Oracle alert ELSA-2025-21485 (java-25-openjdk)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2025-21485 Moderate: Oracle Linux 10 java-25-openjdk security update | |
| Date: | Fri, 05 Dec 2025 05:19:03 -0800 | |
| Message-ID: | <mailman.198.1764940756.30.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2025-21485 http://linux.oracle.com/errata/ELSA-2025-21485.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: java-25-openjdk-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-demo-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-demo-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-demo-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-devel-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-devel-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-devel-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-headless-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-headless-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-headless-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-javadoc-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-javadoc-zip-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-jmods-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-jmods-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-jmods-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-src-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-src-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-src-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-static-libs-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-static-libs-fastdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm java-25-openjdk-static-libs-slowdebug-25.0.1.0.8-2.0.1.el10.x86_64.rpm aarch64: java-25-openjdk-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-demo-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-demo-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-demo-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-devel-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-devel-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-devel-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-headless-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-headless-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-headless-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-javadoc-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-javadoc-zip-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-jmods-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-jmods-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-jmods-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-src-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-src-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-src-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-static-libs-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-static-libs-fastdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm java-25-openjdk-static-libs-slowdebug-25.0.1.0.8-2.0.1.el10.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/java-25-openjdk-... Related CVEs: CVE-2025-53057 CVE-2025-53066 CVE-2025-61748 Description of changes: [1:25.0.1.0.8-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:25.0.1.0.8-2] - Remove superfluous backslashes that cause two alternative commands to be combined - Related: RHEL-120553 [1:25.0.1.0.8-1] - Update to jdk-25.0.1+8 (GA) - Update release notes with features of JDK 25 - Mention finalisation JEP for features finalised in JDK 22, 23 & 24 - Drop fakefeaturever now we have reached OpenJDK 25 - Update release notes to 25.0.1+8 - Sync the copy of the portable specfile with the latest update - Resolves: RHEL-120553 [1:24.0.2.0.12-1] - Update to jdk-24.0.2+12 (GA) - Update release notes with features of JDK 24 - alt-java man page installation is now handled by the OpenJDK build - Adjust TestTranslations.java with updated German translations from CLDR 46 (JDK-8333582) (Mountain->Mountains) - Run javap with the disassembled code (-c) option now required for -l by JDK-8345145 - Sync the copy of the portable specfile with the latest update - Remove default.policy and java.policy following JDK-8338411: "Permanently Disable the Security Manager" - Make man page handling dependent on pandoc being available during the portable build - Handle new CDS archive variants (*_coh*) added by Compact Object Headers (JDK-8305895) - Add missing man page alternatives for jdeprscan, jfr, jhsdb, jimage, jlink & jmod and fix alphabetical ordering - Support jnativescan added by JDK-8317611: "Add a tool like jdeprscan to find usage of restricted methods" - Add recent native libraries to _privatelibs (libjsvml.so, libsimdsort.so, libsyslookup.so) - Support libsleef on AArch64 & RISC-V added by JDK-8329816, JDK-8320500 (RISC-V) & JDK-8312425 (AArch64) - Related: RHEL-120553 [1:23.0.2.0.7-1] - Update to jdk-23.0.2+7 (GA) - Update release notes with features of JDK 23 - Sync the copy of the portable specfile with the latest update - Remove lible.so handling following its removal in JDK-8327476: "Upgrade JLine to 3.26.1" - Install jaxp-strict.properties.template added by JDK-8330542: "Template for Creating Strict JAXP Configuration File" - Related: RHEL-120553 _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata