58529 – openjdk-17: Multiple issues (5.2)

Bug 58529 - openjdk-17: Multiple issues (5.2)

Summary: openjdk-17: Multiple issues (5.2)

Status:	CLOSED FIXED

Alias:	None

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 5.2
Hardware:	All Linux

Importance:	P3 normal
Target Milestone:	UCS 5.2-2-errata
Assignee:	Quality Assurance
QA Contact:	Arvid Requate

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-08-18 17:32 CEST by Quality Assurance
Modified:	2025-08-20 15:28 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:	8.6 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N) NVD

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Quality Assurance

2025-08-18 17:32:09 CEST

New Debian openjdk-17 17.0.16+8-1~deb12u1 fixes:
This update addresses the following issues:
* openjdk: Better TLS connection support (Oracle CPU 2025-04)  (CVE-2025-21587)
* openjdk: Improve compiler transformations (Oracle CPU 2025-04)  (CVE-2025-30691)
* openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)  (CVE-2025-30698)
17.0.16+8-1~deb12u1 (Sun, 10 Aug 2025 23:44:27 +0200)
* Rebuild for Bookworm
17.0.16+8-1 (Sat, 19 Jul 2025 12:22:09 +0200)
* OpenJDK 17.0.16 release, build 8. - Addresses CVE-2025-5010,  CVE-2025-50059, CVE-2025-30754, CVE-2025-30749. See  https://openjdk.org/groups/vulnerability/advisories/2025-07-15. - Release  notes:  https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-July/045614.html
[ Vladimir Petko ]
* d/p/jdk-8359735-proposed.patch: Fix process tests failing in Ubuntu 25.10.
* d/copyright-generator/copyright-gen.py: Bump copyright year.
* d/copyright: Regenerate.
17.0.16~5ea-1 (Tue, 03 Jun 2025 14:01:14 +0200)
* OpenJDK 17.0.16 early access, build 5.
17.0.15+6-1 (Thu, 24 Apr 2025 02:05:43 +0200)
* OpenJDK 17.0.15 release, build 6. - Addresses CVE-2025-30698,  CVE-2025-30691, CVE-2025-21587.
* Honour DEB_BUILD_OPTIONS=parallel=N while running jtreg tests (Helmut  Grohne). Addresses: #1095920.

Comment 1 Quality Assurance

2025-08-18 18:00:08 CEST

--- mirror/ftp/pool/main/o/openjdk-17/openjdk-17_17.0.15+6-1~deb12u1.dsc
+++ apt/ucs_5.2-0-errata5.2-2/source/openjdk-17_17.0.16+8-1~deb12u1.dsc
@@ -1,6 +1,23 @@
-17.0.15+6-1~deb12u1 [Thu, 01 May 2025 10:40:21 +0200] Moritz Mühlenhoff <jmm@debian.org>:
-
-  * Rebuild for bookworm
+17.0.16+8-1~deb12u1 [Sun, 10 Aug 2025 23:44:27 +0200] Moritz Mühlenhoff <jmm@debian.org>:
+
+  * Rebuild for Bookworm
+
+17.0.16+8-1 [Sat, 19 Jul 2025 12:22:09 +0200] Matthias Klose <doko@ubuntu.com>:
+
+  * OpenJDK 17.0.16 release, build 8.
+    - Addresses CVE-2025-5010, CVE-2025-50059, CVE-2025-30754, CVE-2025-30749.
+      See https://openjdk.org/groups/vulnerability/advisories/2025-07-15.
+    - Release notes:
+      https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-July/045614.html
+
+  [ Vladimir Petko ]
+  * d/p/jdk-8359735-proposed.patch: Fix process tests failing in Ubuntu 25.10.
+  * d/copyright-generator/copyright-gen.py: Bump copyright year.
+  * d/copyright: Regenerate.
+
+17.0.16~5ea-1 [Tue, 03 Jun 2025 14:01:14 +0200] Matthias Klose <doko@ubuntu.com>:
+
+  * OpenJDK 17.0.16 early access, build 5.
 
 17.0.15+6-1 [Thu, 24 Apr 2025 02:05:43 +0200] Matthias Klose <doko@ubuntu.com>:
 

<http://piuparts.knut.univention.de/5.2-2/#3250894225279489650>

Comment 2 Arvid Requate

2025-08-19 14:58:07 CEST

OK: bug
OK: yaml
OK: announce_errata
OK: patch
~OK: piuparts
  Known issue, see Bug 58274#c2

[5.2-2] e419f6a0568 Bug #58529: openjdk-17 17.0.16+8-1~deb12u1
 doc/errata/staging/openjdk-17.yaml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

Comment 3 Arvid Requate

2025-08-20 15:28:23 CEST

<https://errata.software-univention.de/#/?erratum=5.2x168>