RHSA-2026:0927: Important: SUSE Liberty Linux security update for java-17-openjdk

[Update Advisories for SUSE Liberty Linux]

# security update for java-17-openjdk

Announcement ID: RHSA-2026:0927
Rating: Important

Cross-References:

  * CVE-2025-64720
  * CVE-2025-65018
  * CVE-2026-21925
  * CVE-2026-21933
  * CVE-2026-21945



CVSS scores:

  * CVE-2025-64720 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
  * CVE-2025-64720 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-65018 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
  * CVE-2025-65018 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2026-21925 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2026-21933 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  * CVE-2026-21945 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

  * SUSE Liberty Linux 9


An update that solves 5 vulnerabilities can now be installed.

## Description:

This security update provides a functional equivalent of RHSA-2026:0927.
The original Red Hat(R) advisory is available from the Red Hat web site at
https://access.redhat.com/errata/RHSA-2026:0927.


## Package List:

  * SUSE Liberty Linux 9:
    * java-17-openjdk 17.0.18.0.8-1.el9
    * java-17-openjdk-demo 17.0.18.0.8-1.el9
    * java-17-openjdk-demo-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-demo-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-devel 17.0.18.0.8-1.el9
    * java-17-openjdk-devel-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-devel-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-headless 17.0.18.0.8-1.el9
    * java-17-openjdk-headless-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-headless-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-javadoc 17.0.18.0.8-1.el9
    * java-17-openjdk-javadoc-zip 17.0.18.0.8-1.el9
    * java-17-openjdk-jmods 17.0.18.0.8-1.el9
    * java-17-openjdk-jmods-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-jmods-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-src 17.0.18.0.8-1.el9
    * java-17-openjdk-src-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-src-slowdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-static-libs 17.0.18.0.8-1.el9
    * java-17-openjdk-static-libs-fastdebug 17.0.18.0.8-1.el9
    * java-17-openjdk-static-libs-slowdebug 17.0.18.0.8-1.el9

## References:

  * https://www.suse.com/security/cve/CVE-2025-64720.html
  * https://www.suse.com/security/cve/CVE-2025-65018.html
  * https://www.suse.com/security/cve/CVE-2026-21925.html
  * https://www.suse.com/security/cve/CVE-2026-21933.html
  * https://www.suse.com/security/cve/CVE-2026-21945.html