java-1.8.0-openjdk-1.8.0.452.b09-2.el9.ML.1

エラータID: AXSA:2025-9871:08

Release date: 
Thursday, April 24, 2025 - 13:55
Subject: 
java-1.8.0-openjdk-1.8.0.452.b09-2.el9.ML.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment
and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* JDK: Better TLS connection support (CVE-2025-21587)
* JDK: Improve compiler transformations (CVE-2025-30691)
* JDK: Enhance Buffered Image handling (CVE-2025-30698)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition product of Oracle Java SE (component: JSSE). Supported
versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26,
17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM
Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability
allows unauthenticated attacker with network access via multiple protocols to
compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise
Edition. Successful attacks of this vulnerability can result in unauthorized
creation, deletion or modification access to critical data or all Oracle Java
SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as
well as unauthorized access to critical data or complete access to all Oracle
Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible
data. Note: This vulnerability can be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the APIs. This
vulnerability also applies to Java deployments, typically in clients running
sandboxed Java Web Start applications or sandboxed Java applets, that load and
run untrusted code (e.g., code that comes from the internet) and rely on the
Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and
Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVE-2025-30691
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that
are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and
24. Difficult to exploit vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise Oracle Java SE. Successful
attacks of this vulnerability can result in unauthorized update, insert or
delete access to some of Oracle Java SE accessible data as well as unauthorized
read access to a subset of Oracle Java SE accessible data. Note: This
vulnerability can be exploited by using APIs in the specified Component, e.g.,
through a web service which supplies data to the APIs. This vulnerability also
applies to Java deployments, typically in clients running sandboxed Java Web
Start applications or sandboxed Java applets, that load and run untrusted code
(e.g., code that comes from the internet) and rely on the Java sandbox for
security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVE-2025-30698
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions
that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14,
21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM
Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability
allows unauthenticated attacker with network access via multiple protocols to
compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise
Edition. Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for
JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized
read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle
GraalVM Enterprise Edition accessible data and unauthorized ability to cause a
partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for
JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java
deployments, typically in clients running sandboxed Java Web Start applications
or sandboxed Java applets, that load and run untrusted code (e.g., code that
comes from the internet) and rely on the Java sandbox for security. This
vulnerability does not apply to Java deployments, typically in servers, that
load and run only trusted code (e.g., code installed by an administrator). CVSS
3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

Solution: 

Update packages.

CVEs: 
CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVE-2025-30691
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVE-2025-30698
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.8.0-openjdk-1.8.0.452.b09-2.el9.ML.1.src.rpm
    MD5: 899110458fbaa392ef3160a17d80e574
    SHA-256: 5328812e9639849c2120b6a147696815ed8e60e39024548f10b17ecc38ffc45a
    Size: 58.04 MB

Asianux Server 9 for x86_64
  1. java-1.8.0-openjdk-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 31966e7514b985da4f18161d643f3b30
    SHA-256: 1025c9b3490c5365c7d6fb54ee47875d54904c0e177b8e873aba077cc55eea66
    Size: 424.82 kB
  2. java-1.8.0-openjdk-demo-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 6761728982810f53a4b669ad7f33788a
    SHA-256: bcf55d7ef4372d2b25c36051175660a6371314b08e9e0ba6b21d721a04a221ff
    Size: 2.04 MB
  3. java-1.8.0-openjdk-demo-fastdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 1e702c483269a51bc64c819dda869c14
    SHA-256: 84ccc00f3ea6bced5f66817ad81068dcd3fe515837d6ec259eb1382108ee4cd9
    Size: 2.06 MB
  4. java-1.8.0-openjdk-demo-slowdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 47cd71f9e38c469fd68b7aedde3509cc
    SHA-256: 3ba1eefc63571c828ecda028b2498ae8d4b4ad778c91757373d74a3b31222e31
    Size: 2.06 MB
  5. java-1.8.0-openjdk-devel-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 03d93459ed44d01a2d98def1882ceded
    SHA-256: 2bde56c51a4499d5b982e214bde77a35da5280246d25972cc1c0b53b171f70cf
    Size: 9.35 MB
  6. java-1.8.0-openjdk-devel-fastdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: beb2a5fd0ac89ce66924b228e5bff781
    SHA-256: b263250e8c0be5f882234fc19485b8eadf3fe20e2137979cbd8a2f709928b369
    Size: 9.35 MB
  7. java-1.8.0-openjdk-devel-slowdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 32b5f61b54e79f01fa750d4bccaa09e0
    SHA-256: 35d4269b6cea23f1f4ce7b6136eedd0925784f4e28d5d305fdc0e90363a2cc8c
    Size: 9.36 MB
  8. java-1.8.0-openjdk-fastdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 107cbcccb680764169577d6c12d150e9
    SHA-256: 95a14c91f753322e74c6246cf7f44f804decdc2914318f33b5120dcf8e9e1ce2
    Size: 436.90 kB
  9. java-1.8.0-openjdk-headless-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 138a66700da7f389e88f9f6ceab89247
    SHA-256: 2c31f2c4f5e08a4577b07016da1f783a285b3aace33205af0d46fdde38b51de8
    Size: 32.84 MB
  10. java-1.8.0-openjdk-headless-fastdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 381958a477e7f21d2e7ce7b4e6eab782
    SHA-256: 0ef88395b7d76a35f544ea553987dac93738ad81610ad66067ac63ad3da82358
    Size: 36.60 MB
  11. java-1.8.0-openjdk-headless-slowdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 0c5bf8740d80aa22c17821830301607a
    SHA-256: 994f1d7a7145b59bb033ff6082e5a6aeb4651b3686332fe450d50f7118771a94
    Size: 34.05 MB
  12. java-1.8.0-openjdk-javadoc-1.8.0.452.b09-2.el9.ML.1.noarch.rpm
    MD5: 4323d994777cd885dded21a5964555a0
    SHA-256: b095802010fb99b639a17d8adcb39a493c5ec3906d799c38d06c64a6daf07c8d
    Size: 14.46 MB
  13. java-1.8.0-openjdk-javadoc-zip-1.8.0.452.b09-2.el9.ML.1.noarch.rpm
    MD5: f0e2e6ef43da669fd668a1ecfd2855a0
    SHA-256: 78a83bbbb2601bfa855088c8fb21a55734fdbcf7104410c0ecdbc6e00099aa2d
    Size: 40.81 MB
  14. java-1.8.0-openjdk-slowdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 7aca84dea8b8aefaf02a4fb431ac69cb
    SHA-256: d7aa178cae481314641d833db49736b6d2f2ec24796da15b5e141957e516deb8
    Size: 408.97 kB
  15. java-1.8.0-openjdk-src-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 616e8b7569cd04f514f860b45690111b
    SHA-256: 895177a8d3434f650f9e6c1c0f8ce81df6b0202d1b20c13b2bb8333dba398844
    Size: 44.65 MB
  16. java-1.8.0-openjdk-src-fastdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: 5fe22829447c0d96d2d5dd336e7fcda0
    SHA-256: b6eb946d93104d29d8853c7d75c52a1e7e90e28a82a7d8511cb04ad6e5b0bb98
    Size: 44.65 MB
  17. java-1.8.0-openjdk-src-slowdebug-1.8.0.452.b09-2.el9.ML.1.x86_64.rpm
    MD5: c93c3e7abc9e8ad321579d5739ddee6c
    SHA-256: f29f3492db24aa7c177ab303a9dcfe8fece8c6877711f265263fc07a29213755
    Size: 44.65 MB