java-1.8.0-openjdk-1.8.0.482.b08-1.el8

エラータID: AXSA:2026-109:02

リリース日: 
2026/01/30 Friday - 23:14
題名: 
java-1.8.0-openjdk-1.8.0.482.b08-1.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment
and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

JDK: Improve JMX connections (CVE-2026-21925)
JDK: Improve HttpServer Request handling (CVE-2026-21933)
JDK: Enhance Certificate Checking (CVE-2026-21945)
libpng: LIBPNG buffer overflow (CVE-2025-64720)
libpng: LIBPNG heap buffer overflow (CVE-2025-65018)

Bug Fix(es):

When using a P11SecretKey for both signing and encryption in FIPS mode, the
FIPS PKCS11 provider would fail with a CKR_ATTRIBUTE_VALUE_INVALID error. This
was due to the default configuration not applying the CKA_ENCRYPT=true attribute
to the key. The configuration in this release is updated to include this
attribute. (RHEL-142865, RHEL-142866, RHEL-142867, RHEL-142868, RHEL-142869,
RHEL-142870, RHEL-142871, RHEL-142872, RHEL-142873, RHEL-142874)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE(s):
CVE-2025-64720
CVE-2025-65018
CVE-2026-21925
CVE-2026-21933
CVE-2026-21945

SRPMS(s):
java-1.8.0-openjdk-1.8.0.482.b08-1.el8.src.rpm

Additional info:
https://access.redhat.com/errata/RHSA-2026:0932
https://www.cve.org/CVERecord?id=CVE-2025-64720
https://www.cve.org/CVERecord?id=CVE-2025-65018
https://www.cve.org/CVERecord?id=CVE-2026-21925
https://www.cve.org/CVERecord?id=CVE-2026-21933
https://www.cve.org/CVERecord?id=CVE-2026-21945

解決策: 

Update packages.

CVE: 
CVE-2025-64720
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.
CVE-2025-65018
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.
CVE-2026-21925
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: RMI). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVE-2026-21933
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
CVE-2026-21945
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. java-1.8.0-openjdk-1.8.0.482.b08-1.el8.src.rpm
    MD5: cb05864aa75ae562e42fdcfea160c220
    SHA-256: 838c20b0904defa32d5befb57a37780a064677d84634e7f6ae2370181be5081d
    Size: 58.61 MB

