-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5972-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-17 CVE ID : CVE-2025-30749 CVE-2025-30754 CVE-2025-50059 CVE-2025-50106 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or weakened TLS connections. For the oldstable distribution (bookworm), these problems have been fixed in version 17.0.16+8-1~deb12u1. We recommend that you upgrade your openjdk-17 packages. For the detailed security status of openjdk-17 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-17 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmibgIIACgkQEMKTtsN8 TjY6qA/+MAYq0Oey0TmckZOaSnm/+g1tK8Hm1NblfOb/nqa0dgvFyXcciZKf+Hq0 rfGq+Db72dQGu38EnmhIYl0sqQTALf2gqYGDi9dQbRWy1sMk9rPPevMmi51K3kcn N5+/T8dAyX0AnH5CUrqX/QbnDLQI+O9EEiEpltp9m8WmU9580tjQzLxGIhzzUOIu FNkwLNa9mrqeUajFg5C3eh/Ewtnfju2bc2UhAJ1uFR/rHfcyqJy1knqAiSLvmdtr 667SWgPzW5TjCDp6a4SneEa0yC/VsnWYTeAaNUTTRMw89xh2p6zgtfZuOkxRlh/l 8VsdugrPiXuuBR3EvP28FJX0xMWz/COBXF1z+cPXsyvEj2RZnhDHUg6z7qDdVCLs Pg/oIbfhaejuWQHGmMOE3YuHpzYv/hmaVj+biZn8Pxo468usfkW5lbghjAgOd6Ni qlp6pUfTuvVktgg9WEM7oPmkgx/rAWln/Gt3FCR4v+MHrQJQVxu4efRGrc3wEasd n11CmmRPph2gLz5QAmLj8lUJ5oU0kA5mnBpIfiuyliaU60LOuYSxZ3lQTL8X2r9W nDrCEJTvPk8cNP1yKlw2JrmYxz7pk/6de7q/ZE2LcSfCwJK1s+pd6DDXD/J8yfi+ wiYpzzwLlCSnkLlDa+Z+24ZHk3Q0A1cDuUhVuXyWuuhg/h0a76w= =TfM1 -----END PGP SIGNATURE-----