Oracle alert ELSA-2025-10873 (java-21-openjdk)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2025-10873 Important: Oracle Linux 9 java-21-openjdk security update | |
| Date: | Wed, 30 Jul 2025 04:04:36 -0700 | |
| Message-ID: | <mailman.93.1753873487.18.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2025-10873 http://linux.oracle.com/errata/ELSA-2025-10873.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: java-21-openjdk-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-javadoc-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-javadoc-zip-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-src-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-src-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-src-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-fastdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-slowdebug-21.0.8.0.9-1.0.1.el9.x86_64.rpm aarch64: java-21-openjdk-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-javadoc-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-javadoc-zip-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-src-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-src-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-src-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-fastdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-slowdebug-21.0.8.0.9-1.0.1.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/java-21-openjdk-2... Related CVEs: CVE-2025-30749 CVE-2025-30754 CVE-2025-50059 CVE-2025-50106 Description of changes: [1:21.0.8.0.9-1.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:21.0.8.0.9-1.1] - Update to jdk-21.0.8+9 (GA) - Update release notes to 21.0.8+9 - Switch to GA mode - Sync the copy of the portable specfile with the latest update - ** This tarball is embargoed until 2025-07-15 @ 1pm PT. ** - Resolves: RHEL-102289 [1:21.0.7.0.6-3] - Recommend PipeWire on RHEL 9 and later for java.awt.Robot screenshots under Wayland - Resolves: RHEL-102677 [1:21.0.8.0.8-0.1.ea] - Update to jdk-21.0.8+8 (EA) - Update release notes to 21.0.8+8 - Sync the copy of the portable specfile with the latest update - Resolves: RHEL-101798 [1:21.0.8.0.2-0.1.ea] - Update to jdk-21.0.8+2 (EA) - Update release notes to 21.0.8+2 - Sync the copy of the portable specfile with the latest update - Add timezone data update check to openjdk_news.sh - Add duplicate check to openjdk_news.sh - Exit if no fixes are obtained rather than try to run filters in openjdk_news.sh - Related: RHEL-101798 - Resolves: RHEL-103209 [1:21.0.8.0.1-0.1.ea] - Update get_bundle_versions.sh to match other scripts - * get_bundle_versions.sh: Add license - * get_bundle_versions.sh: Set compile-command in Emacs - * get_bundle_versions.sh: Use different error codes for different failures - * get_bundle_versions.sh: Remove unneeded '.' in JPEG version - * get_bundle_versions.sh: shellcheck: Double-quote variable references (SC2086) - * get_bundle_versions.sh: shellcheck: Drop use of cat and pass file to awk directly (SC2002) - Add OpenJDK 8u support to get_bundle_versions.sh - Print bundle updates and backouts at end of openjdk_news.sh output - Refer user to get_bundle_versions.sh when bundle updates are found by openjdk_news.sh - Related: RHEL-103209 [1:21.0.8.0.1-0.1.ea] - Add script to obtain bundled library versions from OpenJDK sources - Related: RHEL-103209 [1:21.0.8.0.1-0.1.ea] - Warn about bundled provide version bumps and backouts in openjdk_news.sh - Related: RHEL-103209 [1:21.0.8.0.1-0.1.ea] - Update to jdk-21.0.8+1 (EA) - Update release notes to 21.0.8+1 - Bump freetype version to 2.13.3 following JDK-8348596 - Bump harfbuzz version to 10.4.0 following JDK-8348597 - Bump lcms2 version to 2.17.0 following JDK-8348110 - Bump libpng version to 1.6.47 following JDK-8348598 - Switch to EA mode - Drop JDK-8351500 local patch which is now available in 21.0.8+1 upstream - Sync the copy of the portable specfile with the latest update - Related: RHEL-101798 [1:21.0.7.0.6-2] - Add local version of JDK-8351500 for early interim release before 21.0.8 - Sync the copy of the portable specfile with the latest update - Resolves: RHEL-90309 _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata