java-1.8.0-openjdk-1.8.0.472.b08-1.el8

エラータID: AXSA:2025-11010:18

リリース日: 
2025/10/31 Friday - 22:13
題名: 
java-1.8.0-openjdk-1.8.0.472.b08-1.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- Java の Security コンポーネントには、リモートの攻撃者により、
複数のプロトコルによる不正なネットワークアクセスを介して、不正な
データの作成、削除および変更を可能とする脆弱性が存在します。
(CVE-2025-53057)

- Java の JAXP コンポーネントには、リモートの攻撃者により、複数
のプロトコルによる不正なネットワークアクセスを介して、機密情報の
漏洩を可能とする脆弱性が存在します。(CVE-2025-53066)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2025-53057
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
CVE-2025-53066
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. java-1.8.0-openjdk-1.8.0.472.b08-1.el8.src.rpm
    MD5: d401a0cc34a4630b05148a9d7018760a
    SHA-256: cb0974f0bfcb68156950721d9320959cfcbc0f460993223c282b495ec83640ac
    Size: 58.08 MB

Asianux Server 8 for x86_64
  1. java-1.8.0-openjdk-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: a846118fb84ff39d9ed25ab9e324032e
    SHA-256: defe57b98b3ae18dd2c9640e359e13ba7d0af1d669eb126dd00e3cb6be442ccb
    Size: 561.45 kB
  2. java-1.8.0-openjdk-accessibility-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: aae9306512d596f101c8942e9821ca19
    SHA-256: 01d8d39a5aaa3e6b41339244a389ba19e09673b6114f5a922f600afa65f743e3
    Size: 130.10 kB
  3. java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: a524f256044243a01ab84e0de41d1184
    SHA-256: 32970d20315c1651c5732fdae2b9900907937ef6cc900cb3d941f55f05910ab1
    Size: 129.94 kB
  4. java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 1b9d9592579aa5130b912a045d6f3ca5
    SHA-256: f1e63b93634286ecc2d3742c393469231a0d930d668ad3b7fb96940c8469442b
    Size: 129.95 kB
  5. java-1.8.0-openjdk-demo-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: c77bee3526094de33202d1a82ef566de
    SHA-256: 3e9ed7f6e8aad9433ccdaec058a16d1014a355e81cd86700df1142ff806c6e7c
    Size: 2.09 MB
  6. java-1.8.0-openjdk-demo-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 2b4f0b1fe7e7fb9b7d5624289891bdeb
    SHA-256: 4100e3a89acfe258cbd7331247209de24f2e38162c5738473d4e56042b2b9ef0
    Size: 2.11 MB
  7. java-1.8.0-openjdk-demo-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 589e463a88649d6b9e3c7fadb682f1ff
    SHA-256: 6a0043244ff08e2de21a3bedc99dbdedb3109b9013946f46f373bef4221b9fdf
    Size: 2.11 MB
  8. java-1.8.0-openjdk-devel-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 3cea601a3dc9dfaaad3fda875cd3c6db
    SHA-256: 7fa77645e1c744dbe21813499ef4be158646eeebd176b445fb4e2c06f344cde7
    Size: 9.96 MB
  9. java-1.8.0-openjdk-devel-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 01c8e5f3b9725f82367cc7d3c20d0ac2
    SHA-256: bb77ac18e0521ec00ffe2141d5f414f6383dc6f50e1f93a044eac68f3247726b
    Size: 9.96 MB
  10. java-1.8.0-openjdk-devel-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: a6fad2ce70d424929918b6dde02f9a1d
    SHA-256: c3b5ee1a92c7083ca93df15a6f5a2c89ccc11c898019878c3f0b3538382a9929
    Size: 9.97 MB
  11. java-1.8.0-openjdk-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: b354d0a1f02f3871ed240181f650b314
    SHA-256: d2b116f6059b97596e3dbf427aa0d9e7710f8375f8a7eb564c377ccdb32be95d
    Size: 574.79 kB
  12. java-1.8.0-openjdk-headless-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 693769348cd8abe99bba352456c25efb
    SHA-256: ad827e536bd73dd182bd00b693b93e3a905ff545176485b1dda13969852edd89
    Size: 34.55 MB
  13. java-1.8.0-openjdk-headless-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 9775da9fac6f1a342e5fcf0ab154efa6
    SHA-256: 34668ce5d770b68fb7d7b9c70d6c04cbeeb80d9ea7913b26bde9e0f6bc901aec
    Size: 38.19 MB
  14. java-1.8.0-openjdk-headless-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: bd788f4e694f4748cecac3ac53cdc834
    SHA-256: 138bf3122c13165843e18804fb616ea0f3e000b61894fda968cb0eb3ab511d36
    Size: 36.38 MB
  15. java-1.8.0-openjdk-javadoc-1.8.0.472.b08-1.el8.noarch.rpm
    MD5: 545808248d9796965032c90a42917580
    SHA-256: 328b7da68c40207d2ffc4f7dde4debb4f22fe646f822a576816156c2a169fd92
    Size: 15.20 MB
  16. java-1.8.0-openjdk-javadoc-zip-1.8.0.472.b08-1.el8.noarch.rpm
    MD5: 2ef0262a11c93cc45105e8e5b162d10b
    SHA-256: d491a0fcf5eb420e14d25e48ee4b882ed9b54f741f1e8c2b7485bd956e3037f0
    Size: 41.66 MB
  17. java-1.8.0-openjdk-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 48e049f340644f9d86a15e0aec8a4943
    SHA-256: ad276d6e841261c573fdbb4ac70aebc0a081c0a837125dc5d45aa4e6fae3f65f
    Size: 551.09 kB
  18. java-1.8.0-openjdk-src-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: bef331abcefe429b43094db21807395f
    SHA-256: 217f578959a2a2ad7c601db9d962c7d3d8ad3f0b915174882451209b1bb1ab51
    Size: 45.54 MB
  19. java-1.8.0-openjdk-src-fastdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 0fe30b0e6eeecf946efbbe04e6fa9b4d
    SHA-256: 9c61550943981fcf7812ef83a2e536ba573feb38177b678ee62d370608c70b64
    Size: 45.54 MB
  20. java-1.8.0-openjdk-src-slowdebug-1.8.0.472.b08-1.el8.x86_64.rpm
    MD5: 80418b6b6308116c67a7d2c8f3949e5c
    SHA-256: acef27253e0d4cb72cbad3f908773a4416ce5f1984e4bc8823c44791da244a5f
    Size: 45.54 MB