Red Hat Security Advisory: java-17-openjdk security update
🔗 CVE IDs covered (8)
📋 Description
CVE-2021-35556 — OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) CVE-2021-35559 — OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) CVE-2021-35561 — OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) CVE-2021-35564 — OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) CVE-2021-35567 — OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) CVE-2021-35578 — OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) CVE-2021-35586 — OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) CVE-2021-35603 — OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2021:4135
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014515
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014518
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2014524
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015061
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015308
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015311
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015653
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015658
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4135.json