(RHSA-2018:2253) Critical: java-1.8.0-oracle security update

2018-07-2420:50:35

access.redhat.com

125

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

74.8%

JSON

Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 8 to version 8 Update 181.

Security Fix(es):

Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941)
Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment) (CVE-2018-2964)
Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940)
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)
Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64java-1.8.0-oracle-javafx< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-javafx-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat7x86_64java-1.8.0-oracle-jdbc< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-jdbc-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat7x86_64java-1.8.0-oracle-plugin< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-plugin-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat7x86_64java-1.8.0-oracle< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat7x86_64java-1.8.0-oracle-devel< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-devel-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat7x86_64java-1.8.0-oracle-src< 1.8.0.181-1jpp.2.el7java-1.8.0-oracle-src-1.8.0.181-1jpp.2.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	java-1.8.0-oracle-javafx	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-javafx-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat	7	x86_64	java-1.8.0-oracle-jdbc	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-jdbc-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat	7	x86_64	java-1.8.0-oracle-plugin	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-plugin-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat	7	x86_64	java-1.8.0-oracle	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat	7	x86_64	java-1.8.0-oracle-devel	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-devel-1.8.0.181-1jpp.2.el7.x86_64.rpm
RedHat	7	x86_64	java-1.8.0-oracle-src	< 1.8.0.181-1jpp.2.el7	java-1.8.0-oracle-src-1.8.0.181-1jpp.2.el7.x86_64.rpm