Red Hat Product Errata RHSA-2024:8116 - Security Advisory
Issued:
2024-10-17
Updated:
2024-10-17

RHSA-2024:8116 - Security Advisory

Synopsis

Moderate: java-1.8.0-openjdk security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

  • giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161)
  • JDK: Array indexing integer overflow (8328544) (CVE-2024-21210)
  • JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208)
  • JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217)
  • JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 2251025 - CVE-2023-48161 giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function
  • BZ - 2318524 - CVE-2024-21210 JDK: Array indexing integer overflow (8328544)
  • BZ - 2318526 - CVE-2024-21208 JDK: HTTP client improper handling of maxHeaderSize (8328286)
  • BZ - 2318530 - CVE-2024-21217 JDK: Unbounded allocation leads to out-of-memory error (8331446)
  • BZ - 2318534 - CVE-2024-21235 JDK: Integer conversion error leads to incorrect range check (8332644)
  • RHEL-62293 - Add explicit BuildRequires on make [rhel-7.9.z]

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.src.rpm SHA-256: e042aa151641f89f09dc75c25c4463084f350a09841b40d0aa5895ce53956122
x86_64
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 5d7b6797a0d48118b5c9ab2d5bec7ebcb017e55de502d1bac9307038645d42f7
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 1191488fe66ed429169aee40428b3927491a82abb1f015236ec247399384c9ae
java-1.8.0-openjdk-accessibility-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 92f954c5a04feca1d32c3eddb8b18ca01a8975cfc630ffbf3a1e3ffaf3ec8a75
java-1.8.0-openjdk-accessibility-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 3e88f635429f3779e2882ced19d05e474bff0f7ee4c315623c6622da317615d0
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 14c56a9c0eaa6b13eed53f7a462f4e4991c23228ef717790b480f4c6dc7658b2
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 14c56a9c0eaa6b13eed53f7a462f4e4991c23228ef717790b480f4c6dc7658b2
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 90acbb1f8ff6dd0ab737d4d33be23f1fff2d25a63dae3d540f15a06c938b0b36
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 90acbb1f8ff6dd0ab737d4d33be23f1fff2d25a63dae3d540f15a06c938b0b36
java-1.8.0-openjdk-demo-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: bb9ca63b001cd9907654508040eb4d24d7a09b10dcd166abe2047b0e264ce7b9
java-1.8.0-openjdk-demo-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 352c7ca60c715abdbffa9e09105428f9f7065e94bf0e90fceed79bac42fa83c8
java-1.8.0-openjdk-devel-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: cc75476ab05e87e5a2a0e5a5956f3d9f29f7bc07306beac6196a23eac363ec6a
java-1.8.0-openjdk-devel-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 59255279fb973e1622d3d7208e5de27b4b02950cf62002aa4e24b20f4ca47d0e
java-1.8.0-openjdk-headless-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 4817697c0631e85037c20baf296026aa61f948ceae296e6c4fa0a92f95e1cdb7
java-1.8.0-openjdk-headless-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: 4512bbbbf2515ad348738d369ef6460383ebb4fba3ca6f45dec2e467e73f9093
java-1.8.0-openjdk-javadoc-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: 5865280d111b425e6b1e0ef55da7f1a388112ca37f2aef5a6bd757b24880e8c0
java-1.8.0-openjdk-javadoc-zip-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: c7e6766a70df5a7a1d7ab1f182cffdc9f94a5494541aff88e9a04ba0678a7cfb
java-1.8.0-openjdk-src-1.8.0.432.b06-1.el7_9.i686.rpm SHA-256: 5108024dc13b1b0570cae72895ba3021749bb93f68bde30ed0c8046b68e5f856
java-1.8.0-openjdk-src-1.8.0.432.b06-1.el7_9.x86_64.rpm SHA-256: caf5c8beab3abf70f0c5a60bafd97bdf507d8341255155d47f1968fdb22e383b

