Red Hat Product Errata RHSA-2022:8880 - Security Advisory
Issued:
2022-12-07
Updated:
2022-12-07

RHSA-2022:8880 - Security Advisory

Synopsis

Moderate: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR7-FP20.

Security Fix(es):

  • OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626)
  • OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628)
  • OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619)
  • OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2133745 - CVE-2022-21619 OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)
  • BZ - 2133753 - CVE-2022-21626 OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
  • BZ - 2133765 - CVE-2022-21624 OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
  • BZ - 2133769 - CVE-2022-21628 OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: afa328906cb182b11af528a5ca42ff12d967e9f23e1baec9bef83f5c87dad0ca
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: a934b273b615f24351bd292565d580234f55693350decadb3c9454d2b185c629
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f4cdcd53b521b4b3e2dcb10a04476b85b115a2142822734e55bd268940b2112d
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: fe55e174078a3dc88075a350ac4461eb75921f7d67f38e61612fcee747eb9a73
java-1.8.0-ibm-plugin-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f50e02f5dc2b6f45ba1c909a2cdae84b9a21b2fb266dbbdb7d967e7d96fb6c09
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: 1ae84c12bfb65b5fbda460735348fbd5e314be6087025bf327fc6f2b94970054

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: afa328906cb182b11af528a5ca42ff12d967e9f23e1baec9bef83f5c87dad0ca
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: a934b273b615f24351bd292565d580234f55693350decadb3c9454d2b185c629
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f4cdcd53b521b4b3e2dcb10a04476b85b115a2142822734e55bd268940b2112d
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: fe55e174078a3dc88075a350ac4461eb75921f7d67f38e61612fcee747eb9a73
java-1.8.0-ibm-plugin-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f50e02f5dc2b6f45ba1c909a2cdae84b9a21b2fb266dbbdb7d967e7d96fb6c09
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: 1ae84c12bfb65b5fbda460735348fbd5e314be6087025bf327fc6f2b94970054

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: afa328906cb182b11af528a5ca42ff12d967e9f23e1baec9bef83f5c87dad0ca
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: a934b273b615f24351bd292565d580234f55693350decadb3c9454d2b185c629
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f4cdcd53b521b4b3e2dcb10a04476b85b115a2142822734e55bd268940b2112d
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: fe55e174078a3dc88075a350ac4461eb75921f7d67f38e61612fcee747eb9a73
java-1.8.0-ibm-plugin-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f50e02f5dc2b6f45ba1c909a2cdae84b9a21b2fb266dbbdb7d967e7d96fb6c09
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: 1ae84c12bfb65b5fbda460735348fbd5e314be6087025bf327fc6f2b94970054

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.s390x.rpm SHA-256: bb1d1f36c95610c3f35dd87f4b11af82e5f86908f1a79c6f00d7f41bc8ad55d1
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.s390x.rpm SHA-256: 2334fae2a20f132e786a16ef2da12af98147493427a3c8976a3fb013ea718616
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.s390x.rpm SHA-256: e8f68e86e101a1a1b5fa42c30bea11d880c8b3c4e83379fc416eed93e595e007
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.s390x.rpm SHA-256: 847329bc9c14cfdf7ad67baf3cfd925b4fa6da3315a265a70d61e5dcdb22dccc
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.s390x.rpm SHA-256: ed193fc44cbcdc500a10e324d4cd7c6fe033c5df7e7ceb153336d36726340733

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: daba700e826a01da216cba7c24d47099899682f15d231d5fc52f3d0275a3c38e
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: 886ce4c4149723f479b11ecda276b1d261edab4487909ea4cd6e1a8cfa2ad129
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: e20bdca2aac9f8d4ac4643587ba2616ea7ea79dfdbfad7cf3834b27a9354bb0b
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: 73a76fe6f368e19b733b9be7f5473d0776df14f65ddac959b48366dc7c0ef1fd
java-1.8.0-ibm-plugin-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: f981194230a8cc2af83fb510793dec924bca84ecee909779514e7d3516156c60
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.ppc64.rpm SHA-256: 0b332a2ef4105a4524938bf452cc660de1d29ed18435e014664f355f72b57143

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: afa328906cb182b11af528a5ca42ff12d967e9f23e1baec9bef83f5c87dad0ca
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: a934b273b615f24351bd292565d580234f55693350decadb3c9454d2b185c629
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: f4cdcd53b521b4b3e2dcb10a04476b85b115a2142822734e55bd268940b2112d
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.x86_64.rpm SHA-256: 1ae84c12bfb65b5fbda460735348fbd5e314be6087025bf327fc6f2b94970054

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.7.20-1jpp.1.el7.ppc64le.rpm SHA-256: bf7579bc3f7120955d84f3f86608a0978c87c514888b1743a58ad59ce74bc5e4
java-1.8.0-ibm-demo-1.8.0.7.20-1jpp.1.el7.ppc64le.rpm SHA-256: 9167dc65e60e972dd38efe8630473b5a79918c7042cc91690c3f53323eb55782
java-1.8.0-ibm-devel-1.8.0.7.20-1jpp.1.el7.ppc64le.rpm SHA-256: 76230be5bbe09fda8596ba2824452e856e8aa78a6c203d218b82c8bedcf02fc8
java-1.8.0-ibm-jdbc-1.8.0.7.20-1jpp.1.el7.ppc64le.rpm SHA-256: ec911410c448c0b2be3e41e0eb711fbb5d891f43b2cf84e9ae817af0ac2bd1ef
java-1.8.0-ibm-src-1.8.0.7.20-1jpp.1.el7.ppc64le.rpm SHA-256: 2d1ad731642c5b2f57e4c6a99b43afb92fb03df7bef3f8656bfcc93cbaa91c0d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.