Issued:: 2026-06-01
Updated:: 2026-06-01

RHSA-2026:22328 - Security Advisory

Overview
Updated Packages

Synopsis

Important: java-21-ibm-semeru-certified-jdk security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.0 Extended Update Support, Red Hat Enterprise Linux 10, and Red Hat Enterprise Linux 10.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The IBM Semeru Runtime Certified Edition 21 runtime environment.

Security Fix(es):

freetype: Information disclosure or denial of service via specially crafted font files (CVE-2026-23865)
openjdk: OpenJDK: Enhance crypto algorithm support (Oracle CPU 2026-04) (CVE-2026-22007)
openjdk: OpenJDK: Enhance Path Factories Redux (Oracle CPU 2026-04) (CVE-2026-22016)
openjdk: OpenJDK: Improve Kerberos credentialing (Oracle CPU 2026-04) (CVE-2026-22013)
openjdk: OpenJDK: Enhance certificate chain validation (Oracle CPU 2026-04) (CVE-2026-22021)
openjdk: OpenJDK: Enhance key generation (Oracle CPU 2026-04) (CVE-2026-34268)
openjdk: Enhance TLS connection handling (Oracle CPU 2026-04) (CVE-2026-34282)
Eclipse Open9J: Denial of Service in JITServer via crafted TCP message (CVE-2026-6918)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64

Fixes

BZ - 2443891 - CVE-2026-23865 freetype: Information disclosure or denial of service via specially crafted font files
BZ - 2460038 - CVE-2026-22007 openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)
BZ - 2460039 - CVE-2026-22016 openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)
BZ - 2460040 - CVE-2026-22013 openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04)
BZ - 2460042 - CVE-2026-22021 openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)
BZ - 2460043 - CVE-2026-34268 openjdk: Enhance key generation (Oracle CPU 2026-04)
BZ - 2460044 - CVE-2026-34282 openjdk: Enhance TLS connection handling (Oracle CPU 2026-04)
BZ - 2466741 - CVE-2026-6918 Eclipse Open9J: Denial of Service in JITServer via crafted TCP message

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
x86_64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 1875bf2af209b96a3c9b569cf82e111a2429b38af1db58cf73a0f1bc77c92b81
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 78b92d9d9a7cf73cc6048bfb54b838ab80374fad44fcbcb38c07192cbcbdea5c
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 39cf7dc4d5bf4d8ec425e041825992dfb8749f9532c125172bffacc2689b94bc
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: f182c3978451113ad50ed81f65609dd2b427a46c5dc6d54c4a9eca96a238cc30
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 1789a253ba77187a8ecf31e259abc28f954115294e933ac2d45b4c61dc7b64e2

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
x86_64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 1875bf2af209b96a3c9b569cf82e111a2429b38af1db58cf73a0f1bc77c92b81
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 78b92d9d9a7cf73cc6048bfb54b838ab80374fad44fcbcb38c07192cbcbdea5c
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 39cf7dc4d5bf4d8ec425e041825992dfb8749f9532c125172bffacc2689b94bc
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: f182c3978451113ad50ed81f65609dd2b427a46c5dc6d54c4a9eca96a238cc30
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.x86_64.rpm	SHA-256: 1789a253ba77187a8ecf31e259abc28f954115294e933ac2d45b4c61dc7b64e2

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.src.rpm	SHA-256: 9514047603cedf127c4b50d4ebd676e96b522a467201eac480ad7c8811b1121d
x86_64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.x86_64.rpm	SHA-256: 16d29ba18ef1dc0c4094df7eacf8c13302684f07c35699d1c9f0e37179d33a11
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-1.el10_0.x86_64.rpm	SHA-256: 55ef56bc49da0ad850b7fc4d9c8a6a4d9cb9581eb09bb74edfc16ddc05f10b84

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
s390x
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: 6cb3f2f36c354a510cb68a466f8cb6c6e237693c7a00ac1c3f2e2f54f402e285
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: eee86f58ec6003a928a1e5768493a58fcfdd0b6ea5c87d21caba08abcd7177e1
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: a085695ab9ac00c0eef879f5f7999e0d4eeb0ac998f77504790fc8a099976d2f
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: 694342386117d8070b212fb183694a87976399a9e34e804d72153e84749645b9
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: beccb60253ac9613172d82bf39ffff6ce973473eb935f438ebc68eccda475bec

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
s390x
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: 6cb3f2f36c354a510cb68a466f8cb6c6e237693c7a00ac1c3f2e2f54f402e285
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: eee86f58ec6003a928a1e5768493a58fcfdd0b6ea5c87d21caba08abcd7177e1
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: a085695ab9ac00c0eef879f5f7999e0d4eeb0ac998f77504790fc8a099976d2f
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: 694342386117d8070b212fb183694a87976399a9e34e804d72153e84749645b9
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.s390x.rpm	SHA-256: beccb60253ac9613172d82bf39ffff6ce973473eb935f438ebc68eccda475bec

