RHSA-2021:2779: Important: OpenJDK 11.0.12 Security Update for Windows Builds
The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.This release of the Red Hat build of OpenJDK 11 (11.0.12) for Windows serves as a replacement for the Red Hat build of OpenJDK 11 (11.0.11) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.Security Fix(es): OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:2779?
The severity of RHSA-2021:2779 is classified as critical due to the potential for remote code execution.
How do I fix RHSA-2021:2779?
You can fix RHSA-2021:2779 by upgrading to the latest version of OpenJDK 11 packages provided by Red Hat.
What vulnerabilities are addressed in RHSA-2021:2779?
RHSA-2021:2779 addresses several vulnerabilities including those leading to access control bypass and potential code execution.
Is RHSA-2021:2779 applicable to all OpenJDK 11 installations?
RHSA-2021:2779 specifically applies to the Red Hat build of OpenJDK 11, and may not apply to other OpenJDK distributions.
When was RHSA-2021:2779 released?
RHSA-2021:2779 was released on October 19, 2021.