RHSA-2017:1108

Description

Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

CVSS Metrics

• v3.0•HIGH•Score: 7CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Systems

• redhat•java-1.8.0-openjdk

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-accessibility

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-accessibility-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-debuginfo

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-demo

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-demo-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-devel

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-devel-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-headless

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-headless-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-javadoc

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-javadoc-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-javadoc-zip

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-javadoc-zip-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-src

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

• redhat•java-1.8.0-openjdk-src-debug

  < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3 | < 1:1.8.0.131-2.b11.el7_3

References (30)

• https://access.redhat.com/errata/RHSA-2017:1108
• https://access.redhat.com/security/updates/classification/#moderate
• https://rhn.redhat.com/errata/RHSA-2016-2079.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1442162
• https://bugzilla.redhat.com/show_bug.cgi?id=1443007
• https://bugzilla.redhat.com/show_bug.cgi?id=1443052
• https://bugzilla.redhat.com/show_bug.cgi?id=1443068
• https://bugzilla.redhat.com/show_bug.cgi?id=1443083
• https://bugzilla.redhat.com/show_bug.cgi?id=1443097
• https://bugzilla.redhat.com/show_bug.cgi?id=1443252
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1108.json
• https://access.redhat.com/security/cve/CVE-2017-3509
• https://www.cve.org/CVERecord?id=CVE-2017-3509
• https://nvd.nist.gov/vuln/detail/CVE-2017-3509
• http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA
• https://access.redhat.com/security/cve/CVE-2017-3511
• https://www.cve.org/CVERecord?id=CVE-2017-3511
• https://nvd.nist.gov/vuln/detail/CVE-2017-3511
• https://access.redhat.com/security/cve/CVE-2017-3526
• https://www.cve.org/CVERecord?id=CVE-2017-3526
• https://nvd.nist.gov/vuln/detail/CVE-2017-3526
• https://access.redhat.com/security/cve/CVE-2017-3533
• https://www.cve.org/CVERecord?id=CVE-2017-3533
• https://nvd.nist.gov/vuln/detail/CVE-2017-3533
• https://access.redhat.com/security/cve/CVE-2017-3539
• https://www.cve.org/CVERecord?id=CVE-2017-3539
• https://nvd.nist.gov/vuln/detail/CVE-2017-3539
• https://access.redhat.com/security/cve/CVE-2017-3544
• https://www.cve.org/CVERecord?id=CVE-2017-3544
• https://nvd.nist.gov/vuln/detail/CVE-2017-3544