[SECURITY] [DLA 4565-1] openjdk-17 security update

Wed, 06 May 2026 04:49:24 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4565-1                [email protected]
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
May 06, 2026                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : openjdk-17
Version        : 17.0.19+10-1~deb11u1
CVE ID         : CVE-2026-22007 CVE-2026-22013 CVE-2026-22016 CVE-2026-22018
                 CVE-2026-22021 CVE-2026-34268 CVE-2026-34282

Several vulnerabilities have been discovered in the OpenJDK Java
runtime, which may result in incorrect generation of cryptographic
keys, denial of service, information disclosure, XEE/XEE attacks
or incorrect validation of Kerberos credentials.

For Debian 11 bullseye, these problems have been fixed in version
17.0.19+10-1~deb11u1.

We recommend that you upgrade your openjdk-17 packages.

For the detailed security status of openjdk-17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-17

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmn7KqgACgkQnUbEiOQ2
gwL9Ug//clDLT/aRBLuVKrXUqrX3ffzuhp0+CUWyaIra3s/5x3FM9KtNTIQQOjqt
DJnuMM2nhbfmfpKLMO5rwxzUt0DaeNvztR4on6tZsJkkCsMUxD0jz/yge6/RQytj
ggqs12+Rh/dkhzU6jizO1+Hs/p/ZT7GabGqzqfIqH3iNihfogSPOg8BOIt0xXV2H
P8qMQVtCDxiEpFwFEnuRGJ11dEzhvO8nmmVz5zEcO37MPEFHSFYbsSL0xv3EZnL2
scWmS7BfjsnC0QdhMgsPehzFRvqha72ygO3V9WdnQjtG+jEgc0hbpGwu4KZnbBim
phKgHlhw5w+ANAiehqsixxrniognKPser8uIUz3WIHtXO1M2ZOSQhDMysdCE1fQ4
rG5f5VFkUz45jrmf+AG0Yjo3uCZ+HncV6yBVdgPHZYlpRlBi0Dy6ywgNrl2zTK56
ltmcmi7ymxhERzEUyDX+W31NcFVUy3Y2SsNuCYG7qpQabMcj5ZnxSzVDp4xNd88e
5W4bACiTf2MGPuuDinn1V8VkN9GqJtwltn6bq3ElXFqmf+OaCCdymk02j6tdtTjN
OycIFcHXyOnhovyVzCVKEcSrr8wvU+Rz3JSWZusFpzzhjuBHGk7LlMkXOGe5JvuG
cbBFOPoX2UZrkGLOSVJzHkcJ4o27z3J3cUjkD2vWLQW+1o2jG+U=
=w3HI
-----END PGP SIGNATURE-----

Reply via email to