Issued:
2022-04-25
Updated:
2022-04-25

RHSA-2022:1488 - Security Advisory

Synopsis

Important: java-1.8.0-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
  • OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
  • OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
  • OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
  • OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
  • BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
  • BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
  • BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
  • BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_1.src.rpm SHA-256: 917ac5f75bdcf08682927edfbb0841fdfa1b1d4b5feaa407433afba05b6eb5a2
ppc64le
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 1a37cb953e2a48728dd229de8da2c20ec48eb716f844420b938f3e6385334b05
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: d90b2e9f6f8c2da52245996f2a21990069d43b3e5516e343f37cc3f00f8991d6
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: ab00c8b99d38d4b490e4cbaab3913fa795647eac21556667196a4a2620df5c49
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 3bbfc789a631ce2792651aee875ead5aa8f5000b7169d18acbd42c761e990d80
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: cd5fb1094b50abf39ac00f6078462a82a76f470239dc2ee6d7ee05b7f58f52c1
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: f40b260ec0b381649822ceebc2f7de93dbdc0993297ec7915f40e0be8baa348c
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 9b04bd8ac3fb5af373e56e82a1b269c2524180d30704510fbe4905f89ced4516
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: a32a266bea51f0f5518c754e4a98adddcae48eb675ef0e707546280ce22f90bc
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: e5bcd9eee5f4945b0691ec6f49c0d0bfd8264ead8639e2cc2e8d2eeec4a213b7
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: c3f4b72d495bc5e02035fe09094c9364516eea921d563ba134b7f281812cd936
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: dbf648eb0d6652b30d5812ee39593465f6333e6492baa5db72105722c14fc593
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 51b0f74ebd52b83c565df93516c407a78e2d03c8cb8ed36bb04434fcb6cd4572
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 2e2b3c54cf18abcf956381fa9072e30238dc32cac950e30200a1dce51e8888e9
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_1.noarch.rpm SHA-256: 27fa202348b848568461d4fb1182dd1a0ef792b2f1cd7966f1b3a0be56313650
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_1.noarch.rpm SHA-256: f023e428d381fc6172834e7c5dc33e8646716a6c0870525b9527cbce97995499
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 446ae84947931012ccc7cc057280705307198db2af1e07e0c5653d58b89ef6d5
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_1.ppc64le.rpm SHA-256: 6d738b8233df9306ddb7c4005dc6c77a08a6e9eac91e02931400743a4b7a5d14

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_1.src.rpm SHA-256: 917ac5f75bdcf08682927edfbb0841fdfa1b1d4b5feaa407433afba05b6eb5a2
x86_64
java-1.8.0-openjdk-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: eb39cc60a36a8d1a91889a3998f5d69dabd13587d6157da1cf922e83275052de
java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 24206cba80c4d4cebad28fde305694dd1a9874e160aaa5507eac0b32e2a1c7e3
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 9d3c52b6773caabaae2154618e825ee858febf6619cb32f6e64f72146d2e9e48
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: f8482c805b40adf1d0d8a879f7b22b34fce866c161e5a0ca5fb820a6bb934ed6
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 9bf9fe752295764525015a36332af9ef6423d9b8864348547836fe30083d9cbe
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 405c1d10458d03ea47866f95661522534a3e8b233786e0e11d8e524126dca5e7
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: cc84b738a3cd6666805c92f7f2c0fca26ea2a56b63ed42f8f41b8f267cd6052b
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 7da50c2929abac910f6a9f1ef4a6dd03b4369f8b305353619b26af22cde8e908
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 87b7f6a5446ec9bb9180d387d1ff84be97f468c262fff8f619598e1d3ec7729b
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 89de8c3dac6037ae8b8f57f3940585a73d2716a568dc154b83b5a11ad218692c
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: d9db8a47325ff081736695e3626f72e7d3239e8140e9d19cabc17a14cc83f8c6
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: 746911f313e8f075e8477796c35a2f60439511924e6fefd77c3330dbad463317
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: a049e17715e4448ba38ec47f701b7116904cf607ee67864ccb2b19ad6dc035e3
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el8_1.noarch.rpm SHA-256: 27fa202348b848568461d4fb1182dd1a0ef792b2f1cd7966f1b3a0be56313650
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el8_1.noarch.rpm SHA-256: f023e428d381fc6172834e7c5dc33e8646716a6c0870525b9527cbce97995499
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: cde46df2a4e72ef8ee3d99f1bbf982db969a37847b28f852d3a82a49e25e23d9
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el8_1.x86_64.rpm SHA-256: eea10767d461fceb2f3a8d7dfd1200f5c3c44edd51f21361921d8ef0c521d596

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.