Important: java-1.8.0-openjdk security update

🗓️ 23 Apr 2026 00:00:00Reported by AlmaLinuxType

almalinux

almalinux🔗 errata.almalinux.org👁 9 Views

Java 1.8 OpenJDK security update fixes CVEs for crypto, Kerberos, paths, zip, certs, and keys.

Reporter	Title	Published	Views	Family All 633
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition (CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007)	24 Apr 202612:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.	29 May 202621:48	–	ibm
IBM Security Bulletins	Security Bulletin: Updating Java in Identity Insight 10.0.0.0 for security update	19 May 202614:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Apr 2026	27 May 202614:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and WebSphere Application Server Liberty due to the April 2026 Java CPU	27 Apr 202616:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Multiple Vulnerabilities.	15 Jun 202619:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to IBM Semeru Runtime	22 May 202609:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational® Application Developer for WebSphere® Software is vulnerable to a remote attack to take over Java SE	22 May 202618:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities may affect IBM Java that is shipped with IBM CICS TX Advanced	11 Jun 202621:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues	15 Jun 202616:09	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	9	ppc64le	java-1.8.0-openjdk-headless	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-headless-1.8.0.492.b09-2.el9.alma.1.ppc64le.rpm
almalinux	9	ppc64le	java-1.8.0-openjdk-devel	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-devel-1.8.0.492.b09-2.el9.alma.1.ppc64le.rpm
almalinux	9	ppc64le	java-1.8.0-openjdk-src	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-src-1.8.0.492.b09-2.el9.alma.1.ppc64le.rpm
almalinux	9	ppc64le	java-1.8.0-openjdk-demo	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-demo-1.8.0.492.b09-2.el9.alma.1.ppc64le.rpm
almalinux	9	ppc64le	java-1.8.0-openjdk	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-1.8.0.492.b09-2.el9.alma.1.ppc64le.rpm
almalinux	9	noarch	java-1.8.0-openjdk-javadoc-zip	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-javadoc-zip-1.8.0.492.b09-2.el9.alma.1.noarch.rpm
almalinux	9	noarch	java-1.8.0-openjdk-javadoc	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-javadoc-1.8.0.492.b09-2.el9.alma.1.noarch.rpm
almalinux	9	x86_64	java-1.8.0-openjdk-devel	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-devel-1.8.0.492.b09-2.el9.alma.1.x86_64.rpm
almalinux	9	x86_64	java-1.8.0-openjdk	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-1.8.0.492.b09-2.el9.alma.1.x86_64.rpm
almalinux	9	x86_64	java-1.8.0-openjdk-src	1.8.0.492.b09-2.el9.alma.1	java-1.8.0-openjdk-src-1.8.0.492.b09-2.el9.alma.1.x86_64.rpm

Source	Link
access	www.access.redhat.com/errata/RHSA-2026:9683
access	www.access.redhat.com/security/cve/CVE-2026-22007
access	www.access.redhat.com/security/cve/CVE-2026-22013
access	www.access.redhat.com/security/cve/CVE-2026-22016
access	www.access.redhat.com/security/cve/CVE-2026-22018
access	www.access.redhat.com/security/cve/CVE-2026-22021
access	www.access.redhat.com/security/cve/CVE-2026-23865
access	www.access.redhat.com/security/cve/CVE-2026-34268
errata	www.errata.almalinux.org/9/ALSA-2026-9683.html

30 Apr 2026 07:12Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5

EPSS0.00358

SSVC

crypto updates kerberos credentialing path factories zip reading certificate validation freetype update key generation