Issued:: 2023-04-25
Updated:: 2023-04-25

RHSA-2023:1905 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-1.8.0-openjdk security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954)
OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

BZ - 2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)
BZ - 2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)
BZ - 2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
BZ - 2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)
BZ - 2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
BZ - 2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)
BZ - 2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.src.rpm	SHA-256: e9c9b4cbaa54107c9ce9bf8b6a3a3ff3912e1b892f57ed46fbee477215b77847
x86_64
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: b4b56bf8b2e05208fc028d951e1f9648b694e33be06bcbf0809eb451be5fdde6
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1ba3f30f54627cfa9b862c2a6ee2edfc7a28dd862ccaa0641d1a423f3cb7abaf
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1e8f48a1979b29b10d4afec62c0a85dc8ac5ff6642a07ed8082bac4725a1c12f
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8e5cefe5db76cb938ad33a8e933fe7263419ccdc7099bb528ba975627fc03441
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1839fad65912b5f99664bd2dfb968b11f6aa0496f979562aa50ac4db2cc7968e
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 331ccb315421365528f274d97e2237128e8ba624a74b49f0c3b963779e8234a3
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 94813b86870334c513a3318182786b509d6346d43a2e146230e058dd76d1e17a
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8689a12f94897a536a44923ea4816be8216a6920fb5abeddb84824bbf5bb9cda
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: e262a4557fc034acedd401865eb6cfde5e1d143f27605a64a663233b9f4ac741
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1c28c0fcfc5f5cf467e31ca1c46f08434ada7cb108bdbe903c64aa4179dd0a78
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1b28997ce37f08c014700397b1518dbe8cce8873fe2e9ab8e293154a2d4901ee
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 01bc69378b4849f88cbf59b5b0bb9f551c3452088d833ce324081117a9bd7352
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: a87a75c7bfb379d79cd09a2af85046f73eefe32e5df17ad0e58de82a2af6bf4e
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: e8c4d4efc64d38159b8f14ea4dac6acf053a024223bb9a4ad28a4263b23b5a3f
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: 76107ee6949db00f7cb1575b2775672e4634f6c3f525f76ede8606e4a1dad3f6
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 23d93363dfcde49b9b873d8591034072c6b8a7ca07ced9eec4395d210c15f01f
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: aef9b348c42af56f15a08fbd0a979750d07dd518d307c0ef91de2cc6be341cbc

Red Hat Enterprise Linux Server - TUS 8.2

SRPM
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.src.rpm	SHA-256: e9c9b4cbaa54107c9ce9bf8b6a3a3ff3912e1b892f57ed46fbee477215b77847
x86_64
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: b4b56bf8b2e05208fc028d951e1f9648b694e33be06bcbf0809eb451be5fdde6
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1ba3f30f54627cfa9b862c2a6ee2edfc7a28dd862ccaa0641d1a423f3cb7abaf
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1e8f48a1979b29b10d4afec62c0a85dc8ac5ff6642a07ed8082bac4725a1c12f
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8e5cefe5db76cb938ad33a8e933fe7263419ccdc7099bb528ba975627fc03441
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1839fad65912b5f99664bd2dfb968b11f6aa0496f979562aa50ac4db2cc7968e
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 331ccb315421365528f274d97e2237128e8ba624a74b49f0c3b963779e8234a3
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 94813b86870334c513a3318182786b509d6346d43a2e146230e058dd76d1e17a
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8689a12f94897a536a44923ea4816be8216a6920fb5abeddb84824bbf5bb9cda
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: e262a4557fc034acedd401865eb6cfde5e1d143f27605a64a663233b9f4ac741
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1c28c0fcfc5f5cf467e31ca1c46f08434ada7cb108bdbe903c64aa4179dd0a78
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1b28997ce37f08c014700397b1518dbe8cce8873fe2e9ab8e293154a2d4901ee
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 01bc69378b4849f88cbf59b5b0bb9f551c3452088d833ce324081117a9bd7352
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: a87a75c7bfb379d79cd09a2af85046f73eefe32e5df17ad0e58de82a2af6bf4e
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: e8c4d4efc64d38159b8f14ea4dac6acf053a024223bb9a4ad28a4263b23b5a3f
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: 76107ee6949db00f7cb1575b2775672e4634f6c3f525f76ede8606e4a1dad3f6
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 23d93363dfcde49b9b873d8591034072c6b8a7ca07ced9eec4395d210c15f01f
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: aef9b348c42af56f15a08fbd0a979750d07dd518d307c0ef91de2cc6be341cbc

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.src.rpm	SHA-256: e9c9b4cbaa54107c9ce9bf8b6a3a3ff3912e1b892f57ed46fbee477215b77847
ppc64le
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: b40f3e09fe67aab9ffbf0645c1a4f0700b2167e155a0badc8b727f3a25ad102e
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: ab82808003e061b23c871891825ca6207facf803e5dceb0f66312833dc74ca58
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: f043a5ee631fec67efb2437bbd935cb8d2d65f5b68da87eabe9a0ed71961d6d8
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 1d19ee2f5f966687427c729408b4498c7cb430bc6ef799879db2eafd95b38897
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 5a975bb625ce35f1b1d5bdb06bba9c97c59ef28f4204876753be047b39398538
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 37d64c5707d1744d31a6f597a2511a20e4d8bb6cddabed669b4d0c169318b513
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: bb96cd17edbb8bf2d90df6e43fb50e766aa28e8ec66e062f8c872844f05cc7eb
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: fb93dd1297204a01c0bd9db53ffa064449eacf640d788e9b45fc83dc57fb8556
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 7f3a5ce96805606be19fcc92969d742e60667442c12a420ba7bfd628a747c556
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 0212de52ba5871bd0a2c0c700d9b1bb9b74a4ab830941d527894dee96df20c0d
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: f0d13dbe31f411db34a76518507c933eac4219c9f082a11e23dea332230c714c
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: a432bc7de69472656524842d37d314080b833d717e01e3766932081624e7a54d
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: ad686aa2646049605ffdbe914b74d9e4769aed3a854a5db7bffeffe232f905a9
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: e8c4d4efc64d38159b8f14ea4dac6acf053a024223bb9a4ad28a4263b23b5a3f
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: 76107ee6949db00f7cb1575b2775672e4634f6c3f525f76ede8606e4a1dad3f6
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: 29a1c32f49b1c00edca0c1546b4dbc1b7ac86ee87fa75c1ebd59829efb3efc23
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_2.ppc64le.rpm	SHA-256: cca5c5c62116c2d0f3c586f8234a66692cd7600d0be926ea25a7a8cd647cb810

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.src.rpm	SHA-256: e9c9b4cbaa54107c9ce9bf8b6a3a3ff3912e1b892f57ed46fbee477215b77847
x86_64
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: b4b56bf8b2e05208fc028d951e1f9648b694e33be06bcbf0809eb451be5fdde6
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1ba3f30f54627cfa9b862c2a6ee2edfc7a28dd862ccaa0641d1a423f3cb7abaf
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1e8f48a1979b29b10d4afec62c0a85dc8ac5ff6642a07ed8082bac4725a1c12f
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8e5cefe5db76cb938ad33a8e933fe7263419ccdc7099bb528ba975627fc03441
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1839fad65912b5f99664bd2dfb968b11f6aa0496f979562aa50ac4db2cc7968e
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 331ccb315421365528f274d97e2237128e8ba624a74b49f0c3b963779e8234a3
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 94813b86870334c513a3318182786b509d6346d43a2e146230e058dd76d1e17a
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 8689a12f94897a536a44923ea4816be8216a6920fb5abeddb84824bbf5bb9cda
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: e262a4557fc034acedd401865eb6cfde5e1d143f27605a64a663233b9f4ac741
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1c28c0fcfc5f5cf467e31ca1c46f08434ada7cb108bdbe903c64aa4179dd0a78
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 1b28997ce37f08c014700397b1518dbe8cce8873fe2e9ab8e293154a2d4901ee
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 01bc69378b4849f88cbf59b5b0bb9f551c3452088d833ce324081117a9bd7352
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: a87a75c7bfb379d79cd09a2af85046f73eefe32e5df17ad0e58de82a2af6bf4e
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: e8c4d4efc64d38159b8f14ea4dac6acf053a024223bb9a4ad28a4263b23b5a3f
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8_2.noarch.rpm	SHA-256: 76107ee6949db00f7cb1575b2775672e4634f6c3f525f76ede8606e4a1dad3f6
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: 23d93363dfcde49b9b873d8591034072c6b8a7ca07ced9eec4395d210c15f01f
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_2.x86_64.rpm	SHA-256: aef9b348c42af56f15a08fbd0a979750d07dd518d307c0ef91de2cc6be341cbc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation