Date: unknown
Location: lists.debian.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5857-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-17 CVE ID : CVE-2025-21502 A vulnerability has been discovered in the OpenJDK Java runtime, which may result in authorisation bypass or information disclosure. For the stable distribution (bookworm), this problem has been fixed in version 17.0.14+7-1~deb12u1. We recommend that you upgrade your openjdk-17 packages. For the detailed security status of openjdk-17 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-17 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmehDe4ACgkQEMKTtsN8 TjYxyA//YGol7WPNV+tur5pL6f0gjOxAznnoHE6VqOaI0NxCcqF1uSkPB0WQ4b6d RwMEKP/E729FVB/VXbGIDdd63EGtHPJaCCU+WjezdmrU8PMrLiVnBpxJnx4tSSnT XK+s59PSmQDmHVslMU/3KL2z2blF07qPfXUfWEHHOGNd/MqGJnFXlfqbCaUWqodr snk3wX/53Zti4A7YMyUMnxRswD/BrnUMfXhWhtDu9fRKh2HOLR95qOTk0iDb9JKi BUGwAf04RfaPysPPq2+51i2zr1dYdt5kIW1H0ISZZVKMXOmfuAQkP/nRYtDJKYOI EggqM7DculKKbYo8aSwI+LFF66jqaCI0rOO6c71hz0l/rxnTf/05xHjpdhig/XVX MSu24m7nhfgRsGe26401xDz38vv84prptb+fqQUkxTPXZIf9pMqWvfWGdkbVfOEr VwxvHZkwLYXJ3S9+yXl7yBha9iImD98UUuB/2pGCSyCFIG20VGUnf34RLlkeH0Ao LxgFbNN5hO3QQcRr8HQWoJ5f3RJRVxigK2fjJZlRIjIKFEO9jFj4mAeVbS59wkrm dZvm9ER56RwS/zCmnc8Nzglp4xYGmDdlp8mxfx+7PGbZfbQp44AnsYcrJ4eP8UJF uA4xrHv1jhMGB39FGBSeMibUZD5h2b/4aivAjXTujngT8eO4U4U= =USw8 -----END PGP SIGNATURE-----