RedHat¶à¸ö°²È«²¹¶¡°²È«¹«¸æ

°ä²¼¹¦·ò 2018-07-25

·ì϶±àºÅºÍ¼¶±ð
CVE-2018-2940  ÖР CVSS·ÖÖµ£º4.3
CVE-2018-2941  ¸ß  CVSS·ÖÖµ£º8.3
CVE-2018-2952  µÍ  CVSS·ÖÖµ£º3.7
CVE-2018-2964  ¸ß  CVSS·ÖÖµ£º8.3
CVE-2018-2973  ÖР CVSS·ÖÖµ£º5.9


·ì϶¸ÅÊö
½ñÌ죬RedHat°ä²¼Á˶à¸ö°²È«²¹¶¡£¬ÆäÖÐÔ̺¬ËĸöÑϳÁ¼¶´ËÍâ²¹¶¡ÈçÏ£º


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾


 1. RHSA-2018:2256
java-1.8.0-oracle°²È«¸üУ¬´Ë¿Ì¿ÉÓÃÓÚOracle Java for Red Hat Enterprise Linux 6¡£Oracle Java SE°æ±¾8Ô̺¬Oracle Java Runtime EnvironmentºÍOracle Java Software Development Kit¡£´Ë¸üн«Oracle Java SE 8Éý¼¶µ½°æ±¾8 Update 181¡£
ÊÜÓ°ÏìµÄ²úÆ·£º
Oracle Java (Restricted Maintenance) (for RHEL Server) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Server) 6 i386
Oracle Java (Restricted Maintenance) (for RHEL Client) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Client) 6 i386
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 6 i386
°²È«½¨¸´£º
Oracle JDK£º7u191,8u181ºÍ10.0.2£¨JavaFX£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2941£©
Oracle JDK£º8u181ºÍ10.0.2£¨Deployment£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2964£©
Oracle JDK£º 6u201,7u191,8u181ºÍ10.0.2£¨(Libraries£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2940£©
OpenJDK£ºPatternSyntaxExceptionÖеÄË÷ÒýÑéÖ¤²»¼°getMessage£¨£©£¨Concurrency£¬8199547£©£¨CVE-2018-2952£©
Oracle JDK£º6u201,7u191,8u181ºÍ10.0.2£¨JSSE£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2973£©


2. RHSA-2018:2255
java-1.7.0-oracle°²È«¸üУ¬´Ë¿Ì¿ÉÓÃÓÚOracle Java for Red Hat Enterprise Linux 6¡£Oracle Java SE°æ±¾7Ô̺¬Oracle Java Runtime EnvironmentºÍOracle Java Software Development Kit¡£´Ë¸üн«Oracle Java SE 7Éý¼¶µ½°æ±¾7 Update 191¡£
ÊÜÓ°ÏìµÄ²úÆ·£º
Oracle Java (Restricted Maintenance) (for RHEL Server) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Server) 6 i386
Oracle Java (Restricted Maintenance) (for RHEL Client) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Client) 6 i386
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 6 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 6 i386
°²È«½¨¸´£º
Oracle JDK£º7u191,8u181ºÍ10.0.2£¨JavaFX£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2941£©
Oracle JDK£º6u201,7u191,8u181ºÍ10.0.2£¨Libraries£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2940£©
OpenJDK£ºPatternSyntaxExceptionÖеÄË÷ÒýÑéÖ¤²»¼°getMessage£¨£©£¨Concurrency£¬8199547£©£¨CVE-2018-2952£©
Oracle JDK£º6u201,7u191,8u181ºÍ10.0.2£¨JSSE£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2973£©


3. RHSA-2018:2254
java-1.7.0-oracle°²È«¸üУ¬´Ë¿Ì¿ÉÓÃÓÚOracle Java for Red Hat Enterprise Linux 7¡£Oracle Java SE°æ±¾7Ô̺¬Oracle Java Runtime EnvironmentºÍOracle Java Software Development Kit¡£´Ë¸üн«Oracle Java SE 7Éý¼¶µ½°æ±¾7 Update 191¡£
ÊÜÓ°ÏìµÄ²úÆ·£º
Oracle Java (Restricted Maintenance) (for RHEL Server) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Client) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) - Extended Update Support 7.5 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Server) - Extended Update Support 7.5 x86_64
°²È«½¨¸´£º
Oracle JDK£º7u191,8u181ºÍ10.0.2£¨JavaFX£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2941£©
Oracle JDK£ºÔÚ6u201,7u191,8u181ºÍ10.0.2£¨Libraries£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2940£©
OpenJDK£ºPatternSyntaxExceptionÖеÄË÷ÒýÑéÖ¤²»¼°getMessage£¨£©£¨Concurrency£¬8199547£©£¨CVE-2018-2952£©
Oracle JDK£º6u201,7u191,8u181ºÍ10.0.2£¨JSSE£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2973£©


4. RHSA-2018:2253
java-1.8.0-oracle°²È«¸üУ¬´Ë¿Ì¿ÉÓÃÓÚRed Hat Enterprise Linux 7µÄOracle Java¡£Oracle Java SE°æ±¾8Ô̺¬Oracle Java Runtime EnvironmentºÍOracle Java Software Development Kit¡£´Ë¸üн«Oracle Java SE 8Éý¼¶µ½°æ±¾8 Update 181¡£
ÊÜÓ°ÏìµÄ²úÆ·£º
Oracle Java (Restricted Maintenance) (for RHEL Server) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Client) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Workstation) 7 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Compute Node) - Extended Update Support 7.5 x86_64
Oracle Java (Restricted Maintenance) (for RHEL Server) - Extended Update Support 7.5 x86_64
°²È«½¨¸´£º
Oracle JDK£º7u191,8u181ºÍ10.0.2£¨JavaFX£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2941£©
Oracle JDK£º8u181ºÍ10.0.2£¨Deployment£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2964£©
Oracle JDK£ºÔÚ6u201,7u191,8u181ºÍ10.0.2£¨Libraries£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2940£©
OpenJDK£ºPatternSyntaxExceptionÖеÄË÷ÒýÑéÖ¤²»¼°getMessage£¨£©£¨Concurrency£¬8199547£©£¨CVE-2018-2952£©
Oracle JDK£º6u201,7u191,8u181ºÍ10.0.2£¨JSSE£©Öн¨¸´µÄδָ¶¨·ì϶£¨CVE-2018-2973£©


½¨¸´½¨Ò飺
RedHat¹Ù·½ÒѾ­°ä²¼Ð°汾½¨¸´ÁËÉÏÊö·ì϶£¬Óû§Ó¦ÊµÊ±Éý¼¶½øÐзÀ»¤£ºhttps://access.redhat.com/articles/11258¡£


²Î¿¼Á´½Ó£º
https://access.redhat.com/errata/#/
https://access.redhat.com/articles/11258