Red Hat Product Errata RHSA-2023:4160 - Security Advisory
Issued:
2023-07-31
Updated:
2023-07-31

RHSA-2023:4160 - Security Advisory

Synopsis

Important: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR8-FP5.

Security Fix(es):

  • OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930)
  • OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)
  • OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967)
  • OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937)
  • OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938)
  • OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)
  • BZ - 2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
  • BZ - 2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)
  • BZ - 2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
  • BZ - 2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)
  • BZ - 2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 4dc588c3fc813c37791849dd49059890bd305c6091f7d9e02b63e3ff469f4903
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 31035389975a260c590214f3d161a104f8cdadd32bcc9c5dac7f9c15e6760756
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: ce5eedd5b293ee2b3489b0a9aea7963442f693a4d55b773341023f30f42931f6
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: b3f29f42725ef09d288c09a6ae89f7606a46c7d34781d917e0331790eacca56b
java-1.8.0-ibm-plugin-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: e965d99446d4688ba9d5844359886ec7ab3275329ab3e4dc4c7aa8deeb7caaa3
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: df09077de07fe6489a34f92f63f01d5e2140a4de2603c5eff6a67c4a2f23229c

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 4dc588c3fc813c37791849dd49059890bd305c6091f7d9e02b63e3ff469f4903
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 31035389975a260c590214f3d161a104f8cdadd32bcc9c5dac7f9c15e6760756
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: ce5eedd5b293ee2b3489b0a9aea7963442f693a4d55b773341023f30f42931f6
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: b3f29f42725ef09d288c09a6ae89f7606a46c7d34781d917e0331790eacca56b
java-1.8.0-ibm-plugin-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: e965d99446d4688ba9d5844359886ec7ab3275329ab3e4dc4c7aa8deeb7caaa3
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: df09077de07fe6489a34f92f63f01d5e2140a4de2603c5eff6a67c4a2f23229c

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 4dc588c3fc813c37791849dd49059890bd305c6091f7d9e02b63e3ff469f4903
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 31035389975a260c590214f3d161a104f8cdadd32bcc9c5dac7f9c15e6760756
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: ce5eedd5b293ee2b3489b0a9aea7963442f693a4d55b773341023f30f42931f6
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: b3f29f42725ef09d288c09a6ae89f7606a46c7d34781d917e0331790eacca56b
java-1.8.0-ibm-plugin-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: e965d99446d4688ba9d5844359886ec7ab3275329ab3e4dc4c7aa8deeb7caaa3
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: df09077de07fe6489a34f92f63f01d5e2140a4de2603c5eff6a67c4a2f23229c

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.s390x.rpm SHA-256: 85aadbb409d124a0d0c88a7e0e36506b92356d54651e5d45d75237bab746b832
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.s390x.rpm SHA-256: 45ba9374b891f205e95212e738ebc12689d8871795f8cb29509e94cc63b997c5
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.s390x.rpm SHA-256: b60c1cd36b92330aa3c8a8b08518c12c90d843d95dc5d366db2fc3bc2b6852d6
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.s390x.rpm SHA-256: 55e98ff142be7ab7d12f11c740d9fbdc8d27bd4d2189fccf3cb63ca7f78ca8cb
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.s390x.rpm SHA-256: abbe84e680a12704605efa1297c1981889dbff67dea56bbf6dce201c69223b78

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: f3759ccc3aecb350dfdad2ff92629460917d8251f6034d4908daa65153389715
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: 99996e243d3a844e936df31d5f204f0bbccb22b353e66f94f68d0feea883be1f
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: d71ca756d725d89da06abd17fa562ed447fac7f7a7cad27445c4299ba9417f2a
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: 48e53b5daaf8c9f757e4614dc3d38c82fd8c063be22642e903b713c3d2b046c0
java-1.8.0-ibm-plugin-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: 2f5db9e94dbbe52e7e466a2e39acabf96a5c3fca5c1702c288d96149f643d37c
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.ppc64.rpm SHA-256: 3b1c8e0ea84f5349b3e93cd75d3b9220108c20e61b63dc2a481948c0b2d508f3

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 4dc588c3fc813c37791849dd49059890bd305c6091f7d9e02b63e3ff469f4903
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: 31035389975a260c590214f3d161a104f8cdadd32bcc9c5dac7f9c15e6760756
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: ce5eedd5b293ee2b3489b0a9aea7963442f693a4d55b773341023f30f42931f6
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.x86_64.rpm SHA-256: df09077de07fe6489a34f92f63f01d5e2140a4de2603c5eff6a67c4a2f23229c

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.8.5-1jpp.1.el7.ppc64le.rpm SHA-256: 9538dd8d2ce1d9bb6cd0278e64c4a5467bdda90639ec808380417e7b7cb51182
java-1.8.0-ibm-demo-1.8.0.8.5-1jpp.1.el7.ppc64le.rpm SHA-256: acdab440513d556ce823b4e92818431469b011e420dedca5b80c65f13fa212a9
java-1.8.0-ibm-devel-1.8.0.8.5-1jpp.1.el7.ppc64le.rpm SHA-256: 61081d4888745d7423f034d41d8cd0b9363040f77c27b1b2d413c3247c81afc5
java-1.8.0-ibm-jdbc-1.8.0.8.5-1jpp.1.el7.ppc64le.rpm SHA-256: 432c722977867a5d6bfb0acd65f55060be9bf0d3c8f282c418aff1569db54ed3
java-1.8.0-ibm-src-1.8.0.8.5-1jpp.1.el7.ppc64le.rpm SHA-256: f1627d6c2d905224a0dbd26534ece2ad84ffc5e5ccc22295802090f1b7f40de8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.