Debian alert DLA-4565-1 (openjdk-17)
| From: | Emilio Pozuelo Monfort <pochu@debian.org> | |
| To: | <debian-lts-announce@lists.debian.org> | |
| Subject: | [SECURITY] [DLA 4565-1] openjdk-17 security update | |
| Date: | Wed, 06 May 2026 13:48:59 +0200 | |
| Message-ID: | <20260506114859.7C0FB5F00082@kamino> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4565-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 06, 2026 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : openjdk-17 Version : 17.0.19+10-1~deb11u1 CVE ID : CVE-2026-22007 CVE-2026-22013 CVE-2026-22016 CVE-2026-22018 CVE-2026-22021 CVE-2026-34268 CVE-2026-34282 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect generation of cryptographic keys, denial of service, information disclosure, XEE/XEE attacks or incorrect validation of Kerberos credentials. For Debian 11 bullseye, these problems have been fixed in version 17.0.19+10-1~deb11u1. We recommend that you upgrade your openjdk-17 packages. For the detailed security status of openjdk-17 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-17 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmn7KqgACgkQnUbEiOQ2 gwL9Ug//clDLT/aRBLuVKrXUqrX3ffzuhp0+CUWyaIra3s/5x3FM9KtNTIQQOjqt DJnuMM2nhbfmfpKLMO5rwxzUt0DaeNvztR4on6tZsJkkCsMUxD0jz/yge6/RQytj ggqs12+Rh/dkhzU6jizO1+Hs/p/ZT7GabGqzqfIqH3iNihfogSPOg8BOIt0xXV2H P8qMQVtCDxiEpFwFEnuRGJ11dEzhvO8nmmVz5zEcO37MPEFHSFYbsSL0xv3EZnL2 scWmS7BfjsnC0QdhMgsPehzFRvqha72ygO3V9WdnQjtG+jEgc0hbpGwu4KZnbBim phKgHlhw5w+ANAiehqsixxrniognKPser8uIUz3WIHtXO1M2ZOSQhDMysdCE1fQ4 rG5f5VFkUz45jrmf+AG0Yjo3uCZ+HncV6yBVdgPHZYlpRlBi0Dy6ywgNrl2zTK56 ltmcmi7ymxhERzEUyDX+W31NcFVUy3Y2SsNuCYG7qpQabMcj5ZnxSzVDp4xNd88e 5W4bACiTf2MGPuuDinn1V8VkN9GqJtwltn6bq3ElXFqmf+OaCCdymk02j6tdtTjN OycIFcHXyOnhovyVzCVKEcSrr8wvU+Rz3JSWZusFpzzhjuBHGk7LlMkXOGe5JvuG cbBFOPoX2UZrkGLOSVJzHkcJ4o27z3J3cUjkD2vWLQW+1o2jG+U= =w3HI -----END PGP SIGNATURE-----