Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk fix security vulnerabilities
Publication date: 02 Jun 2026Modification date: 02 Jun 2026
Type: bugfix
Affected Mageia releases : 9
CVE: CVE-2026-22007 , CVE-2026-22008 , CVE-2026-22013 , CVE-2026-22016 , CVE-2026-22018 , CVE-2026-22021 , CVE-2026-23865 , CVE-2026-34268 , CVE-2026-34282
Description
Enhance crypto algorithm support. (CVE-2026-22007)
Improved Arena allocations. (CVE-2026-22008)
Improve Kerberos credentialing. (CVE-2026-22013)
Enhance Path Factories Redux. (CVE-2026-22016)
Enhance Zip file reading. (CVE-2026-22018)
Enhance certificate chain validation. (CVE-2026-22021)
Updating FreeType 2.14.1 . (CVE-2026-23865)
Enhance key generation. (CVE-2026-34268)
Enhance TLS connection handling. (CVE-2026-34282)
References
- https://bugs.mageia.org/show_bug.cgi?id=35402
- https://access.redhat.com/errata/RHSA-2026:9682
- https://access.redhat.com/errata/RHSA-2026:9254
- https://access.redhat.com/errata/RHSA-2026:9686
- https://access.redhat.com/errata/RHSA-2026:9690
- https://access.redhat.com/errata/RHSA-2026:9693
- https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixJAVA
- https://www.cve.org/CVERecord?id=CVE-2026-22007
- https://www.cve.org/CVERecord?id=CVE-2026-22008
- https://www.cve.org/CVERecord?id=CVE-2026-22013
- https://www.cve.org/CVERecord?id=CVE-2026-22016
- https://www.cve.org/CVERecord?id=CVE-2026-22018
- https://www.cve.org/CVERecord?id=CVE-2026-22021
- https://www.cve.org/CVERecord?id=CVE-2026-23865
- https://www.cve.org/CVERecord?id=CVE-2026-34268
- https://www.cve.org/CVERecord?id=CVE-2026-34282
SRPMS
9/core
- java-1.8.0-openjdk-1.8.0.492.b09-1.mga9
- java-11-openjdk-11.0.31.0.11-1.mga9
- java-17-openjdk-17.0.19.0.10-1.mga9
- java-latest-openjdk-25.0.3.0.9-1.rolling.1.mga9