RLSA-2025:10867

Опубликовано: 29 июл. 2025

Источник: rocky

Оценка: Important

Описание

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

JDK: Better Glyph drawing (CVE-2025-30749)
JDK: Enhance TLS protocol support (CVE-2025-30754)
JDK: Improve HTTP client header handling (CVE-2025-50059)
JDK: Better Glyph drawing redux (CVE-2025-50106)

Bug Fix(es):

In Rocky Linux 9 and Rocky Linux 10 systems, the default graphical display system is Wayland. The use of Wayland in these systems causes a failure in the traditional X11 method that java.awt.Robot uses to take a screen capture, producing a blank image. With this update, the RPM now recommends installing the PipeWire package, which the JDK can use to take screen captures in Wayland systems (Rocky Linux-102668, Rocky Linux-102669, Rocky Linux-102670, Rocky Linux-102672)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
java-17-openjdk	x86_64	2.el8	java-17-openjdk-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-demo	x86_64	2.el8	java-17-openjdk-demo-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-devel	x86_64	2.el8	java-17-openjdk-devel-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-headless	x86_64	2.el8	java-17-openjdk-headless-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-javadoc	x86_64	2.el8	java-17-openjdk-javadoc-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-javadoc-zip	x86_64	2.el8	java-17-openjdk-javadoc-zip-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-jmods	x86_64	2.el8	java-17-openjdk-jmods-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-src	x86_64	2.el8	java-17-openjdk-src-17.0.16.0.8-2.el8.x86_64.rpm
java-17-openjdk-static-libs	x86_64	2.el8	java-17-openjdk-static-libs-17.0.16.0.8-2.el8.x86_64.rpm