RedHat: RHSA-2021-0945:01 Moderate: Red Hat Build of OpenJDK 11 (container
Summary
The OpenJDK 11 container images provide the OpenJDK 11 Java Runtime
Environment and the OpenJDK 11 Java Software Development Kit.
This release of the Red Hat Build of OpenJDK 11 (openjdk-11-rhel7:1.1-12
and ubi8-openjdk-11:1.3-10) serves as a replacement for the Red Hat Build
of OpenJDK 11 (openjdk-11-rhel7:1.1-11 and ubi8-openjdk-11:1.3-9), and
includes security and bug fixes, and enhancements. For further information,
refer to the release notes linked to in the References section.
Security Fix(es):
* ubi8/openjdk-11: containers/openjdk: /etc/passwd is given incorrect
privileges (CVE-2021-20264)
* openjdk/openjdk-11-rhel7: containers/openjdk: /etc/passwd is given
incorrect privileges (CVE-2021-20264)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Summary
Solution
Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.
The References section of this erratum contains a link to the updated
containers.
References
https://access.redhat.com/security/cve/CVE-2021-20264 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/4859371 https://catalog.redhat.com/software/containers/openjdk/openjdk-11-rhel7/5bf57185dd19c775cddc4ce5?tag=1.1-12&push_date=1616089599000 https://catalog.redhat.com/software/containers/ubi8/openjdk-11/5dd6a4b45a13461646f677f4?container-tabs=overview&tag=1.3-10&push_date=1616090044000
Package List
Topic
The Red Hat Build of OpenJDK 11 (container images) is now available fromthe Red Hat Customer Portal.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Bugs Fixed
1932283 - CVE-2021-20264 containers/openjdk: /etc/passwd is given incorrect privileges