Asianux Server 8 for x86_64
  1. java-1.8.0-openjdk-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: b3ecbd36499957d893e1fcfb7630c3d9
    SHA-256: 19ca436f514bb4b401ccafbb79a2f0e3c785a7f5f92ac63d6fdadae594cd616f
    Size: 558.72 kB
  2. java-1.8.0-openjdk-accessibility-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: a709746ca2654489e1e98b08c36b02c1
    SHA-256: 6f3d17fe9f7e678c24c15be24ac9d1d16f85faadcae5b951e5073b6480d32891
    Size: 131.18 kB
  3. java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: b6267c0d14d6eafdd75ff7c5e72aa740
    SHA-256: 4b79a418959b7d8b20dbc2cfabbea8772581bf40a49a30f5cff8bc6e14883ad3
    Size: 131.02 kB
  4. java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 92242868adbbb82d16b3b9fce5e8d67b
    SHA-256: ee53622098af9ed5f5faee217c6d527722f7d32c39e35214f5cdccce113da7bc
    Size: 131.03 kB
  5. java-1.8.0-openjdk-demo-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: c3f1b3578b6b0ee9589df74953a3b901
    SHA-256: 35db788110498ed34a7f78a0a81cb1cac8e20df4a83d123bda04bff8881bc7ab
    Size: 2.09 MB
  6. java-1.8.0-openjdk-demo-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 3195380a87b04da88ffe974e0fe596d6
    SHA-256: ac53cebd8f33f335640ad11f0f361dded5838c654027037f1dd0483ec06f7fae
    Size: 2.11 MB
  7. java-1.8.0-openjdk-demo-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 00bfac720d6ba5828055ab773729ba83
    SHA-256: 0ebe8441ae7f3f457ede0638bf4abec09e6e9cb681f854932f9498cb58e88300
    Size: 2.11 MB
  8. java-1.8.0-openjdk-devel-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 30b10c8296d9512d90ff43711fa4abe9
    SHA-256: 114555ab06964b24a8b90a0adcbfa59a32a7e0db44fa4d171b3ca0c77ecd7e57
    Size: 9.97 MB
  9. java-1.8.0-openjdk-devel-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: a60913ce17a1a57c286a1469be95b84f
    SHA-256: 68991af8ae86780bafa29cf657bcede33dcfe1679c8e94c4c6ab6210cc9e6983
    Size: 9.97 MB
  10. java-1.8.0-openjdk-devel-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 7fdabf3e21bdd45cc5775d575af94db6
    SHA-256: 2b9f3d44c4bcdbac35ed3388228403ab989311e69debb3303151cca5141d3926
    Size: 9.98 MB
  11. java-1.8.0-openjdk-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: ca0def94983a7cd25d94f6cbb00839b6
    SHA-256: 768f2e7f55f34f413c6f7c1bb46553b018a644d28982becf5560b74e85844677
    Size: 572.18 kB
  12. java-1.8.0-openjdk-headless-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: bd3421a5d9e03dacd3ab6d282c0ebcb6
    SHA-256: f8b774ff1cc51fa5ffa348e75c66eb9720cd39677e97ac04fe40a186ea23ef99
    Size: 34.91 MB
  13. java-1.8.0-openjdk-headless-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 77ea2bc06344e7b1216110ab61f3fbe8
    SHA-256: f070342350d6c8cfa1025975eedeb1fb1fb4433c4e0ee136dad10d375e727849
    Size: 38.56 MB
  14. java-1.8.0-openjdk-headless-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: ef49b18937abe649db8e06599a81016b
    SHA-256: 460d36d2f2c85f070b4ab946591cfb71fb14a0065eabf8e490e224715a71183f
    Size: 36.75 MB
  15. java-1.8.0-openjdk-javadoc-1.8.0.482.b08-1.el8.noarch.rpm
    MD5: 36bb5e5a31db5ae3848215e4b5280c61
    SHA-256: 988e5e942d88532ef245cbb479c6adc1d3b1cdee8ca7ba30b767f21b4640f116
    Size: 15.21 MB
  16. java-1.8.0-openjdk-javadoc-zip-1.8.0.482.b08-1.el8.noarch.rpm
    MD5: 9dedc1a3c1c7b1acb20e01152d234a60
    SHA-256: d804c7ce2e098c7e6f576176f0de56218865fc755058d3d6bd1262c411b6ead5
    Size: 41.69 MB
  17. java-1.8.0-openjdk-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 6e0f2d1fad1bc4d30216bb984554f4e3
    SHA-256: f7e599091ce3fb927a87d5314915e90d9998dae2fd5a1fb076e5a79e57b42f70
    Size: 548.61 kB
  18. java-1.8.0-openjdk-src-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: 0f973a9933a83cf9eec4f1ff3b097f1e
    SHA-256: c467db53e1e54060298a2fe37053effd0245393c7dc254d3398eaa0651052195
    Size: 45.55 MB
  19. java-1.8.0-openjdk-src-fastdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: a57a895e226e7e8f17c060dbe60a3603
    SHA-256: 3803a5df7310afa49f451ca5a8c831b999b43e494605d54608b21363a70bdbd6
    Size: 45.55 MB
  20. java-1.8.0-openjdk-src-slowdebug-1.8.0.482.b08-1.el8.x86_64.rpm
    MD5: dd6512bc1bfe394ecedcd1e3171f5889
    SHA-256: 1ccc8c44a2f5da55cd7967023f16598d7f63c77e16d53214fee004afbe31737b
    Size: 45.55 MB