Fedora Account System
Red Hat Associate
Red Hat Customer
Java Sound component did not properly check the provenience of the Soundbank, potentially allowing an untrusted Java application or applet to construct a Soundbank from a remote attacker-controlled URL.
OpenJDK-17 upstream commit: https://github.com/openjdk/jdk17u/commit/45650552132297f296648ffccaa9668888c6707d OpenJDK-11 upstream commit: https://github.com/openjdk/jdk11u/commit/b46279bb15ab187e60c71b400e4363548969445a OpenJDK-8 upstream commit: https://github.com/openjdk/jdk8u/commit/00dbe881f5fb7b74c93762ddd06a33a716f786ce
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0202 https://access.redhat.com/errata/RHSA-2023:0202
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0193 https://access.redhat.com/errata/RHSA-2023:0193
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:0190 https://access.redhat.com/errata/RHSA-2023:0190
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:0199 https://access.redhat.com/errata/RHSA-2023:0199
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0196 https://access.redhat.com/errata/RHSA-2023:0196
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:0197 https://access.redhat.com/errata/RHSA-2023:0197
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0198 https://access.redhat.com/errata/RHSA-2023:0198
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0201 https://access.redhat.com/errata/RHSA-2023:0201
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0191 https://access.redhat.com/errata/RHSA-2023:0191
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0192 https://access.redhat.com/errata/RHSA-2023:0192
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0200 https://access.redhat.com/errata/RHSA-2023:0200
Public now via Oracle CPU January 2023: https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA Fixed in Oracle Java SE 8u361, 11.0.18, 17.0.6, 19.0.2. Release notes: https://www.oracle.com/java/technologies/javase/8u361-relnotes.html https://www.oracle.com/java/technologies/javase/11-0-18-relnotes.html https://www.oracle.com/java/technologies/javase/17-0-6-relnotes.html https://www.oracle.com/java/technologies/javase/19-0-2-relnotes.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0194 https://access.redhat.com/errata/RHSA-2023:0194
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0195 https://access.redhat.com/errata/RHSA-2023:0195
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0204 https://access.redhat.com/errata/RHSA-2023:0204
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:0205 https://access.redhat.com/errata/RHSA-2023:0205
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0206 https://access.redhat.com/errata/RHSA-2023:0206
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0209 https://access.redhat.com/errata/RHSA-2023:0209
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:0207 https://access.redhat.com/errata/RHSA-2023:0207
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u362 Via RHSA-2023:0387 https://access.redhat.com/errata/RHSA-2023:0387
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u362 Via RHSA-2023:0354 https://access.redhat.com/errata/RHSA-2023:0354
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.18 Via RHSA-2023:0353 https://access.redhat.com/errata/RHSA-2023:0353
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.18 Via RHSA-2023:0388 https://access.redhat.com/errata/RHSA-2023:0388
This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.6 Via RHSA-2023:0352 https://access.redhat.com/errata/RHSA-2023:0352
This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.6 Via RHSA-2023:0389 https://access.redhat.com/errata/RHSA-2023:0389
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0203 https://access.redhat.com/errata/RHSA-2023:0203
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0210 https://access.redhat.com/errata/RHSA-2023:0210
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0208 https://access.redhat.com/errata/RHSA-2023:0208
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-21843
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Supplementary Via RHSA-2023:3136 https://access.redhat.com/errata/RHSA-2023:3136