Published on January 25th, 2023 📆 | 6341 Views ⚑0
Red Hat Security Advisory 2023-0387-01 – Torchsec
Red Hat Security Advisory
Synopsis: Moderate: OpenJDK 8u362 Security Update for Portable Linux Builds
Advisory ID: RHSA-2023:0387-01
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0387
Issue date: 2023-01-23
CVE Names: CVE-2023-21830 CVE-2023-21843
The Red Hat build of OpenJDK 8 (java-1.8.0-openjdk) is now available for
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and
the OpenJDK 8 Java Software Development Kit.
This release of the Red Hat build of OpenJDK 8 (8u362) for portable Linux
serves as a replacement for Red Hat build of OpenJDK 8 (8u352) and includes
security and bug fixes as well as enhancements. For further information,
refer to the release notes linked to in the References section.
* OpenJDK: soundbank URL remote loading (CVE-2023-21843)
* OpenJDK: improper restrictions in CORBA deserialization (CVE-2023-21830)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
4. Bugs fixed (https://bugzilla.redhat.com/):
2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)
The Red Hat security contact is
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
RHSA-announce mailing list