RLSA-2021:2776

Опубликовано: 21 июл. 2021

Источник: rocky

Оценка: Important

Описание

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341)
OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
java-1.8.0-openjdk	x86_64	0.el8_4	java-1.8.0-openjdk-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-accessibility	x86_64	0.el8_4	java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-demo	x86_64	0.el8_4	java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-devel	x86_64	0.el8_4	java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-headless	x86_64	0.el8_4	java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-headless-slowdebug	x86_64	0.el8_4	java-1.8.0-openjdk-headless-slowdebug-1.8.0.302.b08-0.el8_4.x86_64.rpm
java-1.8.0-openjdk-javadoc	noarch	0.el8_4	java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el8_4.noarch.rpm
java-1.8.0-openjdk-javadoc	noarch	0.el8_4	java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el8_4.noarch.rpm
java-1.8.0-openjdk-javadoc-zip	noarch	0.el8_4	java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el8_4.noarch.rpm
java-1.8.0-openjdk-javadoc-zip	noarch	0.el8_4	java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el8_4.noarch.rpm

Показывать по

Связанные CVE

CVE-2021-2341

CVE-2021-2369

CVE-2021-2388

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=1982874
Red Hat - 1982874
https://bugzilla.redhat.com/show_bug.cgi?id=1982879
Red Hat - 1982879
https://bugzilla.redhat.com/show_bug.cgi?id=1983075
Red Hat - 1983075

Связанные уязвимости

openSUSE-SU-2021:2952-1

suse-cvrf

больше 4 лет назад

Security update for java-11-openjdk

openSUSE-SU-2021:1233-1

suse-cvrf

больше 4 лет назад

Security update for java-11-openjdk

SUSE-SU-2021:2952-1

suse-cvrf

больше 4 лет назад

Security update for java-11-openjdk

SUSE-SU-2021:2613-1

suse-cvrf

больше 4 лет назад

Security update for java-11-openjdk

RLSA-2021:2781

rocky

больше 4 лет назад

Important: java-11-openjdk security update

exploitDog

RLSA-2021:2776

Описание

Затронутые продукты

Rocky Linux 8: обновленные пакеты

Связанные CVE

Ссылки на источники

Исправления

Связанные уязвимости