RLSA-2026:0933

Опубликовано: 13 фев. 2026

Источник: rocky

Оценка: Important

Описание

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit.

Security Fix(es):

JDK: Improve JMX connections (CVE-2026-21925)
JDK: Improve HttpServer Request handling (CVE-2026-21933)
JDK: Enhance Certificate Checking (CVE-2026-21945)
libpng: LIBPNG buffer overflow (CVE-2025-64720)
libpng: LIBPNG heap buffer overflow (CVE-2025-65018)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2416904
Red Hat - 2416904
https://bugzilla.redhat.com/show_bug.cgi?id=2416907
Red Hat - 2416907
https://bugzilla.redhat.com/show_bug.cgi?id=2429924
Red Hat - 2429924
https://bugzilla.redhat.com/show_bug.cgi?id=2429926
Red Hat - 2429926
https://bugzilla.redhat.com/show_bug.cgi?id=2429927
Red Hat - 2429927

Связанные уязвимости

RLSA-2026:0932

rocky

2 месяца назад

Important: java-1.8.0-openjdk security update

RLSA-2026:0928

rocky

2 месяца назад

Important: java-21-openjdk security update

RLSA-2026:0927

rocky

2 месяца назад

Important: java-17-openjdk security update

ELSA-2026-0932

oracle-oval

2 месяца назад

ELSA-2026-0932: java-1.8.0-openjdk security update (IMPORTANT)

ELSA-2026-0928

oracle-oval

2 месяца назад

ELSA-2026-0928: java-21-openjdk security update (IMPORTANT)