RHSA-2021:2784: Important: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.Security Fix(es): OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:2784?
The severity of RHSA-2021:2784 is classified as important due to its potential impact on security.
How do I fix RHSA-2021:2784?
To fix RHSA-2021:2784, update to the latest version of the affected OpenJDK packages provided by Red Hat.
Which packages are affected by RHSA-2021:2784?
The affected packages include java-11-openjdk, java-11-openjdk-headless, and several related sub-packages.
What vulnerabilities are addressed in RHSA-2021:2784?
RHSA-2021:2784 addresses vulnerabilities related to incorrect comparison during range check elimination and FTP PASV command issues.
What should I do if I cannot update due to compatibility issues after applying RHSA-2021:2784?
If you encounter compatibility issues after applying RHSA-2021:2784, review your dependencies and consider testing in a controlled environment before further deployment.