Headline
RHSA-2022:0969: Red Hat Security Advisory: java-1.7.1-ibm security update
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-35550: OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)
- CVE-2021-35603: OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)
- CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)
- CVE-2022-21293: OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)
- CVE-2022-21294: OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)
- CVE-2022-21340: OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)
- CVE-2022-21341: OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)
- CVE-2022-21360: OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
- CVE-2022-21365: OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-21
Updated:
2022-03-21
RHSA-2022:0969 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: java-1.7.1-ibm security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to version 7R1 SR5-FP5.
Security Fix(es):
- OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550)
- OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248)
- OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293)
- OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294)
- OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340)
- OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341)
- OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360)
- OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365)
- OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of IBM Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2015311 - CVE-2021-35603 OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)
- BZ - 2015648 - CVE-2021-35550 OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)
- BZ - 2041417 - CVE-2022-21293 OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)
- BZ - 2041427 - CVE-2022-21294 OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)
- BZ - 2041491 - CVE-2022-21360 OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
- BZ - 2041785 - CVE-2022-21365 OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
- BZ - 2041801 - CVE-2022-21248 OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)
- BZ - 2041884 - CVE-2022-21340 OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)
- BZ - 2041897 - CVE-2022-21341 OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)
CVEs
- CVE-2021-35550
- CVE-2021-35603
- CVE-2022-21248
- CVE-2022-21293
- CVE-2022-21294
- CVE-2022-21340
- CVE-2022-21341
- CVE-2022-21360
- CVE-2022-21365
Red Hat Enterprise Linux Server 7
SRPM
x86_64
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 20b862667812a1ee11270a687c311dd37d78acb14f9b9fd659e747e585a5733c
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 08739d873849c67748049f1ec87bb015078a693856ecc09b2f97ade9801ac9aa
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 8a9de6e06654c7a8d9398b1382b2357172fbc3ed3524c8c7608e5aae9eb0c4c1
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 02fc8713b9392b6fc104f5140662a5c3f2167093ea915e45754bd3e29d09aa85
java-1.7.1-ibm-plugin-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: f9966dad9ca80c860a9c8feda9e3989508de40783916dee12fbee3494fba9c87
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 168d0ac57fb848c96897351ee4aeac79ca95c4d015a85c2765341423b5ac1b20
Red Hat Enterprise Linux Workstation 7
SRPM
x86_64
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 20b862667812a1ee11270a687c311dd37d78acb14f9b9fd659e747e585a5733c
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 08739d873849c67748049f1ec87bb015078a693856ecc09b2f97ade9801ac9aa
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 8a9de6e06654c7a8d9398b1382b2357172fbc3ed3524c8c7608e5aae9eb0c4c1
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 02fc8713b9392b6fc104f5140662a5c3f2167093ea915e45754bd3e29d09aa85
java-1.7.1-ibm-plugin-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: f9966dad9ca80c860a9c8feda9e3989508de40783916dee12fbee3494fba9c87
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 168d0ac57fb848c96897351ee4aeac79ca95c4d015a85c2765341423b5ac1b20
Red Hat Enterprise Linux Desktop 7
SRPM
x86_64
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 20b862667812a1ee11270a687c311dd37d78acb14f9b9fd659e747e585a5733c
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 08739d873849c67748049f1ec87bb015078a693856ecc09b2f97ade9801ac9aa
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 8a9de6e06654c7a8d9398b1382b2357172fbc3ed3524c8c7608e5aae9eb0c4c1
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 02fc8713b9392b6fc104f5140662a5c3f2167093ea915e45754bd3e29d09aa85
java-1.7.1-ibm-plugin-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: f9966dad9ca80c860a9c8feda9e3989508de40783916dee12fbee3494fba9c87
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 168d0ac57fb848c96897351ee4aeac79ca95c4d015a85c2765341423b5ac1b20
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
s390x
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.s390x.rpm
SHA-256: b5aeb3e4fb2c6d0021f77b9def9c646704caa22d15efb94acec3efb2ee6a87ae
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.s390x.rpm
SHA-256: 5e30bd4c2cbfc8c8afdc488c53a92c50dd62bc1e9502d48ea25a69da48ade157
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.s390x.rpm
SHA-256: 211f6b81ebed6c76d305a334044031a8dba0cbd90e18e05e3f1c7d0df9d271dd
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.s390x.rpm
SHA-256: bef20105aa67f93e1f718586ed5ef62082bbae11ee1e2f4fb89f9908fd7c0e00
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.s390x.rpm
SHA-256: cb7021bd352125433280897d8aa2ac8972e42cb1577676d898cbe8a8533a1636
Red Hat Enterprise Linux for Power, big endian 7
SRPM
ppc64
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.ppc64.rpm
SHA-256: 7c57ed3d646a6796bc3a9b9a2f9e0179162dd2ab2c16211f563b854260b4cad2
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.ppc64.rpm
SHA-256: df1766ed82af902191e92ed1c17bf7b55fde2f469df15b33b6f79a16f0794ddc
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.ppc64.rpm
SHA-256: 63338e5c4d68846d985f80fa0f7cdb50e6f9e3fa2256281dd78fad645878b7db
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.ppc64.rpm
SHA-256: 3469268f119aa5526dcc1032f6fcc0410627339ec43aaf55842a4febdf4261f5
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.ppc64.rpm
SHA-256: c3f6d9b29bebed2769078506db8ad51e0cd9e14e40027945c9e2f85ad43b5e6a
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
x86_64
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 20b862667812a1ee11270a687c311dd37d78acb14f9b9fd659e747e585a5733c
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 08739d873849c67748049f1ec87bb015078a693856ecc09b2f97ade9801ac9aa
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 8a9de6e06654c7a8d9398b1382b2357172fbc3ed3524c8c7608e5aae9eb0c4c1
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.x86_64.rpm
SHA-256: 168d0ac57fb848c96897351ee4aeac79ca95c4d015a85c2765341423b5ac1b20
Red Hat Enterprise Linux for Power, little endian 7
SRPM
ppc64le
java-1.7.1-ibm-1.7.1.5.5-1jpp.1.el7.ppc64le.rpm
SHA-256: 2b32550dd8ce6952a5db862d229e96c1618b7ade4979b0526c1a3899d935e383
java-1.7.1-ibm-demo-1.7.1.5.5-1jpp.1.el7.ppc64le.rpm
SHA-256: 05f51d59ceae75eb9d4b8d40a15293a8911308abf7897304e478ad27d1ada24a
java-1.7.1-ibm-devel-1.7.1.5.5-1jpp.1.el7.ppc64le.rpm
SHA-256: 9a11a14ed91c44aaaa33d880e8c195cb2a54ed6f9d92b7ee80232d9325419bbf
java-1.7.1-ibm-jdbc-1.7.1.5.5-1jpp.1.el7.ppc64le.rpm
SHA-256: b8241b76081311af937a0adee3eb581d06e5a4f95cfd8a56bbfbda9f42ec5d82
java-1.7.1-ibm-src-1.7.1.5.5-1jpp.1.el7.ppc64le.rpm
SHA-256: c2e97db207dab62460f2229bdc26dc9ca4834b03a0c54095be108737dbefba0e
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.