java-21-openjdk-21.0.9.0.10-1.el9.ML.1

エラータID: AXSA:2025-11028:16

リリース日: 
2025/11/06 Thursday - 11:11
題名: 
java-21-openjdk-21.0.9.0.10-1.el9.ML.1
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the
OpenJDK 21 Java Software Development Kit.

Security Fix(es):

* JDK: Enhance Path Factories (CVE-2025-53066)
* JDK: Enhance Certificate Handling (CVE-2025-53057)
* JDK: Enhance String Handling (CVE-2025-61748)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2025-53057
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition product of Oracle Java SE (component: Security). Supported
versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28,
17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM
Enterprise Edition: 21.3.15. Difficult to exploit vulnerability allows
unauthenticated attacker with network access via multiple protocols to
compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise
Edition. Successful attacks of this vulnerability can result in unauthorized
creation, deletion or modification access to critical data or all Oracle Java
SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.
Note: This vulnerability can be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the APIs. This
vulnerability also applies to Java deployments, typically in clients running
sandboxed Java Web Start applications or sandboxed Java applets, that load and
run untrusted code (e.g., code that comes from the internet) and rely on the
Java sandbox for security. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
CVE-2025-53066
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition product of Oracle Java SE (component: JAXP). Supported
versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28,
17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM
Enterprise Edition: 21.3.15. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols to
compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise
Edition. Successful attacks of this vulnerability can result in unauthorized
access to critical data or complete access to all Oracle Java SE, Oracle GraalVM
for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This
vulnerability can be exploited by using APIs in the specified Component, e.g.,
through a web service which supplies data to the APIs. This vulnerability also
applies to Java deployments, typically in clients running sandboxed Java Web
Start applications or sandboxed Java applets, that load and run untrusted code
(e.g., code that comes from the internet) and rely on the Java sandbox for
security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2025-61748
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for
JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via multiple
protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM
Enterprise Edition. Successful attacks of this vulnerability can result in
unauthorized update, insert or delete access to some of Oracle Java SE, Oracle
GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This
vulnerability can be exploited by using APIs in the specified Component, e.g.,
through a web service which supplies data to the APIs. This vulnerability also
applies to Java deployments, typically in clients running sandboxed Java Web
Start applications or sandboxed Java applets, that load and run untrusted code
(e.g., code that comes from the internet) and rely on the Java sandbox for
security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

解決策: 

Update packages.

CVE: 
CVE-2025-53057
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
CVE-2025-53066
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2025-61748
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. java-21-openjdk-21.0.9.0.10-1.el9.ML.1.src.rpm
    MD5: 73c9b9758e93ed59d0c62e36cbc9b221
    SHA-256: 15d979e95ac9ba144aaaa919150d5c628ff854c0e3120d96a6fe0f578bc15220
    Size: 67.58 MB

