Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Red Hat Enterprise Linux 7 RHSA-2018:2242 Moderate OpenJDK Security Fix

Calendar Jul 23, 2018 User Avatar LinuxSecurity Advisories
11 - 22 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory security update bug fix Red Hat Enterprise Linux moderate severity Java Runtime OpenJDK
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-openjdk security and bug fix update
Advisory ID:       RHSA-2018:2242-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2242
Issue date:        2018-07-23
CVE Names:         CVE-2018-2952 
====================================================================
1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le, s390x

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: insufficient index validation in PatternSyntaxException
getMessage() (Concurrency, 8199547) (CVE-2018-2952)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.

Bug Fix(es):

* This update applies changes from OpenJDK upstream version 8u172, which
provides a number of bug fixes over the previous version, 8u171.
(BZ#1588364)

* OpenJDK was recently updated to support reading the system certificate
authority database (cacerts) directly. As an unintended consequence, this
removed the ability to read certificates from the user-provided jssecacerts
file. With this update, that ability is restored by reading from that file
first, if available. (BZ#1593737)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1588364 - Update OpenJDK to 8u172 ahead of the July 2018 security update [rhel-7.5.z]
1593737 - OpenJDK not read jssecacerts file [rhel-7.5.z]
1600925 - CVE-2018-2952 OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm

x86_64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm

x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm

x86_64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm

x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm

ppc64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.ppc64.rpm

ppc64le:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.ppc64le.rpm

s390x:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.s390x.rpm

x86_64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm

aarch64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.aarch64.rpm

ppc64le:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.ppc64le.rpm

s390x:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.s390x.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:
java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm

ppc64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.ppc64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.ppc64.rpm

ppc64le:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm

s390x:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.s390x.rpm

x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

aarch64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.aarch64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.aarch64.rpm

noarch:
java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm

ppc64le:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.ppc64le.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.ppc64le.rpm

s390x:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.s390x.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.s390x.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm

x86_64:
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm

x86_64:
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-2952
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBW1Xu1NzjgjWX9erEAQhwwg/9GYl+ojaQjYi7diEWBMdzv37A2/PPHHg9
M3iTC93/JslZC65sI7bq5xiUuuwkLCWjiSYJ9xUQdo7efjtCmqFSI5KPiSFbzI4l
uyM8mI+Va11ncW3zg5+Ttj91KGt8k0D4C9qg+H/wd9QqMMW+dA0J18zxM2M5wxiU
zypwf/rzlZJg3LZ0ZOIGwHVd8hyGB7lobcIUEumCYm7uL+veoMZxQJWoQXvVC3xB
akSk4svi1NdVlIBrAKNe5v7sfFu/UF+ngIFQQ7MAtNFUFVlO5RQW7ALYuV+VQ3v9
TIywxuGgojd7pye/zofC6NLA0YghUv69tz/803wzy4v1JHL8Rw34+NBkcM54PCLH
REMh0q8+GUZ4VbRG09JYDsM9wOQAIye4U88zim9olhulzxKvEt86JHOENOFQveQj
WUcsYHTK02HHAqrbmG/q233wwbMfCNheWtTNFXXncR5ryhGOkFtWvkRLFdr/2VTO
C+vSLaAoZAWK2WnjYS8xJIUEl/2MJCm0YuExFT5ja4Mp/bXSUYbLhOQ8ATenF2lL
g5uh3jWKBx3ySBB0hH9jf2ch0N7c6C9349BKiLBCNnZIoJ416Wb6TEK3FunN/AOi
0pOKASAQdQ399h5nhyUXX9lDyFvYfvoB68dUk9/BYZGSR8lJnREs9eQbxG8P4MNd
ycIuJFA0scc=+721
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Red Hat Enterprise Linux 7 RHSA-2018:2242 Moderate OpenJDK Security Fix

red hat
Calendar Grey July 23, 2018
Dist Redhat Esm H88
Explore the recent security enhancement and bug correction update for java-1.8.0-openjdk in Red Hat Enterprise Linux 7.
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take effect.

Summary

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Security Fix(es):
* OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
Bug Fix(es):
* This update applies changes from OpenJDK upstream version 8u172, which provides a number of bug fixes over the previous version, 8u171. (BZ#1588364)
* OpenJDK was recently updated to support reading the system certificate authority database (cacerts) directly. As an unintended consequence, this removed the ability to read certificates from the user-provided jssecacerts file. With this update, that ability is restored by reading from that file first, if available. (BZ#1593737)

Topics%20covered

Topics Covered

security advisory security update bug fix Red Hat Enterprise Linux moderate severity Java Runtime OpenJDK

References

https://access.redhat.com/security/cve/CVE-2018-2952 https://access.redhat.com/security/updates/classification/#moderate

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm
x86_64: java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
x86_64: java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.181-3.b13.el7_5.x86_64.rpm

Read the Full Advisory


Advisory ID: RHSA-2018:2242-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2018:2242
Issue date: 2018-07-23

Topic

An update for java-1.8.0-openjdk is now available for Red Hat EnterpriseLinux 7.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory security update bug fix Red Hat Enterprise Linux moderate severity Java Runtime OpenJDK

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le, s390x

Bugs Fixed

1588364 - Update OpenJDK to 8u172 ahead of the July 2018 security update [rhel-7.5.z]

1593737 - OpenJDK not read jssecacerts file [rhel-7.5.z]

1600925 - CVE-2018-2952 OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here