Red Hat Product Errata RHSA-2022:0345 - Security Advisory
Issued:
2022-02-01
Updated:
2022-02-01

RHSA-2022:0345 - Security Advisory

Synopsis

Important: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR7.

Security Fix(es):

  • Oracle JDK: unspecified vulnerability fixed in 8u311 (Deployment) (CVE-2021-35560)
  • OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565)
  • OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556)
  • OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559)
  • OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564)
  • OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578)
  • OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586)
  • IBM JDK: IllegalAccessError exception not thrown for MethodHandles that invoke inaccessible interface methods (CVE-2021-41035)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Fixes

  • BZ - 2014508 - CVE-2021-35565 OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967)
  • BZ - 2014515 - CVE-2021-35556 OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)
  • BZ - 2014518 - CVE-2021-35559 OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)
  • BZ - 2015061 - CVE-2021-35564 OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137)
  • BZ - 2015308 - CVE-2021-35586 OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
  • BZ - 2015653 - CVE-2021-35578 OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729)
  • BZ - 2027731 - CVE-2021-35560 Oracle JDK: unspecified vulnerability fixed in 8u311 (Deployment)
  • BZ - 2027791 - CVE-2021-41035 IBM JDK: IllegalAccessError exception not thrown for MethodHandles that invoke inaccessible interface methods

Red Hat Enterprise Linux for x86_64 8

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 4aac5aa71ff5377a7c8e9d473d2b0eb778321734e4f778a65bec89b07c7b1cb8
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 3b448b83801d69628750bba505ad98c56e631397d625388b556a9ba1745611aa
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 70d05dbcb4933e7969522f83c7994dc2636775488df4bbcc239b4a3f2775b063
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 0f8f28046c2e94f949be1fb68908dbc85a713652de857997e57d5cc6c1403f63
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: cfaa0844c61292ee6ca2aaebcee7f983bbbb55df55d89e6998bd971aa835f30b
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 46fe7f5b342f92a28dc1becb89d1511b2ff2bc7e3f40e7340c766e9cccaff58e
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: fd924e08c36cbdc5093b59502455eeababb53c370ca6f016d877f4f2a28fde25
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: a4f0b6bc7da9461ed29dc5dcfc38e619f8b0f28aa2b2b6b4ea66bcdd2fb566b2

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 4aac5aa71ff5377a7c8e9d473d2b0eb778321734e4f778a65bec89b07c7b1cb8
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 3b448b83801d69628750bba505ad98c56e631397d625388b556a9ba1745611aa
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 70d05dbcb4933e7969522f83c7994dc2636775488df4bbcc239b4a3f2775b063
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 0f8f28046c2e94f949be1fb68908dbc85a713652de857997e57d5cc6c1403f63
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: cfaa0844c61292ee6ca2aaebcee7f983bbbb55df55d89e6998bd971aa835f30b
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 46fe7f5b342f92a28dc1becb89d1511b2ff2bc7e3f40e7340c766e9cccaff58e
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: fd924e08c36cbdc5093b59502455eeababb53c370ca6f016d877f4f2a28fde25
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: a4f0b6bc7da9461ed29dc5dcfc38e619f8b0f28aa2b2b6b4ea66bcdd2fb566b2

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 4aac5aa71ff5377a7c8e9d473d2b0eb778321734e4f778a65bec89b07c7b1cb8
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 3b448b83801d69628750bba505ad98c56e631397d625388b556a9ba1745611aa
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 70d05dbcb4933e7969522f83c7994dc2636775488df4bbcc239b4a3f2775b063
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 0f8f28046c2e94f949be1fb68908dbc85a713652de857997e57d5cc6c1403f63
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: cfaa0844c61292ee6ca2aaebcee7f983bbbb55df55d89e6998bd971aa835f30b
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: 46fe7f5b342f92a28dc1becb89d1511b2ff2bc7e3f40e7340c766e9cccaff58e
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: fd924e08c36cbdc5093b59502455eeababb53c370ca6f016d877f4f2a28fde25
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.x86_64.rpm SHA-256: a4f0b6bc7da9461ed29dc5dcfc38e619f8b0f28aa2b2b6b4ea66bcdd2fb566b2

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
s390x
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 12b4519bae5121706d706eefddc98b5d7ed376340574c0e3bb8d3f4cd67c158b
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 44d9c611f4614c641c13fa860b241083e835574c2251dd9f3d6d458229d94595
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 716bb50d0fa10fb8b14b1a40f0ae4de667f0dd6b47f9ce78bedfa2e84a7e672b
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 1b87500fbdb6ef0c769ba431295e1ae8fbe3142b7ba73d0456338f5b39bbcac4
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 9ef7bcb872c9c77ba12f4577513867a57fbac0299cf54c11b98e9d80338c8cf9
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 0645fa9dcb83a30c39d05cf01920c748813e903a6b6e8d065ed4b6ec45f1fc15