Asianux Server 9 for x86_64
  1. java-21-openjdk-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: b03bc9f1c8c652ff720e8ec5dd0add44
    SHA-256: 7d5667a75fb5ed0caab5e665f4f9674c202617943874d1d862d2772114fa5a18
    Size: 399.02 kB
  2. java-21-openjdk-demo-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 20ce1a128f05308482d8f77f0648bba4
    SHA-256: 4cbab7ca82db58eb7ed45b6f24b01e7944797b9e8a89791f9e09262f648b36eb
    Size: 3.18 MB
  3. java-21-openjdk-demo-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 4cdde749e0c1156e4640f7700423cf9c
    SHA-256: 5783556ef6d9c46e0f70fca29d7ba41084c8acb492a6728b0d087f194ee14842
    Size: 3.18 MB
  4. java-21-openjdk-demo-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 884dd1d7fb9e9793b0526d59840d2613
    SHA-256: a6265997d6223c02a6d484c6139defe7707ad6b8e61d2ee5000e2aa5c2a90667
    Size: 3.18 MB
  5. java-21-openjdk-devel-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 68faa19fea02c4fe1c879f8dfe6e5054
    SHA-256: c70ce3abb23d66814062bcfd958b56e55c9d1ac4dae5e20b5b05efceace8e24d
    Size: 5.00 MB
  6. java-21-openjdk-devel-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 8cd66657171418ce5217dd2df5eddff4
    SHA-256: 7fbde5ce345e75633813123b83366cddfee926dece1e67ee2767c4dccd090ccf
    Size: 5.01 MB
  7. java-21-openjdk-devel-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 6955850cc56ab11af928f4fc41ea2828
    SHA-256: 4c1d6fe4b902cd612fee90591fded0bf240e7d13593bf4b8fb36b7276cf81a37
    Size: 5.01 MB
  8. java-21-openjdk-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 30f1775bfbf293102d330651db0f8ade
    SHA-256: 53d1bd5ea16129b910aba93ad2b03825106fbde7dc77635857f56ad1defc01fa
    Size: 408.14 kB
  9. java-21-openjdk-headless-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 70d4d92e8c9ff07f0fb928f8a43973e1
    SHA-256: 3b6916067b6788f1c0289f23c7a88893d15586284c330d1bf30233e43955894d
    Size: 47.36 MB
  10. java-21-openjdk-headless-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 0f0b0c86220f27e1392034beeee028c8
    SHA-256: 2631b90c6b77aa089822702d434abbd0d7076c3a9fa2444bb551c53821906cb1
    Size: 51.89 MB
  11. java-21-openjdk-headless-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: f7466d40fb5eb507ff1e63b2db54dedd
    SHA-256: 93b58b74336a1729e784c75e4e56a00f28570378e3c5167daaf4077f15476eba
    Size: 49.95 MB
  12. java-21-openjdk-javadoc-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: ba10b0cabb1a4074224cbaa169825bf9
    SHA-256: 3cbca5f758531dc2dcc70a3e721457b6e69c57ab17d11b059438628986ed902a
    Size: 14.97 MB
  13. java-21-openjdk-javadoc-zip-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 773bb80602400d8414e8cf994073b570
    SHA-256: 1c0e3bb54fb3d3446935b1b0b7b7c2c2041f079a71010f212261e6b8bd947e06
    Size: 40.57 MB
  14. java-21-openjdk-jmods-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 8ef6f2713b0a6b9df703b4eb046534c1
    SHA-256: 6290659049fb7f4ed0338f623a44e4426d6377c45c6fc1c669aecaf2c85d4c22
    Size: 302.90 MB
  15. java-21-openjdk-jmods-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 789f2f9a0bcf46c86188e63e10dc8870
    SHA-256: 2c213db0fa2728b27023f64888c41b4e65af3204491d9323ecda91080c72705a
    Size: 353.94 MB
  16. java-21-openjdk-jmods-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 9feba3bee50ce352fffec873ee6c3ac4
    SHA-256: 66c91f6589c5f14e33020a594393b20ba2773756d3e4c5b15bf8c54c87e242cd
    Size: 269.16 MB
  17. java-21-openjdk-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 5bc338ec8738e257671ab8ae95335097
    SHA-256: 91d136d0be87c41d058256a16ba509d0c1e41ae3be27400e97f03594a767dcfc
    Size: 407.94 kB
  18. java-21-openjdk-src-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 2773e13e2ed1c9d030dc841f9a14ea00
    SHA-256: 63f0b0f80110718e39d6c9c38444b81d3c86f303ee5a4f3812c74ce5021a6a1e
    Size: 46.75 MB
  19. java-21-openjdk-src-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 170a167d0585051d35d7b298cb4f7874
    SHA-256: af184d821c16444aa8881cd74e9d2670c89784623adb0eb20f1a81ffda79c015
    Size: 46.75 MB
  20. java-21-openjdk-src-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: e62c77cbb27c72599515ccf600fc11c4
    SHA-256: 7a7e348de6cce26d77d0b26bfbd157f41cc11192350040829c4e501c7a7ea46f
    Size: 46.75 MB
  21. java-21-openjdk-static-libs-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 4c9cd526785ccd3ae6c4bc7d6bf65cfe
    SHA-256: 333281f01465c872fe76181964bd758c0d447053d81459f657be2925f2424d4b
    Size: 30.04 MB
  22. java-21-openjdk-static-libs-fastdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 2b27c08c107484a0af576064aa7b66c8
    SHA-256: a51b7622b5be12b63ae046b3e08de7cc7588cac57085b83f3d28c77f447ef5cb
    Size: 30.16 MB
  23. java-21-openjdk-static-libs-slowdebug-21.0.9.0.10-1.el9.ML.1.x86_64.rpm
    MD5: 03e967cb1a7c41270b2bba1a19d22bd6
    SHA-256: e28f4d47a2486b6544de95ee958e07061d5fa260381f3dcc6c0f0ceff3d31300
    Size: 21.31 MB