Details:
The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
This release of the Red Hat build of OpenJDK 8 (8u492) for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 (8u482) and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
JDK: Enhance crypto algorithm support (CVE-2026-22007)
JDK: Improve Kerberos credentialing (CVE-2026-22013)
JDK: Enhance Path Factories Redux (CVE-2026-22016)
JDK: Enhance Zip file reading (CVE-2026-22018)
JDK: Enhance certificate chain validation (CVE-2026-22021)
JDK: Updating FreeType 2.14.1 (CVE-2026-23865)
JDK: Enhance key generation (CVE-2026-34268)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:NA:N7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N