[El-errata] ELSA-2026-9683 Important: Oracle Linux 9 java-1.8.0-openjdk security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Apr 28 10:12:36 UTC 2026 

Oracle Linux Security Advisory ELSA-2026-9683

http://linux.oracle.com/errata/ELSA-2026-9683.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-1.8.0-openjdk-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-demo-fastdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-demo-slowdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-devel-fastdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-devel-slowdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-fastdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-headless-fastdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-headless-slowdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.492.b09-2.0.1.el9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.492.b09-2.0.1.el9.noarch.rpm
java-1.8.0-openjdk-slowdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-src-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-src-fastdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm
java-1.8.0-openjdk-src-slowdebug-1.8.0.492.b09-2.0.1.el9.x86_64.rpm

aarch64:
java-1.8.0-openjdk-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-demo-fastdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-demo-slowdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-devel-fastdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-devel-slowdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-fastdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-headless-fastdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-headless-slowdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.492.b09-2.0.1.el9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.492.b09-2.0.1.el9.noarch.rpm
java-1.8.0-openjdk-slowdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-src-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-src-fastdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm
java-1.8.0-openjdk-src-slowdebug-1.8.0.492.b09-2.0.1.el9.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/java-1.8.0-openjdk-1.8.0.492.b09-2.0.1.el9.src.rpm

Related CVEs:

CVE-2026-22007
CVE-2026-22013
CVE-2026-22016
CVE-2026-22018
CVE-2026-22021
CVE-2026-23865
CVE-2026-34268




Description of changes:

[1:1.8.0.492.b09-2.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:1.8.0.492.b09-2]
- Bump release for PQC build
- Related: RHEL-169446

[1:1.8.0.492.b09-1]
- Update to 8u492-b09 (GA)
- Update release notes for 8u492-b09.
- Add missing CVEs for 8u482.
- Regenerate JDK-8199936/PR3533 patch following JDK-8374917
- Regenerate JDK-8186464/RH1433262 patch following JDK-8370986
- Drop local giflib 5.2.2 patch now JDK-8328999 is included upstream
- Bump freetype version to 2.14.2 following JDK-8373290 & JDK-8379158
- Bump giflib version to 6.1.2 following JDK-8379256 & JDK-8380078
- Bump LCMS 2 version to 2.15.0 following JDK-8303482
- Bump libpng version to 1.6.57 following JDK-8375063, JDK-8377526, JDK-8380959 & JDK-8382047
- Sync the copy of the portable specfile with the latest update
- ** This tarball is embargoed until 2026-04-21 @ 1pm PT. **
- Resolves: RHEL-169446
- Resolves: RHEL-133291
- Resolves: RHEL-147348
- Resolves: RHEL-148407
- Resolves: RHEL-148981
- Resolves: RHEL-161303
- Resolves: RHEL-161452
- Resolves: RHEL-157139
- Resolves: RHEL-157156

[1:1.8.0.482.b08-3]
- Update tagging scripts to include signature checks and correctly handle gating
- Add gating scripts to simplify obtaining results and waiving issues
- Resolves: RHEL-147634
- Resolves: RHEL-151197

[1:1.8.0.482.b08-2]
- Bump rpmrelease for CentOS build
- Related: RHEL-142687
- Related: RHEL-139534
- Related: RHEL-131588
- Related: RHEL-131600
- Related: RHEL-142875
- Related: RHEL-142697

[1:1.8.0.482.b08-1]
- Update to 8u482-b08 (GA).
- Update release notes for 8u482-b08.
- Remove generated-configure.sh changes from JDK-8141590 & FIPS patch as we already autogenerate this
- Turn on system FreeType as on later JDK versions and add to _privatelibs
- Set bundled FreeType version to 2.13.2 following JDK-8316028
- Bump LCMS 2 version to 2.14.0 following JDK-8297088
- Bump libpng version to 1.6.51 following JDK-8372534
- Update FIPS patch to include nss.fips.cfg that grants CKA_ENCRYPT
- Handle 'upgrade' as an alternative to 'update' in openjdk_news.sh
- Sync the copy of the portable specfile with the latest update
- ** This tarball is embargoed until 2026-01-20 @ 1pm PT. **
- Resolves: RHEL-142687
- Resolves: RHEL-139534
- Resolves: RHEL-131588
- Resolves: RHEL-131600
- Resolves: RHEL-142875
- Resolves: RHEL-142697

More information about the El-errata mailing list