A flaw was found in the way the AWT component of OpenJDK handled menus. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and bypass Java sandbox restrictions.
This issue only affected MacOSX platform. Therefore, OpenJDK packages on Red Hat Enterprise Linux were not affected.
OpenJDK 8 upstream commits:
This issue did not affected the versions of OpenJDK, Oracle JDK, and IBM JDK as shipped with Red Hat Enterprise Linux. This issue only affected JDK versions on the MacOSX platform.