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.src.rpm SHA-256: e042aa151641f89f09dc75c25c4463084f350a09841b40d0aa5895ce53956122
s390x
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: e5f24a817ae08f990133d8ff8d04d6bdfc57f0c7fae0b43b4dbaad295aab0b6d
java-1.8.0-openjdk-accessibility-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: 1b2ee870872d90e01c5eaaa56e4d74875aacc9b88d184a378b8ed186c14b547e
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: ba7e6b78eff4f220195ac19cf953ea033d1e484f1d32863047461899e04107c0
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: ba7e6b78eff4f220195ac19cf953ea033d1e484f1d32863047461899e04107c0
java-1.8.0-openjdk-demo-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: 6cdf9d151fe4cc1496ae915b888fcfbcece2d74cd7103aa67014a7cd75d2cfcc
java-1.8.0-openjdk-devel-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: 3822fc8025274bf48d93f11ba481719377eca220828de6343282e6405c345976
java-1.8.0-openjdk-headless-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: a01b8b755751bfa854e61ac9e91dc74440dae3a1072996cf8b739868d110c878
java-1.8.0-openjdk-javadoc-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: 5865280d111b425e6b1e0ef55da7f1a388112ca37f2aef5a6bd757b24880e8c0
java-1.8.0-openjdk-javadoc-zip-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: c7e6766a70df5a7a1d7ab1f182cffdc9f94a5494541aff88e9a04ba0678a7cfb
java-1.8.0-openjdk-src-1.8.0.432.b06-1.el7_9.s390x.rpm SHA-256: 20322f3060470cacefcfeea758e3c5d539feadf9eb46e6d79f9dc26ab285df62

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.src.rpm SHA-256: e042aa151641f89f09dc75c25c4463084f350a09841b40d0aa5895ce53956122
ppc64
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 0638bd2a5c2a53c38218fdc8dc500d7fec22d79af0d8373cb005ef882c5889e4
java-1.8.0-openjdk-accessibility-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: cea66e6f9eb7866fd0774a401fbfa8796cbb79bfc3fee371b6e2927b033a37a3
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 119fa45bcdc331a1b371c633a62fb5de1775d0e91bddf05e76f693c1f89fe7be
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 119fa45bcdc331a1b371c633a62fb5de1775d0e91bddf05e76f693c1f89fe7be
java-1.8.0-openjdk-demo-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 30e604cc8856f7834ef20a54e01ac1933776de3fe195ab70654e9fafe16cd173
java-1.8.0-openjdk-devel-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 07faa7b158d1bcdba4fc89d4f10840cc43652756a212d9bab02a901fed32ab8e
java-1.8.0-openjdk-headless-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 28bbea1a5f192e88fe943d4542d6fbda8722e18484de71502cf27420c82b9763
java-1.8.0-openjdk-javadoc-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: 5865280d111b425e6b1e0ef55da7f1a388112ca37f2aef5a6bd757b24880e8c0
java-1.8.0-openjdk-javadoc-zip-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: c7e6766a70df5a7a1d7ab1f182cffdc9f94a5494541aff88e9a04ba0678a7cfb
java-1.8.0-openjdk-src-1.8.0.432.b06-1.el7_9.ppc64.rpm SHA-256: 2c18b93ea4f079076b1738718bcfaf367141d09352ef4c3cb75777d149eae28b

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.src.rpm SHA-256: e042aa151641f89f09dc75c25c4463084f350a09841b40d0aa5895ce53956122
ppc64le
java-1.8.0-openjdk-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: d89ade532bb80adf18ab8d91e587eff3f7d68af88ca94d399c70836db61d2ef8
java-1.8.0-openjdk-accessibility-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 5b607374e1e827be0cdef488045fbc847c339d26827459177ab66cbd7082d960
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 0e657d93e45fbd90c55ae1814e2c4471072e36bd8020f9234b08745ebe05b68b
java-1.8.0-openjdk-debuginfo-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 0e657d93e45fbd90c55ae1814e2c4471072e36bd8020f9234b08745ebe05b68b
java-1.8.0-openjdk-demo-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: dc68044037c584b58a02e70ff2506cec6870b93d3a25e3bf4d823e6108cb60b9
java-1.8.0-openjdk-devel-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 9dc48e696483402f5b2df18ba381735a8e0b77619b20b1fa80b02419ab16e6b4
java-1.8.0-openjdk-headless-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 3b6574d0196d70bea261e58c0928427fc2d67116a1bc3fb49ad7c2479dbfd31f
java-1.8.0-openjdk-javadoc-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: 5865280d111b425e6b1e0ef55da7f1a388112ca37f2aef5a6bd757b24880e8c0
java-1.8.0-openjdk-javadoc-zip-1.8.0.432.b06-1.el7_9.noarch.rpm SHA-256: c7e6766a70df5a7a1d7ab1f182cffdc9f94a5494541aff88e9a04ba0678a7cfb
java-1.8.0-openjdk-src-1.8.0.432.b06-1.el7_9.ppc64le.rpm SHA-256: 8a696378fc9303f862ef36484889aa836481890ead97ff86335311b727b24365

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.