Fedora Account System
Red Hat Associate
Red Hat Customer
It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if that was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory.
Public now via Oracle CPU July 2017: http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA The issue was fixed in Oracle JDK 8u141, 7u151, and 6u161.
OpenJDK-8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/686e47e14565
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2017:1792 https://access.redhat.com/errata/RHSA-2017:1792
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2017:1791 https://access.redhat.com/errata/RHSA-2017:1791
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2017:1790 https://access.redhat.com/errata/RHSA-2017:1790
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:1789 https://access.redhat.com/errata/RHSA-2017:1789
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:2424 https://access.redhat.com/errata/RHSA-2017:2424
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Red Hat Enterprise Linux 7 Supplementary Via RHSA-2017:2469 https://access.redhat.com/errata/RHSA-2017:2469
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Red Hat Enterprise Linux 7 Supplementary Via RHSA-2017:2481 https://access.redhat.com/errata/RHSA-2017:2481
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2017:2530 https://access.redhat.com/errata/RHSA-2017:2530
This issue has been addressed in the following products: Red Hat Satellite 5.8 Red Hat Satellite 5.8 ELS Via RHSA-2017:3453 https://access.redhat.com/errata/RHSA-2017:3453