RHSA-2021:2778: Important: OpenJDK 8u302 Security Update for Portable Linux Builds
The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.This release of the Red Hat build of OpenJDK 8 (1.8.0.302) for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 (1.8.0.292) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.Security Fix(es): OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:2778?
The severity of RHSA-2021:2778 is categorized as moderate.
How do I fix RHSA-2021:2778?
To fix RHSA-2021:2778, you should update your OpenJDK 8 packages to version 1.8.0.302.
What vulnerabilities does RHSA-2021:2778 address?
RHSA-2021:2778 addresses multiple vulnerabilities that affect the OpenJDK packages.
Is RHSA-2021:2778 applicable to all environments?
RHSA-2021:2778 is applicable to Red Hat-based Linux environments utilizing OpenJDK 8.
Where can I find more details about RHSA-2021:2778?
For more details about RHSA-2021:2778, refer to the Red Hat advisory or related bug reports.