Debian alert DLA-4457-1 (openjdk-11)
| From: | Emilio Pozuelo Monfort <pochu@debian.org> | |
| To: | <debian-lts-announce@lists.debian.org> | |
| Subject: | [SECURITY] [DLA 4457-1] openjdk-11 security update | |
| Date: | Mon, 26 Jan 2026 16:27:42 +0100 | |
| Message-ID: | <20260126152742.69A1F5F00083@kamino> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4457-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 26, 2026 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : openjdk-11 Version : 11.0.30+7-1~deb11u1 CVE ID : CVE-2026-21925 CVE-2026-21932 CVE-2026-21933 CVE-2026-21945 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect certificate validation, CRLF injection or man-in-the-middle attacks. For Debian 11 bullseye, these problems have been fixed in version 11.0.30+7-1~deb11u1. We recommend that you upgrade your openjdk-11 packages. For the detailed security status of openjdk-11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-11 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAml3h+4ACgkQnUbEiOQ2 gwI0JhAAybdeO6Jx1HCcEEzptTC7purYSEzu3u2q9tjrv6X92mBKKfhvvDcUJLcT ku6Zxw9NqGPC+s+Y5kMzeeXqhJ+c6rjeYYtDoQ8TnAZuDKQrgEdCTtm/495WRWp5 7EW0mRxc3XD6z+4LwKnp5BJbmHvYzFqaJ4go0Wv92slb4/IsifGDOca0pSx4T+3g UzihWanVtGDPlwmol1/lGnbmqFqX3IhXmph+OHcexnKA7xHBB3qD60kaQo0YiyIR TP1ye2jG9j+X5WRC80M7Hu3SCY9iY2SATKcHiagcVbfk/YfAOvLlXysoBREYM8e6 4QMIYsT+xPiZkUeM3CtIgjRkySpOpJq9juRDTV4gswjqWzwYBDesgAVVQfCU6vyK xG4wAAHdN+Z8MUWIsy7tvDKLcUlH+MRi3Nt3sMOq1BG1PMxANYsPTOhBklPhVpPm wWSfhwdWp7ykLGxBXM8CvwI8hbKx621K2dT68HD3yMyDhI0+9sm0/LD3b9/vVVvL cdA8uVas55adA1/2/4sveJ1oqmDtz5UdZ0AlWSEC54reR9qVS3icSzGGI4EQyRwr dgWYEHc6IMg4uCL6Hqy6sCo3ZzcDTD+Zfd5Tgr1+7VQEhmymgpmW7XkXOUCfMKLy luMQnPoRNtkMLAtYyPppHeVcFkQ2O4YOTQOUyg9A6KBpApMRuVw= =CVyh -----END PGP SIGNATURE-----