Mageia Advisory: MGASA-2025-0156 - Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Publication date: 13 May 2025
Modification date: 13 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-21587 , CVE-2025-30691 , CVE-2025-30698

Description

Better TLS connection support. (CVE-2025-21587)
Improve compiler transformations. (CVE-2025-30691)
Enhance Buffered Image handling. (CVE-2025-30698)
The updated timezone data are needed by the new Java packages.

References

https://bugs.mageia.org/show_bug.cgi?id=34206
https://access.redhat.com/errata/RHSA-2025:3845
https://access.redhat.com/errata/RHSA-2025:3850
https://access.redhat.com/errata/RHSA-2025:3853
https://access.redhat.com/errata/RHSA-2025:3856
https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixJAVA
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698

SRPMS

9/core

timezone-2025a-1.mga9
java-1.8.0-openjdk-1.8.0.452.b09-1.mga9
java-11-openjdk-11.0.27.0.6-1.mga9
java-17-openjdk-17.0.15.0.6-1.mga9
java-latest-openjdk-24.0.1.0.9-1.rolling.1.mga9

Advisories » MGASA-2025-0156

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Description

References

SRPMS

9/core