RHBA-2025:0671 - Bug Fix Advisory

Topic

An updated openjdk-els/openjdk-11-rhel9 container image is now available for Red Hat OpenJDK 11 Extended Lifecycle Support (ELS) for RHEL 9.

Description

The openjdk-els/openjdk-11-rhel9 container image has been updated for Red Hat OpenJDK 11 Extended Lifecycle Support (ELS) for RHEL 9 to address security advisories RHSA-2025:0324 and RHSA-2025:0429 (see the References section).

Users of openjdk-els/openjdk-11-rhel9 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in the Red Hat Container Catalog (see the References section).

Solution

The Red Hat OpenJDK 11 ELS for RHEL 9 container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).

Dockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.

Affected Products

• OpenJDK Java Extended Life Cycle Support 11 for RHEL 9 x86_64
• OpenJDK Java Extended Life Cycle Support 11 for RHEL 9 s390x
• OpenJDK Java Extended Life Cycle Support 11 for RHEL 9 ppc64le
• OpenJDK Java Extended Life Cycle Support 11 for RHEL 9 aarch64

Fixes

• BZ - 2330539 - CVE-2024-12085 rsync: Info Leak via Uninitialized Stack Contents

CVEs

• CVE-2024-12085
• CVE-2025-21502

References

• https://access.redhat.com/errata/RHSA-2025:0324
• https://access.redhat.com/errata/RHSA-2025:0429
• https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/openjdk-els/openjdk-11-rhel9