Security Advisory Moderate: java-1.8.0-openjdk security update

Advisory: RHSA-2017:1109-1
Type: Security Advisory
Severity: Moderate
Issued on: 2017-04-20
Last updated on: 2017-04-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2017-3509
CVE-2017-3511
CVE-2017-3526
CVE-2017-3533
CVE-2017-3539
CVE-2017-3544

Details

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux
6.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment
and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* An untrusted library search path flaw was found in the JCE component of
OpenJDK. A local attacker could possibly use this flaw to cause a Java
application using JCE to load an attacker-controlled library and hence escalate
their privileges. (CVE-2017-3511)

* It was found that the JAXP component of OpenJDK failed to correctly enforce
parse tree size limits when parsing XML document. An attacker able to make a
Java application parse a specially crafted XML document could use this flaw to
make it consume an excessive amount of CPU and memory. (CVE-2017-3526)

* It was discovered that the HTTP client implementation in the Networking
component of OpenJDK could cache and re-use an NTLM authenticated connection in
a different security context. A remote attacker could possibly use this flaw to
make a Java application perform HTTP requests authenticated with credentials of
a different user. (CVE-2017-3509)

Note: This update adds support for the "jdk.ntlm.cache" system property which,
when set to false, prevents caching of NTLM connections and authentications and
hence prevents this issue. However, caching remains enabled by default.

* It was discovered that the Security component of OpenJDK did not allow users
to restrict the set of algorithms allowed for Jar integrity verification. This
flaw could allow an attacker to modify content of the Jar file that used weak
signing key or hash algorithm. (CVE-2017-3539)

Note: This updates extends the fix for CVE-2016-5542 released as part of the
RHSA-2016:2079 erratum to no longer allow the MD5 hash algorithm during the Jar
integrity verification by adding it to the jdk.jar.disabledAlgorithms security
property.

* Newline injection flaws were discovered in FTP and SMTP client implementations
in the Networking component in OpenJDK. A remote attacker could possibly use
these flaws to manipulate FTP or SMTP connections established by a Java
application. (CVE-2017-3533, CVE-2017-3544)

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited without
user interaction if a user visited a malicious website.


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to take
effect.

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm     MD5: 05bf13e63c1f93947e25d24a402f385e
SHA-256: 449ebe2824ca4d4eeff4f8d5d2bd516e6db66b02c8434d12381219f3f2291f9e
 
IA-32:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: d19dbfb48b7209ed22c314ec72631ac8
SHA-256: 884b2ea6dae31bcadaafa8bc84e1f209cc90f1cceeb37c7b37443ca949d71a15
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2b0314a1a02b6b857349fd45492419fa
SHA-256: bba91e3883041d39ec15d5cced35f85e02811088e6f404eadab052af6ffbeac2
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 25f8c517fa712eeb27c43777f3a72ba6
SHA-256: e43f6a037f3d82fd8c403b0301cb94e620ecb654927648c9a54f1c7af316d6b0
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 277f8a30e4ad3c043e30b21c7f564464
SHA-256: 6831b0c2ae02c597cf19c19a58d1d894b29e9ee652bd02e93dcaf6f59784c9d6
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: b0d4dff949d35c823d37999c39e6c7e8
SHA-256: 147e01d4bddc2f28e9ca65248d6f192e071d4795979c36a628a1a4953187e57c
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 6802e9bd3540c0c27b6970394f3be1ef
SHA-256: f9d76e32fe3b90e5f6615aff09f4d21d2c8f2b5f83765e092fad2cc8b7d6d2b4
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 10f5b0b63158492db935443c8d404778
SHA-256: 1a437ae3043b2c714b9e8947036349d9503c5f180ef3f357a7a6c83f005f0a11
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2337565ec751e6034ca1e76f0f41f9d5
SHA-256: c0163282dd55358d47957956ff7403d807128dda42ada98690d0892fc6e47d6e
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 7f858627a0e961b6e81519caf1dd73c2
SHA-256: b18a83001e81e7f1a6c71df701dca0e106c1ad8c05573bc118fb2f5245f4d5db
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e8f10e0804825121db97466512835cb7
SHA-256: a50ed797ea8fc32e17b520fe30d52537ee31e35b996ddb0efd09114dfa4435e9
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e0efe1c6d0bc170400da40a94d74e4ac
SHA-256: 791575b86fc13848abf8c8c29368a7607b9f0646d8ebfa77a89a5f8f01a724f9
 
