Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:7009 - Security Advisory
Issued:
2022-10-19
Updated:
2022-10-19

RHSA-2022:7009 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: java-11-openjdk security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

  • OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618)
  • OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
  • OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
  • OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
  • OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)
  • OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
  • BZ - 2133776 - CVE-2022-39399 OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)
  • BZ - 2133817 - CVE-2022-21618 OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)

CVEs

  • CVE-2022-21618
  • CVE-2022-21619
  • CVE-2022-21624
  • CVE-2022-21626
  • CVE-2022-21628
  • CVE-2022-39399

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
java-11-openjdk-11.0.17.0.8-2.el8_1.src.rpm SHA-256: a708e738d82f02fb08f3140b8c9f90edad7c80a3a4fb92eed2414ce531542393
ppc64le
java-11-openjdk-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 556cb38c81b572aa098baaf590f9c736b03209641a148d3e7fa9ceabfff88bbe
java-11-openjdk-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: d985ccef6a5f5f6a624a5957481cf198e32804bc68176cdefd4bde08fbf48d76
java-11-openjdk-debugsource-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: da4a21f9557b49c51163b2964c0fb0b984dbab4a6b64dda4beaf195d3f2f8b0d
java-11-openjdk-demo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 3d62d5feafa7b9204a7d98ec67f606abae31e4451125414460c5f2bb3dd4f4c3
java-11-openjdk-devel-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 121323a92a4e3ee9e6c835341d141c24072ea3da2557ed6dea0cf9e712f8f82b
java-11-openjdk-devel-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 1f14e2123929447b021f77eed04cd9d9541c5bbccd05c4e656d94727a1c89eea
java-11-openjdk-devel-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 4c18ab8306eec0c4df1684bd2cb043c5c5cf4802446a20bbad48789db1ec0e4e
java-11-openjdk-headless-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 9c1b24104984cf76768857ca0c67f7224173ce0994470558d0df82f6c26961bf
java-11-openjdk-headless-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 634adacc104bfb50c1fff447770b90a08aca618a6984247d403bc78002288a54
java-11-openjdk-headless-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: ce5d966cbaa334effb27c6d72cada9b529b32ac59701a80ad7d6e3e69565e4c8
java-11-openjdk-javadoc-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: bb21a2f86ce9ed3bedca79ed5fbb5aa843bd21da197b12d67fa7398e7b41268e
java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 4c3350e29bf06479e76474b0d9e4031b247ba8f4b1fdfc5ab5db6d43c343a5b2
java-11-openjdk-jmods-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 629ae1b06129cbd7bbbc9e5a306d17feb66817508c4f74e63fa2777e36b4da79
java-11-openjdk-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: 653d95cf1c44c39c4dd7ec6ed3f4617c6fc9d6e33de2012302364f224248420c
java-11-openjdk-src-11.0.17.0.8-2.el8_1.ppc64le.rpm SHA-256: e4b8410e6dd89bbb3a4b58d207877cd1a031b30a44a067fb270a5f618eca2db2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
java-11-openjdk-11.0.17.0.8-2.el8_1.src.rpm SHA-256: a708e738d82f02fb08f3140b8c9f90edad7c80a3a4fb92eed2414ce531542393
x86_64
java-11-openjdk-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 31625d72d2affefef2fbb24b1c13a13bd2048b1e42e57f48f141af68383ef5f1
java-11-openjdk-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: b64e914ac63204d86c6d99fd377d387f7e143378c56a8befed56b0d39d3c12f6
java-11-openjdk-debugsource-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 60aaa7a7f200926f1ac5ddc27e3ab47fc667a97c2e547e43d0a6f03570813e46
java-11-openjdk-demo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: b7e0e6ef555e94e84c3d2c5fea2096c927d9885471bb6929d8dd5dfada2e084a
java-11-openjdk-devel-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 416dfd032c4956ce25928129b65e27f747f9fbbdfd991ce60f3a439fb739217c
java-11-openjdk-devel-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: b67192abeb260f6ec9a0e0323e2051fd0e37e299307a99d46270ce53121bbc9d
java-11-openjdk-devel-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: f070e53013a760c7cfec5e19264c96b0ed2302aa16ddf2ab2e3f3983b47b64bd
java-11-openjdk-headless-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 635e927d470b882e2b1d34689676780d9d3c01c673c4f8be486419b2c73b7d86
java-11-openjdk-headless-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 16827fb37509a874ae841a30d797238b9993262150797e15191a8a7e4f2e02e0
java-11-openjdk-headless-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 09a8347458dc17c671703f45e729feed43c6cc6c7baf614810fb8ed3eb20cab1
java-11-openjdk-javadoc-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 1fa9edf71bf47f39c24942b22d8a88355e93afa48f15d4482ae2c1d77c508153
java-11-openjdk-javadoc-zip-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: be1bec8030fd67afa9d9220fca34a2660b5b058831657fef06d08823ae782b69
java-11-openjdk-jmods-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 4670c6e0c31d1057b66885e945cd3c8fc433ff4ffc7ebfd511af7f8f9aeeaf62
java-11-openjdk-slowdebug-debuginfo-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: e8ffc46343568ab77442f1f19608e73ada35650fdcf3ea7cce0bf4b1cb6f32ca
java-11-openjdk-src-11.0.17.0.8-2.el8_1.x86_64.rpm SHA-256: 732355a374beb9a66abcefe596d9e0ceb046c35b3e51d419adb632cc7358379b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility