Red Hat Security Advisory: java-1.8.0-ibm security update
🔗 CVE IDs covered (8)
📋 Description
CVE-2021-35556 — OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) CVE-2021-35559 — OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) CVE-2021-35560 — JDK: unspecified vulnerability fixed in 8u311 (Deployment) CVE-2021-35564 — OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) CVE-2021-35565 — OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) CVE-2021-35578 — OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) CVE-2021-35586 — OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) CVE-2021-41035 — JDK: IllegalAccessError exception not thrown for MethodHandles that invoke inaccessible interface methods
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2021:5030
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014508
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014515
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014518
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015061
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015308
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015653
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2027731
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2027791
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5030.json