[Apollo] Advisories Statistics light light Login

RLSA-2026:0927

Security Mirrored from RHSA-2026:0927
Issued at: 2026-01-23
Updated at: 2026-01-28

Synopsis

Important: java-17-openjdk security update



Description

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

* JDK: Improve JMX connections (CVE-2026-21925)

* JDK: Improve HttpServer Request handling (CVE-2026-21933)

* JDK: Enhance Certificate Checking (CVE-2026-21945)

* libpng: LIBPNG buffer overflow (CVE-2025-64720)

* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)

Bug Fix(es):

* When using a P11SecretKey for both signing and encryption in FIPS mode, the FIPS PKCS11 provider would fail with a CKR_ATTRIBUTE_VALUE_INVALID error. This was due to the default configuration not applying the CKA_ENCRYPT=true attribute to the key. The configuration in this release is updated to include this attribute. (Rocky Linux-142862, Rocky Linux-142881, Rocky Linux-142882, Rocky Linux-142883, Rocky Linux-142884, Rocky Linux-142885, Rocky Linux-142886, Rocky Linux-142887, Rocky Linux-142888)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2416904 2416907 2429924 2429926 2429927

CVEs

CVE-2025-64720 CVE-2025-65018 CVE-2026-21925 CVE-2026-21933 CVE-2026-21945

Affected packages

Rocky Linux 8 aarch64 - AppStream

java-17-openjdk-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-1:17.0.18.0.8-1.el8.src.rpm java-17-openjdk-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-debugsource-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-demo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-javadoc-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-javadoc-zip-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-jmods-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-src-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-static-libs-1:17.0.18.0.8-1.el8.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

java-17-openjdk-1:17.0.18.0.8-1.el8.src.rpm java-17-openjdk-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-debugsource-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-demo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-javadoc-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-javadoc-zip-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-jmods-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-src-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-static-libs-1:17.0.18.0.8-1.el8.x86_64.rpm

Rocky Linux 8 aarch64 - PowerTools

java-17-openjdk-demo-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-demo-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-devel-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-headless-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-jmods-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-jmods-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-src-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-src-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-static-libs-fastdebug-1:17.0.18.0.8-1.el8.aarch64.rpm java-17-openjdk-static-libs-slowdebug-1:17.0.18.0.8-1.el8.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

java-17-openjdk-demo-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-demo-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-devel-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-fastdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-headless-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-jmods-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-jmods-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-slowdebug-debuginfo-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-src-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-src-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-static-libs-fastdebug-1:17.0.18.0.8-1.el8.x86_64.rpm java-17-openjdk-static-libs-slowdebug-1:17.0.18.0.8-1.el8.x86_64.rpm