Issued:: 2025-12-03
Updated:: 2025-12-03

RHSA-2025:22672 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: java-21-ibm-semeru-certified-jdk security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.0 Extended Update Support and Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The IBM Semeru Runtime Certified Edition 21 runtime environment.

Security Fix(es):

openjdk: Enhance Path Factories (Oracle CPU 2025-10) (CVE-2025-53066)
openjdk: Enhance certificate handling (Oracle CPU 2025-10) (CVE-2025-53057)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64

Fixes

BZ - 2403063 - CVE-2025-53066 openjdk: Enhance Path Factories (Oracle CPU 2025-10)
BZ - 2403082 - CVE-2025-53057 openjdk: Enhance certificate handling (Oracle CPU 2025-10)

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
x86_64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 6e0c8d8e3f1b605b736b83691381914d01d78c0aef381a69899cc1962f4c4a45
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 27bff740edb6141c5bfda28e51f03296c87d8b90baa916872d8f6d040ad00a39
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 30f220026b43c761d28d9370c87b8395c5673c8dcae2076eeba0bf72115b4130
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 1f78492f210509d748efffb225a282391c871b40fe00308e2278c1afb26727ac
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 14c2a97b9ed72a818b99a3b5e78ffd4b6964ac3f2a31257637a9c2077379e75a

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
x86_64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 6e0c8d8e3f1b605b736b83691381914d01d78c0aef381a69899cc1962f4c4a45
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 27bff740edb6141c5bfda28e51f03296c87d8b90baa916872d8f6d040ad00a39
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 30f220026b43c761d28d9370c87b8395c5673c8dcae2076eeba0bf72115b4130
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 1f78492f210509d748efffb225a282391c871b40fe00308e2278c1afb26727ac
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 14c2a97b9ed72a818b99a3b5e78ffd4b6964ac3f2a31257637a9c2077379e75a

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
x86_64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 6e0c8d8e3f1b605b736b83691381914d01d78c0aef381a69899cc1962f4c4a45
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.x86_64.rpm	SHA-256: 30f220026b43c761d28d9370c87b8395c5673c8dcae2076eeba0bf72115b4130

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
s390x
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: eadb6d975bb7b452591926803ad30935f1df16ef2ad6a947600a79da60e84246
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: 5af1ce74769a73ffed792299144eaa17b76c8989ff59560783ba88731db8b7dc
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: e21851342af3c463a07bb57a2230f4acae0a2807e276b2f7930e989d0fa9fd44
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: f41254daad931056d38148aabb14ea50cd7b9b3344584851ed250a48ff963099
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: eb7713fff0c36a070f847649edc88deeef6b65e0a21504fa7e5ae60ea97ae535

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
s390x
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: eadb6d975bb7b452591926803ad30935f1df16ef2ad6a947600a79da60e84246
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: 5af1ce74769a73ffed792299144eaa17b76c8989ff59560783ba88731db8b7dc
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: e21851342af3c463a07bb57a2230f4acae0a2807e276b2f7930e989d0fa9fd44
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: f41254daad931056d38148aabb14ea50cd7b9b3344584851ed250a48ff963099
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: eb7713fff0c36a070f847649edc88deeef6b65e0a21504fa7e5ae60ea97ae535

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
s390x
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: eadb6d975bb7b452591926803ad30935f1df16ef2ad6a947600a79da60e84246
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.s390x.rpm	SHA-256: e21851342af3c463a07bb57a2230f4acae0a2807e276b2f7930e989d0fa9fd44

Red Hat Enterprise Linux for Power, little endian 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: aefeab5273b1350ad1970c3ae2f8d751f3609c4271585e5a3e4057a4a5caebd5
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 8a807ab4900e9d36893d0d77a23ebbc2808cf8ca24df16a06dc9261561f30586
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 3e9d197938fc1773db8300213e0760431ae53b3b16a58592a4d871bf654ad650
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 1cba3ebbaca935368c3ad7f32afb42729eecfbff4edd2a379d4e227043a52d9c
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 5ec33f98cde20be659d66a0a10931905365202a9ac60fd8150bfcb5d90f7feb1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: aefeab5273b1350ad1970c3ae2f8d751f3609c4271585e5a3e4057a4a5caebd5
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 8a807ab4900e9d36893d0d77a23ebbc2808cf8ca24df16a06dc9261561f30586
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 3e9d197938fc1773db8300213e0760431ae53b3b16a58592a4d871bf654ad650
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 1cba3ebbaca935368c3ad7f32afb42729eecfbff4edd2a379d4e227043a52d9c
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 5ec33f98cde20be659d66a0a10931905365202a9ac60fd8150bfcb5d90f7feb1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: aefeab5273b1350ad1970c3ae2f8d751f3609c4271585e5a3e4057a4a5caebd5
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.ppc64le.rpm	SHA-256: 3e9d197938fc1773db8300213e0760431ae53b3b16a58592a4d871bf654ad650

Red Hat Enterprise Linux for ARM 64 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
aarch64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 54a3a88208f9852fe5753c748944476e0ddbf273dd1f94d1fdb83c15a51c9ae3
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 28ba39505c46f34701fea5a22614e6b56a6f195bd8b692878785bc7178355bd8
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 95bda5e74b68602495d6343b5fa167a8200984994c751769ab628e10a713704f
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 28b2e2a84ee5673656e9a0c2e50da60a9aaa1667d945c6cf0075ee8d9be0cbd8
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: e22a95b11ccc5fd094feeb6ed759fe4ca61e119d1d947ab2c89aac12550bd059

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
aarch64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 54a3a88208f9852fe5753c748944476e0ddbf273dd1f94d1fdb83c15a51c9ae3
java-21-ibm-semeru-certified-jdk-devel-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 28ba39505c46f34701fea5a22614e6b56a6f195bd8b692878785bc7178355bd8
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 95bda5e74b68602495d6343b5fa167a8200984994c751769ab628e10a713704f
java-21-ibm-semeru-certified-jdk-jmods-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 28b2e2a84ee5673656e9a0c2e50da60a9aaa1667d945c6cf0075ee8d9be0cbd8
java-21-ibm-semeru-certified-jdk-src-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: e22a95b11ccc5fd094feeb6ed759fe4ca61e119d1d947ab2c89aac12550bd059

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.src.rpm	SHA-256: 17c3ef54b5e685c913e66e4e40518b6d8c7fb956c77ed0c19d67d2ba22cd3f2d
aarch64
java-21-ibm-semeru-certified-jdk-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 54a3a88208f9852fe5753c748944476e0ddbf273dd1f94d1fdb83c15a51c9ae3
java-21-ibm-semeru-certified-jdk-headless-21.0.9.0.10-1.el10.aarch64.rpm	SHA-256: 95bda5e74b68602495d6343b5fa167a8200984994c751769ab628e10a713704f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation