Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
Publication date: 29 Jan 2026Modification date: 29 Jan 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-64720 , CVE-2025-65018 , CVE-2026-21925 , CVE-2026-21933 , CVE-2026-21945
Description
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite`
via incorrect palette premultiplication. (CVE-2025-64720)
LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row`
triggered via `png_image_finish_read`. (CVE-2025-65018)
Improve JMX connections. (CVE-2026-21925)
Improve HttpServer Request handling. (CVE-2026-21933)
Enhance Certificate Checking. (CVE-2026-21945)
References
- https://bugs.mageia.org/show_bug.cgi?id=35045
- https://access.redhat.com/errata/RHSA-2026:0848
- https://access.redhat.com/errata/RHSA-2026:0927
- https://www.oracle.com/security-alerts/cpujan2026.html#AppendixJAVA
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64720
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65018
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945
SRPMS
9/core
- java-11-openjdk-11.0.30.0.7-1.mga9
- java-17-openjdk-17.0.18.0.8-1.mga9
- java-1.8.0-openjdk-1.8.0.482.b08-1.mga9
- java-latest-openjdk-25.0.2.0.10-1.rolling.1.mga9