|
|
Log in / Subscribe / Register

Red Hat alert RHSA-2026:9689-01 (java-21-openjdk)

An update for java-21-openjdk is now available for Red Hat Enterprise Linux
8, Red Hat Enterprise Linux 9.4 Extended Update Support, Red Hat Enterprise
Linux 9.6 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat
Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and
the OpenJDK 21 Java Software Development Kit.

Security Fix(es):

* JDK: Enhance crypto algorithm support (CVE-2026-22007)

* JDK: Improve Kerberos credentialing (CVE-2026-22013)

* JDK: Enhance Path Factories Redux (CVE-2026-22016)

* JDK: Enhance Zip file reading (CVE-2026-22018)

* JDK: Enhance certificate chain validation (CVE-2026-22021)

* JDK: Updating FreeType 2.14.1 (CVE-2026-23865)

* JDK: Enhance TLS connection handling (CVE-2026-34282)

* JDK: Enhance key generation (CVE-2026-34268)

Bug Fix(es):

* When copying files, OpenJDK 21 prefers to use the copy_file_range native
function for performance reasons, only falling back to sendfile when this
fails.  However, in previous OpenJDK 21 releases, a response of EOPNOTSUPP
(operation not supported) did not cause the JDK to fall back to sendfile.
This is rectified in this release. (RHEL-169617, RHEL-169951, RHEL-169952,
RHEL-169942, RHEL-169953, RHEL-169945)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0
International License (https://creativecommons.org/licenses/by/4.0/). If you
distribute this content, or a modified version of it, you must provide
attribution to Red Hat Inc. and provide a link to the original.


Original: https://access.redhat.com/security/data/csaf/v2/advisories/2026/rhsa-2026_9689.json
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds