RHSA-2021:2777: Important: OpenJDK 8u302 Windows Builds release and security update
The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.This release of the Red Hat build of OpenJDK 8 (1.8.0.302) for Windows serves as a replacement for the Red Hat build of OpenJDK 8 (1.8.0.292) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.Security Fix(es): OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:2777?
The severity of RHSA-2021:2777 is classified as important.
How do I fix RHSA-2021:2777?
To fix RHSA-2021:2777, you should update to the latest version of OpenJDK 8 available in your repository.
What vulnerabilities does RHSA-2021:2777 address?
RHSA-2021:2777 addresses various security vulnerabilities including potential DoS attacks and improper access controls.
Which versions of OpenJDK are affected by RHSA-2021:2777?
RHSA-2021:2777 affects the Red Hat build of OpenJDK 8 versions prior to 1.8.0.302.
Is there a workaround for RHSA-2021:2777?
There is no specific workaround for RHSA-2021:2777; the recommended action is to apply the update.