Описание
ELSA-2025-18815: java-1.8.0-openjdk security update (MODERATE)
[1:1.8.0.472.b08-1.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]
[1:1.8.0.472.b08-1]
- Update to 8u472-b08 (GA).
- Update release notes for 8u472-b08.
- Drop local JDK-8339414 fix as this is now included upstream
- Reset rpmrelease to 1 now there are no other RPM builds on RHEL 9
- Sync the copy of the portable specfile with the latest update
- ** This tarball is embargoed until 2025-10-21 @ 1pm PT. **
- Resolves: RHEL-118767
- Resolves: RHEL-119455
[1:1.8.0.462.b08-5]
- Update get_bundle_versions.sh to match other scripts
-
- get_bundle_versions.sh: Add license
-
- get_bundle_versions.sh: Set compile-command in Emacs
-
- get_bundle_versions.sh: Use different error codes for different failures
-
- get_bundle_versions.sh: Remove unneeded '.' in JPEG version
-
- get_bundle_versions.sh: shellcheck: Double-quote variable references (SC2086)
-
- get_bundle_versions.sh: shellcheck: Drop use of cat and pass file to awk directly (SC2002)
- Add OpenJDK 8u support to get_bundle_versions.sh
- Print bundle updates and backouts at end of openjdk_news.sh output
- Refer user to get_bundle_versions.sh when bundle updates are found by openjdk_news.sh
- Add timezone data update check to openjdk_news.sh
- Add duplicate check to openjdk_news.sh
- Exit if no fixes are obtained rather than try to run filters in openjdk_news.sh
- Sync the copy of the portable specfile with the latest update
- Resolves: RHEL-119329
[1:1.8.0.462.b08-5]
- Add script to obtain bundled library versions from OpenJDK sources
- Related: RHEL-119329
[1:1.8.0.462.b08-5]
- Warn about bundled provide version bumps and backouts in openjdk_news.sh
- Related: RHEL-119329
[1:1.8.0.462.b08-5]
- Bump rpmrelease for move to portables only on RHEL 8
- Resolves: RHEL-118775
[1:1.8.0.462.b08-4]
- Bump rpmrelease for CentOS build
- Remove obsolete hack to hardcode newer portable version on RHEL
- Related: RHEL-101648
- Related: RHEL-102312
- Related: RHEL-97496
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
java-1.8.0-openjdk-accessibility-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-accessibility-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-accessibility
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-javadoc
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-javadoc-zip
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src
1.8.0.472.b08-1.0.1.el8
Oracle Linux x86_64
java-1.8.0-openjdk-accessibility-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-accessibility-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src-fastdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src-slowdebug
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-accessibility
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-demo
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-devel
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-headless
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-javadoc
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-javadoc-zip
1.8.0.472.b08-1.0.1.el8
java-1.8.0-openjdk-src
1.8.0.472.b08-1.0.1.el8
Oracle Linux 9
Oracle Linux aarch64
java-1.8.0-openjdk-demo-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-demo-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-demo
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-javadoc
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-javadoc-zip
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src
1.8.0.472.b08-1.0.1.el9
Oracle Linux x86_64
java-1.8.0-openjdk
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-demo
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-javadoc
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-javadoc-zip
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-demo-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-demo-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-devel-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-headless-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-slowdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src-fastdebug
1.8.0.472.b08-1.0.1.el9
java-1.8.0-openjdk-src-slowdebug
1.8.0.472.b08-1.0.1.el9
Связанные CVE
Связанные уязвимости
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start ap...