Issued:: 2023-08-30
Updated:: 2023-08-30

RHSA-2023:4876 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: java-1.8.0-ibm security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR8-FP10.

Security Fix(es):

OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

CVEs

CVE-2023-22049

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: ea0d7aa43a475efb6fb5c60dc6dcdcacee14d4f2d2cfeb3f6206443e7e6e3bc8
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 0c53caebd13d3e09bcd5390169c1479897f12b89f59da9098457030676629265
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 368df363fb273ca3f91055dc2254a39aebdffa8a5052aade22a93317674032f0
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: fc1a3d6d52b17976533342044c9d39a2d9330fa8425883843be3df2a7612fd08
java-1.8.0-ibm-plugin-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 04f1c3e1da708c0f78d40bb9c2bc4d46901a669253322110082763d784a8056d
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 5ec5895e8b34f9224ba3b88da7c50c614104bf6d088f8ad524f0fa566209572c

Red Hat Enterprise Linux Workstation 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: ea0d7aa43a475efb6fb5c60dc6dcdcacee14d4f2d2cfeb3f6206443e7e6e3bc8
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 0c53caebd13d3e09bcd5390169c1479897f12b89f59da9098457030676629265
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 368df363fb273ca3f91055dc2254a39aebdffa8a5052aade22a93317674032f0
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: fc1a3d6d52b17976533342044c9d39a2d9330fa8425883843be3df2a7612fd08
java-1.8.0-ibm-plugin-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 04f1c3e1da708c0f78d40bb9c2bc4d46901a669253322110082763d784a8056d
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 5ec5895e8b34f9224ba3b88da7c50c614104bf6d088f8ad524f0fa566209572c

Red Hat Enterprise Linux Desktop 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: ea0d7aa43a475efb6fb5c60dc6dcdcacee14d4f2d2cfeb3f6206443e7e6e3bc8
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 0c53caebd13d3e09bcd5390169c1479897f12b89f59da9098457030676629265
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 368df363fb273ca3f91055dc2254a39aebdffa8a5052aade22a93317674032f0
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: fc1a3d6d52b17976533342044c9d39a2d9330fa8425883843be3df2a7612fd08
java-1.8.0-ibm-plugin-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 04f1c3e1da708c0f78d40bb9c2bc4d46901a669253322110082763d784a8056d
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 5ec5895e8b34f9224ba3b88da7c50c614104bf6d088f8ad524f0fa566209572c

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
s390x
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.s390x.rpm	SHA-256: f09c8e229ef27ae2be27d62d9e59d818a5bf54474ddb94023a8422ae2aa5f691
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.s390x.rpm	SHA-256: dae8322c62d109da76ef5a7d23752a9022f2aaf5424bf981d6b02ba2bde5826a
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.s390x.rpm	SHA-256: 97b5b6705fb03d4837f502fd1577df13306b9805a790955a81c96ac1115734a7
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.s390x.rpm	SHA-256: 92790d85a224b8675a42dc052cc0a82944bbd825595fac59ae7fa061b787c03b
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.s390x.rpm	SHA-256: afdea4e6889f55c7eeb92e06dd5573eba4777ec4fdace33fb64b24518d2841cc

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ppc64
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: 983922f38f38ab9bf91763f53d2521f0cdaa5d546709384db49b7879a31472bc
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: 03d1be3d5a06ddcd309c62b692d8c10cad1a98f723d7664a836073cb9a51e6fe
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: 0f61df31225536d4d4307ade34c8edd1bc0b4305614145b1076f5b2427e585d8
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: fde8c2320a40ae98a2ace18ae5897d769bbb3466edc367356e6d668ca1a3c098
java-1.8.0-ibm-plugin-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: b9c22f3cc9d17a9a6f30452c2b200315dcb32d78ac38e860e36545c1da1da147
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.ppc64.rpm	SHA-256: e9e47b4fa18e06ccd039ee033142c3765f31f7da21ff161e08df729599f132c0

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
x86_64
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: ea0d7aa43a475efb6fb5c60dc6dcdcacee14d4f2d2cfeb3f6206443e7e6e3bc8
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 0c53caebd13d3e09bcd5390169c1479897f12b89f59da9098457030676629265
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 368df363fb273ca3f91055dc2254a39aebdffa8a5052aade22a93317674032f0
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.x86_64.rpm	SHA-256: 5ec5895e8b34f9224ba3b88da7c50c614104bf6d088f8ad524f0fa566209572c

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ppc64le
java-1.8.0-ibm-1.8.0.8.10-1jpp.1.el7.ppc64le.rpm	SHA-256: 53cb0bf344e76759958491c92926029951ff143667e33247408d66d9b12d07b7
java-1.8.0-ibm-demo-1.8.0.8.10-1jpp.1.el7.ppc64le.rpm	SHA-256: 791a44ce03aec5573f28196d31006d0b3e32b94f275093e6af7b7d7bc3bd21d6
java-1.8.0-ibm-devel-1.8.0.8.10-1jpp.1.el7.ppc64le.rpm	SHA-256: fa9329111e7ac9dfce719ee8866f90585274c8e19d0e248c79a3726b52788ab6
java-1.8.0-ibm-jdbc-1.8.0.8.10-1jpp.1.el7.ppc64le.rpm	SHA-256: b43e2bb643db2a0a91e19b96df4a889ae655cab3a7b2979d2db4091ecf2d9489
java-1.8.0-ibm-src-1.8.0.8.10-1jpp.1.el7.ppc64le.rpm	SHA-256: edf023bf6fd26fd27c161e0a657561603540e99bb0779d0096819b03160d9d5d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation