c62293a423aa202e8020bf2099e9d63d691d7c903aa544cea5fd16
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: b52a119366c811762d9c35f5064d66fa4e20e8c4ae098108633f039004222080
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 7b3300372e5c9e2623e6674657197f0e0cdbfa221e1d3f3d4c4774e5069b931a
java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 1d3cb8a2e957ea82a91b5cb05264c40c3fcdf06c9658a7a1e24a2d741da7caba
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 6f35dabf4160650f3ca1539bfbf7188896881648e77a10a4b2c8c2da5035396a

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.s390x.rpm SHA-256: 49660c5c5a417738ce6f40965b99a240da6b16b7036ad229ae7385557e6b6585
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.s390x.rpm SHA-256: 579a04a32ae5bde2b0c05218d365d9403e4ce9beee05463afac52a9b138ef140
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.s390x.rpm SHA-256: f48724fd58f48f1b48fae7da583bb67164b10944c40a27cf88023cc2b15bafd9
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.s390x.rpm SHA-256: b935a83bd32127e1b2a4018886983f35098f87d64bca0f58ca2518b68947aa86
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.s390x.rpm SHA-256: b511819f344b5971b4cc50757b0b9fbab840fb283cbe03d09c17a67500837830

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.ppc64.rpm SHA-256: 9c9cc5d397d7dcb552a4072df79570d12fe4f4f26e8fe268446dcbaa5077ef35
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.ppc64.rpm SHA-256: ba53520f78a886bdfb50d9af68cdecb7793c7ab2f472714cba011c2c4a1e11ae
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.ppc64.rpm SHA-256: 1a1b75b2fcfbd8fe0bcc6cc05adf1769deefecf939614724eaafc32f38842e65
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.ppc64.rpm SHA-256: 3760dbe31d1b87e57f94caf4283631c73a2b909884599be62473c7b4c1c28e42
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.ppc64.rpm SHA-256: dbed3c7a4023e7a9dae6dc8ac6798604d307eaf31937f856221d1f802c7f9ef5

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 8abc64d33210a5052bb8053210ae3a304f1b560edf2f2be2f75985e9deda4eac
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: e460e89bc3c62293a423aa202e8020bf2099e9d63d691d7c903aa544cea5fd16
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: b52a119366c811762d9c35f5064d66fa4e20e8c4ae098108633f039004222080
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.x86_64.rpm SHA-256: 6f35dabf4160650f3ca1539bfbf7188896881648e77a10a4b2c8c2da5035396a

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.ppc64le.rpm SHA-256: 43dd3d208c60ca53aeb7718e8abda7310cd864ba228d7635d3b4266d11bb2431
java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.ppc64le.rpm SHA-256: 95160963b0ca2535625d5f4b4d7bee40cab967c2e5a0ca87aa29c493b6c3e33e
java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.ppc64le.rpm SHA-256: cf73ce2d1d5586602c1ed9dde042a9d004f15ae8fb9e77a00c9078b1adc8c8e6
java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.ppc64le.rpm SHA-256: 4cb617f845ac4ff8ee5d1ff68d6d25551e42d61d3fe428618d90789f836ea661
java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.ppc64le.rpm SHA-256: 6d2013914d7009c03be98aa420afeb5faef8435d73d97666599bb839ce750e68

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter