[SECURITY] [DSA 6039-1] openjdk-25 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6039-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 26, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjdk-25
CVE ID : CVE-2025-53057 CVE-2025-53066 CVE-2025-61748
Several vulnerabilities have been discovered in the OpenJDK Java
runtime, which may result in incorrect string equality checks, XML
XXE/XEE attacks or incorrect certificate validation.
For the stable distribution (trixie), these problems have been fixed in
version 25.0.1+8-1~deb13u1.
We recommend that you upgrade your openjdk-25 packages.
For the detailed security status of openjdk-25 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-25
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmj+ZDAACgkQEMKTtsN8
TjajJw//ffhvKQvoTAph7W0gRct4hALa9ChWF+XUjxlhoG0QJwlD7IQK5ZnyObL1
lkfj+ogjXtSAoUUQiqNpH6kSyGPWMAwSCc9xyOCrR62q0D0mfqQVC1ZGvUn84HeF
32r2jsUQ1NLJ1bv1UYFhIy2yL5+rUhBFp9gB0sRTNr+wC7FroA6j1UEMrIztIo82
SIyXQ0Uynt+X7+N+gh7OAwwUtaAoaNXCeQrTuIc3LC/CCEkPyYixZBZloMzn/7AM
4TJJvNg30hrdaCsGQ9dkA11lf6MYQoAkYazpYskQeYbKzmhJ8whlRgzHF6K7mSJe
Mos9oYUbIJwgR+7FvqCIMEsrdXs6FfexknoZkRkQmHzWkLGnC+q7odKuDAIyQ7fU
Qq4Ferq6eruWAim1E0wWV+2DRzDtoGpgpI1F8nmnul1ajHRgSUBZ4h8vyLatMLEL
ORuqFHnu8Zc1Lw3dUeP7NYc/lhg05JbTn3Xfx8vlVXTtm8AH8b0w8i/R0BgGVTd8
f7/NhlvA3jnlwToMsohfhP8/ZaE4gsAQeccd3KtbVqMgDmwBfob8LopCakSf2Ncx
2XcCi5GCxhqtHEqGGibZVGfsqwtQANbaHj5DC+ySrMZIUVvL8A0JXoaJmOgt9NmJ
aiPiOyaJifN93DaM6StzQI4ujLm8+4Zfi5MhpPhHS1S+5ZUydDI=
=zgc4
-----END PGP SIGNATURE-----
Reply to: