-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5913-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 01, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-17 CVE ID : CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions. For the stable distribution (bookworm), these problems have been fixed in version 17.0.15+6-1~deb12u1. We recommend that you upgrade your openjdk-17 packages. For the detailed security status of openjdk-17 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-17 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmgT2ksACgkQEMKTtsN8 TjYDgw/9F1SNEZVNYL1ZfQTn1VRzPMnqQntnQgSrn+YiflW2qor0kDtYDDX1okhV 97nYdrwgNN2SU12tTYL4g3rPi4hRVOINN0eaUqi+HAWl7xWVhRwVAon4O+iVlOpN GyfpY5/N0g9nYIW1uUFJXVc7BuzJlpTNs6KRzi3pOzUsghvkYC6oyeSgnmzWx0SI cwVqpKrcFxYvSI7TzkksvT4GtPqKe/OIPei8XqrDJQ/I0LXeYmZ2DI3a/sil0YXH xSfHt128tw7lJHZpBd3ayR8FL4hU1zh+EGWB701jzR5zq1I9outRdYpu5/omUXcV 08aGTx4SJC7AAFrKlLOKj0p3NCoDqYW8pUZFkmJ3Q1TNFqC4aQbqaghCRYgRnkQx kEEmsZu6ifmCaJPeCmuFnfmY6I+CQWFSjS7+y9OFFHR8WfqafXqNVm1cCpQk6nR5 Pj+bv2Icy64rofw6YQM9co+LdT9JvDnyFHZ0VGkb+trRBQ/ldZ+m7M+x7/K9kTSB g49xui6/geNqXLRkCCWqiuYOrhM/o3pg3cK/tPnWXFuyqT0jJKx8uvbrkyGiNRYn VNdrkg+xKOgj3rmLnsx/HeDDJtgl9duK7wt523MVV+x/9c3yaenO0OjUHfMXT+gT T5Sa9+LAQ35wNpY6TKS7yvp/CpLC7Uky2+xaJVcjfWEaTajfdB4=JIOk -----END PGP SIGNATURE-----