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.src.rpm	SHA-256: 9514047603cedf127c4b50d4ebd676e96b522a467201eac480ad7c8811b1121d
s390x
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.s390x.rpm	SHA-256: bf9f1b6b4ee47620c86bd7237ea565cff81ee36a602acd1778c54aa5938a12a1
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-1.el10_0.s390x.rpm	SHA-256: 4b54d7124b691d59cfae2e91cfde8c6d7e8b9f7994fd0f7851e4a5b73c746b54

Red Hat Enterprise Linux for Power, little endian 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: e3a2e8aa87df902990dee2fb1491043b579839035a13ec1653222a317126bd81
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: a8efd9eebec9f5c6dd889409b4891f758893c4e1c19095173ea199b5e6935be9
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 88e8618eda3fff48f2b4523b8984eee01bad985f7560af2888335b12e54b2e22
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 6a6271946e783f900bc7ffdeee86e52105e3df98efafa54288a9231fc3d2167a
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 8329502d6a9b36b58851870dd98af5a0de915052d3c5ed3a0dd25650b2c1f98c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: e3a2e8aa87df902990dee2fb1491043b579839035a13ec1653222a317126bd81
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: a8efd9eebec9f5c6dd889409b4891f758893c4e1c19095173ea199b5e6935be9
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 88e8618eda3fff48f2b4523b8984eee01bad985f7560af2888335b12e54b2e22
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 6a6271946e783f900bc7ffdeee86e52105e3df98efafa54288a9231fc3d2167a
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.ppc64le.rpm	SHA-256: 8329502d6a9b36b58851870dd98af5a0de915052d3c5ed3a0dd25650b2c1f98c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.src.rpm	SHA-256: 9514047603cedf127c4b50d4ebd676e96b522a467201eac480ad7c8811b1121d
ppc64le
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.ppc64le.rpm	SHA-256: b6831a226a480ae8a319349b1f4303a336c30f72d71210b3b8fd5a3d0beb8aa9
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-1.el10_0.ppc64le.rpm	SHA-256: edfff8c5456ba70aed7e6af573c1f7eb0a927144a40afdb82b357ac0c555e3ef

Red Hat Enterprise Linux for ARM 64 10

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
aarch64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 311e7b349410d2c786e637de27b3d50b78079ad3096a616fe2f6a54ebc66cb72
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 86bd7d346b45b41e95e26aa00cf6b75911a29e1308421113ff1f2b91f748e862
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 6fb1355b758ac3cfc26f2d9c9997ada6a87217cabf7945513eb1b5e4102fe761
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 095e001cd203eb82a928d3d3c73d0c19df0509b55c6802b1920778a1eecf6f00
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: d6885061d97090a7b1ad500d978b2e9a6f3dc454a6f0819b91726e8c4c9a6df3

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.src.rpm	SHA-256: 0657a1399e7087b19575e93b9381a0cfda4f69f929e9ecc0ac96d398f3d82ca7
aarch64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 311e7b349410d2c786e637de27b3d50b78079ad3096a616fe2f6a54ebc66cb72
java-21-ibm-semeru-certified-jdk-devel-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 86bd7d346b45b41e95e26aa00cf6b75911a29e1308421113ff1f2b91f748e862
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 6fb1355b758ac3cfc26f2d9c9997ada6a87217cabf7945513eb1b5e4102fe761
java-21-ibm-semeru-certified-jdk-jmods-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: 095e001cd203eb82a928d3d3c73d0c19df0509b55c6802b1920778a1eecf6f00
java-21-ibm-semeru-certified-jdk-src-21.0.11.0.10-2.el10_1.aarch64.rpm	SHA-256: d6885061d97090a7b1ad500d978b2e9a6f3dc454a6f0819b91726e8c4c9a6df3

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.src.rpm	SHA-256: 9514047603cedf127c4b50d4ebd676e96b522a467201eac480ad7c8811b1121d
aarch64
java-21-ibm-semeru-certified-jdk-21.0.11.0.10-1.el10_0.aarch64.rpm	SHA-256: 7577b71e6ebf8f6b8918ff471493045d5145724ff99e77dfeb402efe2e5588e9
java-21-ibm-semeru-certified-jdk-headless-21.0.11.0.10-1.el10_0.aarch64.rpm	SHA-256: 1bd9710d4bac0067ccdb2775d084d87ebb0ed63bfff0c726dfe25c19305b28bb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation