RHSA-2020:0232: Important: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.<br>Security Fix(es):<br><li> OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601)</li> <li> OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604)</li> <li> OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590)</li> <li> OpenJDK: Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593)</li> <li> OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)</li> <li> OpenJDK: Incorrect handling of unexpected CertificateVerify TLS handshake messages (JSSE, 8231780) (CVE-2020-2655)</li> <li> OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:0232?
The severity of RHSA-2020:0232 is classified as important.
How do I fix RHSA-2020:0232?
To fix RHSA-2020:0232, update the affected java-11-openjdk packages to version 11-openjdk-11.0.6.10-0.el8_0.
What vulnerabilities are addressed in RHSA-2020:0232?
RHSA-2020:0232 addresses vulnerabilities including the use of unsafe RSA-MD5 checksum in Kerberos TGS (CVE-2020-2601).
What software does RHSA-2020:0232 affect?
RHSA-2020:0232 affects java-11-openjdk packages for both x86_64 and ppc64le architectures.
Is there a specific package version I need for RHSA-2020:0232?
Yes, the specific package version needed is 11-openjdk-11.0.6.10-0.el8_0.