Issued:: 2023-07-17
Updated:: 2023-07-17

RHSA-2023:4103 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR8-FP5.

Security Fix(es):

OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le

Fixes

BZ - 2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)
BZ - 2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
BZ - 2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)
BZ - 2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
BZ - 2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)
BZ - 2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: e9c00b8c0b3a3a2e2edac2d4103b79136d7aebe370a0d06e4c9940ae7d77747a
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 21bdb4572d8f65dab1aad7ef81d3de5e30443c186ad192e5d6a90265a1270b31
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 622ba38ef440f7ba389c9d98079f77e42bbe0ce9680ff1c8f2292e2aa8c55d1c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 07324baae014a07ba209507452c6d7a12d3b6dd165e9249033b728f397afee61
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 993301a82933581a5f472f0b6eba3ef86341d07739771dcaf334677aaf663227
java-1.8.0-ibm-plugin-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: b078f1d0fd27daac7f8527c0fe3469950953aadc6c01845a3da3580472d5982b
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 256685424566f6c1e91cb2800964acaf5cebbd6c732d791c15487e2d5eac595a
java-1.8.0-ibm-webstart-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: fb255d23986f975966515be1b39f04a6c177d3e70138917ca533e630fa766def

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: e9c00b8c0b3a3a2e2edac2d4103b79136d7aebe370a0d06e4c9940ae7d77747a
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 21bdb4572d8f65dab1aad7ef81d3de5e30443c186ad192e5d6a90265a1270b31
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 622ba38ef440f7ba389c9d98079f77e42bbe0ce9680ff1c8f2292e2aa8c55d1c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 07324baae014a07ba209507452c6d7a12d3b6dd165e9249033b728f397afee61
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 993301a82933581a5f472f0b6eba3ef86341d07739771dcaf334677aaf663227
java-1.8.0-ibm-plugin-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: b078f1d0fd27daac7f8527c0fe3469950953aadc6c01845a3da3580472d5982b
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: 256685424566f6c1e91cb2800964acaf5cebbd6c732d791c15487e2d5eac595a
java-1.8.0-ibm-webstart-1.8.0.8.5-1.el8_8.x86_64.rpm	SHA-256: fb255d23986f975966515be1b39f04a6c177d3e70138917ca533e630fa766def

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
s390x
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 10c087a739fbc4d6cf63d9de5507585164bd2eadd8f971303672c4c4f7a4f456
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 49c2530100a07348b9909ac360d4626bfefb7ec6c540c14b7d5e31e9d7077287
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: b8a19c0f0d7710c786a71ffebdfc6b925da6dfc6876701984b2b59f55257bc6c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 7972ed6d649e60f0ed6c7397128337854e493ba5b9cb863cd66949a0d7c8d45a
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: eb7a6babb5820fb55d019e64d56c27288c33c6aeddb2dc4521f846e74704fed7
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 5adbc473c85217e1084173da576ca94d5ad3b281cba1197059f903120d56071c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
s390x
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 10c087a739fbc4d6cf63d9de5507585164bd2eadd8f971303672c4c4f7a4f456
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 49c2530100a07348b9909ac360d4626bfefb7ec6c540c14b7d5e31e9d7077287
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: b8a19c0f0d7710c786a71ffebdfc6b925da6dfc6876701984b2b59f55257bc6c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 7972ed6d649e60f0ed6c7397128337854e493ba5b9cb863cd66949a0d7c8d45a
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: eb7a6babb5820fb55d019e64d56c27288c33c6aeddb2dc4521f846e74704fed7
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.s390x.rpm	SHA-256: 5adbc473c85217e1084173da576ca94d5ad3b281cba1197059f903120d56071c

Red Hat Enterprise Linux for Power, little endian 8

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 6c2c4bec79aa7d25ccfa7f12337af63e5c7887963765d3f8661841cc69732af7
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 8db4d376d5cd9cbf61f42592660189b54e140b57273e3e832998dff7cc5bfcab
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: a58ca2e98a7b243e8ed7280817eae6659639949e0b73ccb9399bf0a4e510346c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 359df560a2971e73439cdb358bad924aa67ac010e8f761368f7da1a8efe76e6c
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 405fcf54aab14c7648a096eb344c2ae027eb50248d6e2aa890cc12df953753c9
java-1.8.0-ibm-plugin-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: dda940fbc9b180f2ebe46d38f0fdb4593191269ba7a901ebc786f8ce245eb076
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: dd0b8b983f5735bbc5d9eeda8224ad5b70ce730056c6f4cd4774d2258886af84
java-1.8.0-ibm-webstart-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 035d406d6b42065aeafbfba41dbcdb02068f2cbeda78f19dc1007b7e2773a9e2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 6c2c4bec79aa7d25ccfa7f12337af63e5c7887963765d3f8661841cc69732af7
java-1.8.0-ibm-demo-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 8db4d376d5cd9cbf61f42592660189b54e140b57273e3e832998dff7cc5bfcab
java-1.8.0-ibm-devel-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: a58ca2e98a7b243e8ed7280817eae6659639949e0b73ccb9399bf0a4e510346c
java-1.8.0-ibm-headless-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 359df560a2971e73439cdb358bad924aa67ac010e8f761368f7da1a8efe76e6c
java-1.8.0-ibm-jdbc-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 405fcf54aab14c7648a096eb344c2ae027eb50248d6e2aa890cc12df953753c9
java-1.8.0-ibm-plugin-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: dda940fbc9b180f2ebe46d38f0fdb4593191269ba7a901ebc786f8ce245eb076
java-1.8.0-ibm-src-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: dd0b8b983f5735bbc5d9eeda8224ad5b70ce730056c6f4cd4774d2258886af84
java-1.8.0-ibm-webstart-1.8.0.8.5-1.el8_8.ppc64le.rpm	SHA-256: 035d406d6b42065aeafbfba41dbcdb02068f2cbeda78f19dc1007b7e2773a9e2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation