A flaw was found in the way the AWT component of OpenJDK handled menus. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and bypass Java sandbox restrictions.
This issue only affected MacOSX platform. Therefore, OpenJDK packages on Red Hat Enterprise Linux were not affected.
OpenJDK 8 upstream commits: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/920bb0a994d1 http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/270f977a4818
Statement: This issue did not affected the versions of OpenJDK, Oracle JDK, and IBM JDK as shipped with Red Hat Enterprise Linux. This issue only affected JDK versions on the MacOSX platform.