{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2023:0208","synopsis":"Moderate: java-1.8.0-openjdk security and bug fix update","severity":"SEVERITY_MODERATE","topic":"An update is available for java-1.8.0-openjdk.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list","description":"The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830)\n\n* OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705)\n\n* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910)\n\n* solr broken due to access denied (\"java.io.FilePermission\" \"\/etc\/pki\/java\/cacerts\" \"read\") [rhel-8, openjdk-8] (BZ#2163595)","solution":null,"affectedProducts":["Rocky Linux 8"],"fixes":[{"ticket":"2139705","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2139705","description":"* Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()"},{"ticket":"2159910","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2159910","description":"* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8]"},{"ticket":"2160475","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2160475","description":""},{"ticket":"2160490","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2160490","description":""},{"ticket":"2163595","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2163595","description":"* solr broken due to access denied (\"java.io.FilePermission\" \"\/etc\/pki\/java\/cacerts\" \"read\") [rhel-8, openjdk-8]"}],"cves":[{"name":"CVE-2023-21830","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-21830","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N","cvss3BaseScore":"5.3","cwe":"CWE-502"},{"name":"CVE-2023-21843","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-21843","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N","cvss3BaseScore":"3.7","cwe":"CWE-646"}],"references":[],"publishedAt":"2023-01-26T20:49:48Z","rpms":{"Rocky Linux 8":{"nvras":["java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.src.rpm","java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-accessibility-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-accessibility-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-accessibility-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-accessibility-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-accessibility-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-accessibility-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-debugsource-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-debugsource-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-demo-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-demo-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-devel-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-devel-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-headless-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-headless-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-javadoc-1:1.8.0.362.b09-2.el8_7.noarch.rpm","java-1.8.0-openjdk-javadoc-zip-1:1.8.0.362.b09-2.el8_7.noarch.rpm","java-1.8.0-openjdk-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-src-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-src-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-src-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-src-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm","java-1.8.0-openjdk-src-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm","java-1.8.0-openjdk-src-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm"]}},"rebootSuggested":false,"buildReferences":[]}

Rocky Linux: RLSA-2023:0208 java-1.8.0-openjdk security and bug fix update

January 26, 2023
An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Summary

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595)

RPMs

java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.src.rpm

java-1.8.0-openjdk-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-accessibility-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-accessibility-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-accessibility-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-accessibility-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-accessibility-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-accessibility-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-debugsource-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-debugsource-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-demo-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-devel-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-fastdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-headless-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-javadoc-1:1.8.0.362.b09-2.el8_7.noarch.rpm

java-1.8.0-openjdk-javadoc-zip-1:1.8.0.362.b09-2.el8_7.noarch.rpm

java-1.8.0-openjdk-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-slowdebug-debuginfo-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-src-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-src-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-src-fastdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-src-fastdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

java-1.8.0-openjdk-src-slowdebug-1:1.8.0.362.b09-2.el8_7.aarch64.rpm

java-1.8.0-openjdk-src-slowdebug-1:1.8.0.362.b09-2.el8_7.x86_64.rpm

References

No References

CVEs

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21830

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

Severity
Name: RLSA-2023:0208
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2139705

https://bugzilla.redhat.com/show_bug.cgi?id=2159910

https://bugzilla.redhat.com/show_bug.cgi?id=2160475

https://bugzilla.redhat.com/show_bug.cgi?id=2160490

https://bugzilla.redhat.com/show_bug.cgi?id=2163595


Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved