java-17-openjdk-17.0.14.0.7-3.el8
エラータID: AXSA:2025-9605:04
リリース日:
2025/01/30 Thursday - 16:22
題名:
java-17-openjdk-17.0.14.0.7-3.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Java の Hotspot コンポーネントには、リモートの攻撃者に
より、複数のプロトコルによるネットワークアクセスを介して、
不正なデータの操作 (更新、挿入、および削除) および不正な
データの読み取りを可能とする脆弱性が存在します。
(CVE-2025-21502)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-21502
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
追加情報:
N/A
ダウンロード:
SRPMS
- java-17-openjdk-17.0.14.0.7-3.el8.src.rpm
MD5: 3cc530b127848715f8e363ab24097cb5
SHA-256: 78521c5de99f2322684cf90ce6347014d8c2437832900deaedd9c9cf2071d9f4
Size: 63.64 MB
Asianux Server 8 for x86_64
- java-17-openjdk-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 0042e070c2672f4d2adba63d5cf7639d
SHA-256: f5e6eb68c571ab00361357c3fe4236d9242eaeadc0463778245936f4e5a18880
Size: 494.45 kB - java-17-openjdk-demo-17.0.14.0.7-3.el8.x86_64.rpm
MD5: a2e1004af8d090ce6f61e4e96cbfc1cb
SHA-256: 9f633ce4eb4245c0fd8afd783080badd0948fdf104fa9a1c2600237fb147ac6b
Size: 3.44 MB - java-17-openjdk-demo-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 80939904a802d513b9de2edfca4b96b7
SHA-256: 8072baf8bb7cdab7004be56c52ac8d5698496a24039d0e0fe5633ec541640054
Size: 3.44 MB - java-17-openjdk-demo-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: f1a7d535368538c7357b3d53a78c455e
SHA-256: 1db9995bb6465a11939996850b941d6fe8eff9d9633fe4da925b593e3814959b
Size: 3.44 MB - java-17-openjdk-devel-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 9e5679d208a0c14813f747448e2472ad
SHA-256: 8b7fed9c25c3b8a4866c82ece9c56d4de072645d45e7a836a24ba4a32a647d2f
Size: 5.12 MB - java-17-openjdk-devel-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 69925d530df179a40ca6a9aa1bd1167e
SHA-256: 5189957c124da857929d2a1102165dc0128085c21daa271fb14ef14dd5e593e1
Size: 5.12 MB - java-17-openjdk-devel-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 3f7833e510c0f362436f59502a573b8f
SHA-256: 425f42414659fe86534484a1f0c984df3db0ba0d900e5168f48ac871d6b19854
Size: 5.12 MB - java-17-openjdk-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: de1104d025616e4e75b0a12b9be0d0db
SHA-256: 129b6c5fd7405d093a5d0cf9917d02f38f8f258d041aabef1d7ebbc1fac61ce0
Size: 503.32 kB - java-17-openjdk-headless-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 913045c038959b873335ba5d3bcd241a
SHA-256: f5307758f10bc5db98446a7d07cfbd777916d3801e95b83849ca394e573bdb25
Size: 46.17 MB - java-17-openjdk-headless-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: ee44d4dc3d1360c07686130756bd316b
SHA-256: 9c152f5ff6dccea1e3cb48769131523ee3bc4f1f448765677585e111f0e647e7
Size: 50.75 MB - java-17-openjdk-headless-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 335285e7482e1c2923d82043315b9999
SHA-256: 91249fc16a20f696518a19b32332f08b26dbe8e3f04567fb684925862026cbfe
Size: 49.23 MB - java-17-openjdk-javadoc-17.0.14.0.7-3.el8.x86_64.rpm
MD5: d99470d7c4963a4fe4687019d7ac48bf
SHA-256: a5334bb3ebf7bbd18c6f0ae304d0255a895e1735c25d7feed842c32f7dac8aee
Size: 16.04 MB - java-17-openjdk-javadoc-zip-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 459ad6f98829411cd28b770a81162d80
SHA-256: 76c6054eaa3261580e1c4258f057cf88cf4c261cf6fb9afb7750c3545dd07530
Size: 40.30 MB - java-17-openjdk-jmods-17.0.14.0.7-3.el8.x86_64.rpm
MD5: f1ce42e2f601e87931f79fe7cd215b66
SHA-256: 5c1139dfe556ef51bc9a6e392dad0780bff50709da1447b3ace10555b4c59853
Size: 255.22 MB - java-17-openjdk-jmods-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: ad92567b875a8579e8c633d9f1f23366
SHA-256: 8d6f50bda982ab97c336120d7c1f32935fea34114c8dc7de2d1d0f6ff9ee886f
Size: 248.32 MB - java-17-openjdk-jmods-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: d5ffbaedbad4b43fbee1ea907f6fbd67
SHA-256: cd9faca3241864d6813e4470be63670a30b6b2cf30a06980b296852bba22faa5
Size: 187.14 MB - java-17-openjdk-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 51ac441f4ddfa24892bcc4cff7a390ae
SHA-256: 136c6c7ddecc8b5d2d3259b687dbb2b1106f73af5b681d68ee2aec145657289f
Size: 480.12 kB - java-17-openjdk-src-17.0.14.0.7-3.el8.x86_64.rpm
MD5: c9e3bbc46721420397ba020c6ce00c41
SHA-256: 76ba41322662253c3af9ab9802abccacb2ad430ce09d9f394e1062ae490433f1
Size: 45.48 MB - java-17-openjdk-src-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 7c70de9f239def704a5ad0c52016cb19
SHA-256: 086a2d20966fa560362c66e3260cddd8bb1bb0f1243efb3b4770733e128fdaa7
Size: 45.48 MB - java-17-openjdk-src-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: f3831292e6108f7283c17d1a4c46710d
SHA-256: f580fa049cf229dd8531e32f71afe4725ece7c81ebe69dffcb6c24eb5f708739
Size: 45.48 MB - java-17-openjdk-static-libs-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 0998b404b98b4f0641e5f074eb31cf2f
SHA-256: 686bf45f8b47d5f65854f61453b8db63f80b95ab384fda1caa60f8efb93e610c
Size: 30.94 MB - java-17-openjdk-static-libs-fastdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: fc08fabfa9b04ead042b7329ecc9424b
SHA-256: 6b6377ab691588885715bddebc54bde4f42a1b801509d375a9863b5714d64b0d
Size: 31.09 MB - java-17-openjdk-static-libs-slowdebug-17.0.14.0.7-3.el8.x86_64.rpm
MD5: 44ad3cbb71ebdb9b356dee92ffff6951
SHA-256: d665539075b9c6db54731c867da603c334c0991a4351b5d459ea3f48e724df91
Size: 24.46 MB
English