x86_64:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6226841d88c51469b86987044fdb9135
SHA-256: 7d3f9a7a9a9a692017ef54cac653121eda5f1f9cdd44c94576b4a0a99fd7b8e0
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83665b758f532505f0d6724269e79ca2
SHA-256: c5c160b6feabbcdf2b1e2833e458172580447124f346272a7008cefb539d1725
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: ae7c59d589250f93b5d329f1ad2e5593
SHA-256: c501a8b2a3a8e9c6f1f07fe14243c09aa741a4d081bd1c7532900143d9ab3e61
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: c19dae20e1c630d742775e8d261cf4a7
SHA-256: 5c5099f36e32bd10a9d9784baaa0fd8387bbe6323ab360086dbcdff69f359979
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83dce07ab4ab754df86872ab65bec88b
SHA-256: 67ab6f25030b520707279a97f7235d605933f4e5d3e54345443d5b2a42b6c85e
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6172b9fb9603bdaf811d116e6aad7a1f
SHA-256: bbf7fbca67f542bcf705169b3c1d05001da8c8ae365fc709ba4d4f9acacc86af
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 7b63bd5cc78eb55e1d543aeed19fc428
SHA-256: 55daff1955c23e219ee60fff965cd1fabf89d5d9fba124cf28f83ca2509d9fc5
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 3ba723967d4a0e4d9b3ae76b52b97e5d
SHA-256: 8ac7a9d4fe60e8d1fdb4f634d9f4847fd4fd25e57d6954f87327a9b955d176a4
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 0033fc3bdd7ac9ca7c626a77af5fbd28
SHA-256: 5c6b0dd7f49b8762cdba50d34fda6daf344d8a7612ff266cb3d8461ab4b39af1
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 067742f3396b09c40c792be823043bdb
SHA-256: f86eb00fa9d4c75e8071e697188ee05dc094d3cd4a7d4012e1a6c2668bcdece2
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 9f2f439c1bc018d92bbd8a05b113ce80
SHA-256: 90bb00cd047b461f2c326b6d02ad1eaa1ecfdb318097ba982058e97ab416593c
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm     MD5: 05bf13e63c1f93947e25d24a402f385e
SHA-256: 449ebe2824ca4d4eeff4f8d5d2bd516e6db66b02c8434d12381219f3f2291f9e
 
x86_64:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6226841d88c51469b86987044fdb9135
SHA-256: 7d3f9a7a9a9a692017ef54cac653121eda5f1f9cdd44c94576b4a0a99fd7b8e0
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83665b758f532505f0d6724269e79ca2
SHA-256: c5c160b6feabbcdf2b1e2833e458172580447124f346272a7008cefb539d1725
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: ae7c59d589250f93b5d329f1ad2e5593
SHA-256: c501a8b2a3a8e9c6f1f07fe14243c09aa741a4d081bd1c7532900143d9ab3e61
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: c19dae20e1c630d742775e8d261cf4a7
SHA-256: 5c5099f36e32bd10a9d9784baaa0fd8387bbe6323ab360086dbcdff69f359979
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83dce07ab4ab754df86872ab65bec88b
SHA-256: 67ab6f25030b520707279a97f7235d605933f4e5d3e54345443d5b2a42b6c85e
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6172b9fb9603bdaf811d116e6aad7a1f
SHA-256: bbf7fbca67f542bcf705169b3c1d05001da8c8ae365fc709ba4d4f9acacc86af
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 7b63bd5cc78eb55e1d543aeed19fc428
SHA-256: 55daff1955c23e219ee60fff965cd1fabf89d5d9fba124cf28f83ca2509d9fc5
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 3ba723967d4a0e4d9b3ae76b52b97e5d
SHA-256: 8ac7a9d4fe60e8d1fdb4f634d9f4847fd4fd25e57d6954f87327a9b955d176a4
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 0033fc3bdd7ac9ca7c626a77af5fbd28
SHA-256: 5c6b0dd7f49b8762cdba50d34fda6daf344d8a7612ff266cb3d8461ab4b39af1
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 067742f3396b09c40c792be823043bdb
SHA-256: f86eb00fa9d4c75e8071e697188ee05dc094d3cd4a7d4012e1a6c2668bcdece2
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 9f2f439c1bc018d92bbd8a05b113ce80
SHA-256: 90bb00cd047b461f2c326b6d02ad1eaa1ecfdb318097ba982058e97ab416593c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm     MD5: 05bf13e63c1f93947e25d24a402f385e
SHA-256: 449ebe2824ca4d4eeff4f8d5d2bd516e6db66b02c8434d12381219f3f2291f9e
 
IA-32:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: d19dbfb48b7209ed22c314ec72631ac8
SHA-256: 884b2ea6dae31bcadaafa8bc84e1f209cc90f1cceeb37c7b37443ca949d71a15
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2b0314a1a02b6b857349fd45492419fa
SHA-256: bba91e3883041d39ec15d5cced35f85e02811088e6f404eadab052af6ffbeac2
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 25f8c517fa712eeb27c43777f3a72ba6
SHA-256: e43f6a037f3d82fd8c403b0301cb94e620ecb654927648c9a54f1c7af316d6b0
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 277f8a30e4ad3c043e30b21c7f564464
SHA-256: 6831b0c2ae02c597cf19c19a58d1d894b29e9ee652bd02e93dcaf6f59784c9d6
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: b0d4dff949d35c823d37999c39e6c7e8
SHA-256: 147e01d4bddc2f28e9ca65248d6f192e071d4795979c36a628a1a4953187e57c
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 6802e9bd3540c0c27b6970394f3be1ef
SHA-256: f9d76e32fe3b90e5f6615aff09f4d21d2c8f2b5f83765e092fad2cc8b7d6d2b4
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 10f5b0b63158492db935443c8d404778
SHA-256: 1a437ae3043b2c714b9e8947036349d9503c5f180ef3f357a7a6c83f005f0a11
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2337565ec751e6034ca1e76f0f41f9d5
SHA-256: c0163282dd55358d47957956ff7403d807128dda42ada98690d0892fc6e47d6e
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 7f858627a0e961b6e81519caf1dd73c2
SHA-256: b18a83001e81e7f1a6c71df701dca0e106c1ad8c05573bc118fb2f5245f4d5db
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e8f10e0804825121db97466512835cb7
SHA-256: a50ed797ea8fc32e17b520fe30d52537ee31e35b996ddb0efd09114dfa4435e9
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e0efe1c6d0bc170400da40a94d74e4ac
SHA-256: 791575b86fc13848abf8c8c29368a7607b9f0646d8ebfa77a89a5f8f01a724f9
 
x86_64:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6226841d88c51469b86987044fdb9135
SHA-256: 7d3f9a7a9a9a692017ef54cac653121eda5f1f9cdd44c94576b4a0a99fd7b8e0
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83665b758f532505f0d6724269e79ca2
SHA-256: c5c160b6feabbcdf2b1e2833e458172580447124f346272a7008cefb539d1725
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: ae7c59d589250f93b5d329f1ad2e5593
SHA-256: c501a8b2a3a8e9c6f1f07fe14243c09aa741a4d081bd1c7532900143d9ab3e61
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: c19dae20e1c630d742775e8d261cf4a7
SHA-256: 5c5099f36e32bd10a9d9784baaa0fd8387bbe6323ab360086dbcdff69f359979
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83dce07ab4ab754df86872ab65bec88b
SHA-256: 67ab6f25030b520707279a97f7235d605933f4e5d3e54345443d5b2a42b6c85e
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6172b9fb9603bdaf811d116e6aad7a1f
SHA-256: bbf7fbca67f542bcf705169b3c1d05001da8c8ae365fc709ba4d4f9acacc86af
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 7b63bd5cc78eb55e1d543aeed19fc428
SHA-256: 55daff1955c23e219ee60fff965cd1fabf89d5d9fba124cf28f83ca2509d9fc5
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 3ba723967d4a0e4d9b3ae76b52b97e5d
SHA-256: 8ac7a9d4fe60e8d1fdb4f634d9f4847fd4fd25e57d6954f87327a9b955d176a4
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 0033fc3bdd7ac9ca7c626a77af5fbd28
SHA-256: 5c6b0dd7f49b8762cdba50d34fda6daf344d8a7612ff266cb3d8461ab4b39af1
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 067742f3396b09c40c792be823043bdb
SHA-256: f86eb00fa9d4c75e8071e697188ee05dc094d3cd4a7d4012e1a6c2668bcdece2
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 9f2f439c1bc018d92bbd8a05b113ce80
SHA-256: 90bb00cd047b461f2c326b6d02ad1eaa1ecfdb318097ba982058e97ab416593c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm     MD5: 05bf13e63c1f93947e25d24a402f385e
SHA-256: 449ebe2824ca4d4eeff4f8d5d2bd516e6db66b02c8434d12381219f3f2291f9e
 
IA-32:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: d19dbfb48b7209ed22c314ec72631ac8
SHA-256: 884b2ea6dae31bcadaafa8bc84e1f209cc90f1cceeb37c7b37443ca949d71a15
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2b0314a1a02b6b857349fd45492419fa
SHA-256: bba91e3883041d39ec15d5cced35f85e02811088e6f404eadab052af6ffbeac2
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 25f8c517fa712eeb27c43777f3a72ba6
SHA-256: e43f6a037f3d82fd8c403b0301cb94e620ecb654927648c9a54f1c7af316d6b0
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 277f8a30e4ad3c043e30b21c7f564464
SHA-256: 6831b0c2ae02c597cf19c19a58d1d894b29e9ee652bd02e93dcaf6f59784c9d6
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: b0d4dff949d35c823d37999c39e6c7e8
SHA-256: 147e01d4bddc2f28e9ca65248d6f192e071d4795979c36a628a1a4953187e57c
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 6802e9bd3540c0c27b6970394f3be1ef
SHA-256: f9d76e32fe3b90e5f6615aff09f4d21d2c8f2b5f83765e092fad2cc8b7d6d2b4
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 10f5b0b63158492db935443c8d404778
SHA-256: 1a437ae3043b2c714b9e8947036349d9503c5f180ef3f357a7a6c83f005f0a11
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 2337565ec751e6034ca1e76f0f41f9d5
SHA-256: c0163282dd55358d47957956ff7403d807128dda42ada98690d0892fc6e47d6e
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: 7f858627a0e961b6e81519caf1dd73c2
SHA-256: b18a83001e81e7f1a6c71df701dca0e106c1ad8c05573bc118fb2f5245f4d5db
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e8f10e0804825121db97466512835cb7
SHA-256: a50ed797ea8fc32e17b520fe30d52537ee31e35b996ddb0efd09114dfa4435e9
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm     MD5: e0efe1c6d0bc170400da40a94d74e4ac
SHA-256: 791575b86fc13848abf8c8c29368a7607b9f0646d8ebfa77a89a5f8f01a724f9
 
x86_64:
java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6226841d88c51469b86987044fdb9135
SHA-256: 7d3f9a7a9a9a692017ef54cac653121eda5f1f9cdd44c94576b4a0a99fd7b8e0
java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83665b758f532505f0d6724269e79ca2
SHA-256: c5c160b6feabbcdf2b1e2833e458172580447124f346272a7008cefb539d1725
java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: ae7c59d589250f93b5d329f1ad2e5593
SHA-256: c501a8b2a3a8e9c6f1f07fe14243c09aa741a4d081bd1c7532900143d9ab3e61
java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: c19dae20e1c630d742775e8d261cf4a7
SHA-256: 5c5099f36e32bd10a9d9784baaa0fd8387bbe6323ab360086dbcdff69f359979
java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 83dce07ab4ab754df86872ab65bec88b
SHA-256: 67ab6f25030b520707279a97f7235d605933f4e5d3e54345443d5b2a42b6c85e
java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 6172b9fb9603bdaf811d116e6aad7a1f
SHA-256: bbf7fbca67f542bcf705169b3c1d05001da8c8ae365fc709ba4d4f9acacc86af
java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 7b63bd5cc78eb55e1d543aeed19fc428
SHA-256: 55daff1955c23e219ee60fff965cd1fabf89d5d9fba124cf28f83ca2509d9fc5
java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 3ba723967d4a0e4d9b3ae76b52b97e5d
SHA-256: 8ac7a9d4fe60e8d1fdb4f634d9f4847fd4fd25e57d6954f87327a9b955d176a4
java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 0033fc3bdd7ac9ca7c626a77af5fbd28
SHA-256: 5c6b0dd7f49b8762cdba50d34fda6daf344d8a7612ff266cb3d8461ab4b39af1
java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 86b5aa34e5f5db237495ea2d80e058b0
SHA-256: fe5c04ca86adb78298c488d8196e7e9f1e97abf5af144932ce9f62f907dc15db
java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm     MD5: 0a43bf236b2eff1cebe5938043f3d4de
SHA-256: ce65635c0cda4029ee66155cc7ba402682f05c7c3cee67b2d41b2f339b950006
java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 067742f3396b09c40c792be823043bdb
SHA-256: f86eb00fa9d4c75e8071e697188ee05dc094d3cd4a7d4012e1a6c2668bcdece2
java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm     MD5: 9f2f439c1bc018d92bbd8a05b113ce80
SHA-256: 90bb00cd047b461f2c326b6d02ad1eaa1ecfdb318097ba982058e97ab416593c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)
1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533)
1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222)
1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121)
1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/