java-17-openjdk-17.0.15.0.6-2.el8

エラータID: AXSA:2025-9892:08

リリース日: 
2025/04/25 Friday - 17:41
題名: 
java-17-openjdk-17.0.15.0.6-2.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

* JDK: Better TLS connection support (CVE-2025-21587)
* JDK: Improve compiler transformations (CVE-2025-30691)
* JDK: Enhance Buffered Image handling (CVE-2025-30698)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVE-2025-30691
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVE-2025-30698
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

解決策: 

Update packages.

CVE: 
CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVE-2025-30691
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVE-2025-30698
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. java-17-openjdk-17.0.15.0.6-2.el8.src.rpm
    MD5: 53d64ab3fe887ca7dd251006b8d86c7f
    SHA-256: 5f2f2cd6c96261fa8896abce3ebe0f60ad344b0798707490992837156be03937
    Size: 63.71 MB

Asianux Server 8 for x86_64
  1. java-17-openjdk-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: fabe9b1eff3de708c80ae04077816f92
    SHA-256: 877c7eb960ea583f4f67516e58fb431aa72a58b472691c41f8be22198b6f9cde
    Size: 495.02 kB
  2. java-17-openjdk-demo-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: da20324dcec5d073a5489838b69df686
    SHA-256: 98fb1e2a5d70af5f8dd05909760321fe837820e78a8eb8ce69cd6deb2a8efd34
    Size: 3.44 MB
  3. java-17-openjdk-demo-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 997d2910f309a8b21d8caaf587b973df
    SHA-256: 7de4d045a2d7256eabd161588aa6cd8d88d09ecc05c5e8598e8a931f3da79e1f
    Size: 3.44 MB
  4. java-17-openjdk-demo-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 91aa08e3d42313e466567078602314c5
    SHA-256: 95d8993fc6d813ebd1d137e9727a604c1dbfe49dfad12082edcf462d2e123952
    Size: 3.44 MB
  5. java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 52497c43472732ad49daaf46442e2a64
    SHA-256: 8cb737cad742b4bed7da9dc01327eb83d4a8c7a85cfd8d8496f8515e51ebdbaf
    Size: 5.12 MB
  6. java-17-openjdk-devel-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 064490239c40795c882be36ce7d41b9d
    SHA-256: 1ae22efe5a67ddabee4fe371e11ef1ab634dacd3425a3b2511d9ba6fa61a4dc3
    Size: 5.12 MB
  7. java-17-openjdk-devel-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 6f4b14ac06b0804b3d57f9ad53da0d79
    SHA-256: 224a59082a33980dc7ff29c720e543c49ec5b1f8cbdc25763152068a6c04ab57
    Size: 5.12 MB
  8. java-17-openjdk-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: aa34dd1a8f8d1258e7a230945fb19ead
    SHA-256: 29a92990a3d1cf1b3b9c6420e9fc53103bdb2f18b600ae322397e1b06749f031
    Size: 503.87 kB
  9. java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 0a63de674dd5db3dcdae542d3c2b80e0
    SHA-256: 8eb2e323f62ac109430278899f6e9427fdcece91338feb3582ecde1a4f4f15c0
    Size: 46.19 MB
  10. java-17-openjdk-headless-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: e3236e56ea6cd8785c346a0e076a0241
    SHA-256: a3927cbc196f2cfe3cb5617a3c351b18236278ffc7a26b0c48ba5a8581fd54a7
    Size: 50.69 MB
  11. java-17-openjdk-headless-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 4475ecc2f3ecd9b6c6bfaeaeea351ef0
    SHA-256: aa00ec229d7a5cc9c607aafcaf57b9721e5b57c44df81a030cc15d0103ee2702
    Size: 49.25 MB
  12. java-17-openjdk-javadoc-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: d7188d1c02cbca29347faf43da5326b7
    SHA-256: c8ea086f1103bacb25809f841f5d9b597c9d6171fe8036d50dbcb33626b7da0a
    Size: 16.04 MB
  13. java-17-openjdk-javadoc-zip-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: c2e3a53d91fb94a7f9f94df8862f7a0b
    SHA-256: 7c01e5e93ca79a1589a8a4f93c19d287c41a52580515014f3319e464f10cdf35
    Size: 40.32 MB
  14. java-17-openjdk-jmods-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 5668dab7254947c3e1e6a6d47be6e20a
    SHA-256: ee836339822bfdb80ea36bef8aed9dbac48044cda00bb9f62f28a80bd1adf506
    Size: 255.21 MB
  15. java-17-openjdk-jmods-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 22b3789e49de3f2dfa4333b53367a247
    SHA-256: 78e15dcf98a47e2ab26720d7b9eb505416311cdfe6c3942e0a141f87f4c2a483
    Size: 247.87 MB
  16. java-17-openjdk-jmods-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 807e22107f6fcdbb2a44476cb35f29ce
    SHA-256: 9569921edcbd3900362689d5ccc89fae26d4f9910a3e810a97777e7f68fc3bbd
    Size: 187.11 MB
  17. java-17-openjdk-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: c77b393e6d91d5fb5c321eb0de406269
    SHA-256: 3ddb041aa71a6b6323a3cbe0ef949b8eb7974ca018bd450ae7c031bcf58f2cb6
    Size: 480.68 kB
  18. java-17-openjdk-src-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 7d8bf2e04f038d06ee78ab7ba5f18d7a
    SHA-256: a3ee73859b8f72533fc4728192c414f21aece2706274374a4011539e3cebb2d6
    Size: 45.50 MB
  19. java-17-openjdk-src-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: b8297694a15ef8388d2d0c5467dc6b7c
    SHA-256: 8e1a65e83137364b948d0a9527a4843173359e8f6146e656708df63fe1d217a9
    Size: 45.50 MB
  20. java-17-openjdk-src-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: a45b28e8d658ac1cab871a59afab5cc8
    SHA-256: 14cd505577504a035d277b3b2b54a8aa1e9648c74a75742c99fc7b79507468c6
    Size: 45.50 MB
  21. java-17-openjdk-static-libs-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: bf4b6adbf33ed485ac13b02553866379
    SHA-256: 01637bcf4d0df9512fb77d922e05571d2f86654aec15aa210311300754b02131
    Size: 30.94 MB
  22. java-17-openjdk-static-libs-fastdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 333f4dfd05413a74e45d90443c9ceea4
    SHA-256: 53395427a21c470ef5c67522da9b2223f3d576fb785361ef0551577de7662420
    Size: 31.09 MB
  23. java-17-openjdk-static-libs-slowdebug-17.0.15.0.6-2.el8.x86_64.rpm
    MD5: 2077880559685765b595e252863c6395
    SHA-256: cb02f6a111ec777851911cc0ada01c5199319d358504b93caf8319e5ebbaf952
    Size: 24.46 MB