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
s390x
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 12b4519bae5121706d706eefddc98b5d7ed376340574c0e3bb8d3f4cd67c158b
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 44d9c611f4614c641c13fa860b241083e835574c2251dd9f3d6d458229d94595
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 716bb50d0fa10fb8b14b1a40f0ae4de667f0dd6b47f9ce78bedfa2e84a7e672b
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 1b87500fbdb6ef0c769ba431295e1ae8fbe3142b7ba73d0456338f5b39bbcac4
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 9ef7bcb872c9c77ba12f4577513867a57fbac0299cf54c11b98e9d80338c8cf9
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 0645fa9dcb83a30c39d05cf01920c748813e903a6b6e8d065ed4b6ec45f1fc15

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
s390x
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 12b4519bae5121706d706eefddc98b5d7ed376340574c0e3bb8d3f4cd67c158b
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 44d9c611f4614c641c13fa860b241083e835574c2251dd9f3d6d458229d94595
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 716bb50d0fa10fb8b14b1a40f0ae4de667f0dd6b47f9ce78bedfa2e84a7e672b
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 1b87500fbdb6ef0c769ba431295e1ae8fbe3142b7ba73d0456338f5b39bbcac4
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 9ef7bcb872c9c77ba12f4577513867a57fbac0299cf54c11b98e9d80338c8cf9
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.s390x.rpm SHA-256: 0645fa9dcb83a30c39d05cf01920c748813e903a6b6e8d065ed4b6ec45f1fc15

Red Hat Enterprise Linux for Power, little endian 8

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fb0c38ef45653e2ab459d49d96a53f2da96f58814f79ce31dc29395de7fd614a
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: adf27dc0cb376d4858b590149f706c13971bd93b50d956fb0ee0d1730c03db0e
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 715e1b975222762bc18c57538707b3e990e20aa46f66ff690e87d395f9397d56
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 9177856dfb17e6b9d57e918e47065a6c2001a154e6bd691e70dc4b77dcd526ef
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 82030df053e48788129c143621a4410e9d12e46b3ad6b656f2ae110edb8b0b4f
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 97d3bfe31f223515d4ce5585c9e0ad2b197f412e702b78fc1ca7d8edd71569d8
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 1ae10d843f14fa453d2f8a70547d99a3f2f7e377a49311bace72996f78ab03ff
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fd7b358d2e7840f879b4d969fce27c3e749b6ca68a9407c5550de46f94172009

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fb0c38ef45653e2ab459d49d96a53f2da96f58814f79ce31dc29395de7fd614a
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: adf27dc0cb376d4858b590149f706c13971bd93b50d956fb0ee0d1730c03db0e
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 715e1b975222762bc18c57538707b3e990e20aa46f66ff690e87d395f9397d56
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 9177856dfb17e6b9d57e918e47065a6c2001a154e6bd691e70dc4b77dcd526ef
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 82030df053e48788129c143621a4410e9d12e46b3ad6b656f2ae110edb8b0b4f
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 97d3bfe31f223515d4ce5585c9e0ad2b197f412e702b78fc1ca7d8edd71569d8
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 1ae10d843f14fa453d2f8a70547d99a3f2f7e377a49311bace72996f78ab03ff
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fd7b358d2e7840f879b4d969fce27c3e749b6ca68a9407c5550de46f94172009

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fb0c38ef45653e2ab459d49d96a53f2da96f58814f79ce31dc29395de7fd614a
java-1.8.0-ibm-demo-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: adf27dc0cb376d4858b590149f706c13971bd93b50d956fb0ee0d1730c03db0e
java-1.8.0-ibm-devel-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 715e1b975222762bc18c57538707b3e990e20aa46f66ff690e87d395f9397d56
java-1.8.0-ibm-headless-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 9177856dfb17e6b9d57e918e47065a6c2001a154e6bd691e70dc4b77dcd526ef
java-1.8.0-ibm-jdbc-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 82030df053e48788129c143621a4410e9d12e46b3ad6b656f2ae110edb8b0b4f
java-1.8.0-ibm-plugin-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 97d3bfe31f223515d4ce5585c9e0ad2b197f412e702b78fc1ca7d8edd71569d8
java-1.8.0-ibm-src-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: 1ae10d843f14fa453d2f8a70547d99a3f2f7e377a49311bace72996f78ab03ff
java-1.8.0-ibm-webstart-1.8.0.7.0-1.el8_5.ppc64le.rpm SHA-256: fd7b358d2e7840f879b4d969fce27c3e749b6ca68a9407c5550de46f94172009

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.