RHSA-2026:9686

HIGH7.5

Red Hat Security Advisory: java-17-openjdk security update

Published Apr 24, 2026

Modified Yesterday

Fix available

Details

Details:

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

JDK: Enhance crypto algorithm support (CVE-2026-22007)
JDK: Improve Kerberos credentialing (CVE-2026-22013)
JDK: Enhance Path Factories Redux (CVE-2026-22016)
JDK: Enhance Zip file reading (CVE-2026-22018)
JDK: Enhance certificate chain validation (CVE-2026-22021)
JDK: Updating FreeType 2.14.1 (CVE-2026-23865)
JDK: Enhance TLS connection handling (CVE-2026-34282)
JDK: Enhance key generation (CVE-2026-34268)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Packages(99 packages)

java-17-openjdk

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-debuginfo

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-debugsource

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-demo

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-demo-fastdebug

RHEL 8RHEL 8Red Hat rhel_eus_long_life 8.4 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-demo-slowdebug

RHEL 8RHEL 8Red Hat rhel_eus_long_life 8.4 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-devel

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-devel-debuginfo

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_aus 8.6 appstreamRed Hat rhel_e4s 8.6 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-devel-fastdebug

RHEL 8RHEL 8Red Hat rhel_eus_long_life 8.4 appstream

Fixed in:

1:17.0.19.0.10-1.el8

java-17-openjdk-devel-fastdebug-debuginfo

RHEL 8RHEL 8Red Hat rhel_aus 8.4 appstreamRed Hat rhel_e4s 8.8 appstreamRed Hat rhel_eus_long_life 8.4 appstream

Fixed in:

1:17.0.19.0.10-1.el8

References

ADVISORY

https://access.redhat.com/errata/RHSA-2026:9686

WEB

https://access.redhat.com/security/updates/classification/#important

ADVISORY

https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9686.json

CVSS Analysis

CVSS v3.1

7.5

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Upstream

CVE-2025-66293 CVE-2026-22007 CVE-2026-22013 CVE-2026-22016 CVE-2026-22018 CVE-2026-22020 CVE-2026-22021 CVE-2026-23865 CVE-2026-25646 CVE-2026-26740 CVE-2026-34268 CVE-2026-34282

Ecosystems(17)

RHEL 8 RHEL 8 RHEL 9 RHEL 9 Red Hat rhel_aus 8.4 appstream

Timeline

PublishedApr 24, 2026

ModifiedMay 29, 2026

RHSA-2026:9686 | Mondoo Vulnerability Intelligence