File _patchinfo of Package patchinfo.42430

<patchinfo incident="42430">
  <issue tracker="cve" id="2026-21933"/>
  <issue tracker="cve" id="2026-21932"/>
  <issue tracker="cve" id="2026-21945"/>
  <issue tracker="cve" id="2026-21925"/>
  <issue tracker="bnc" id="1257034">VUL-0: CVE-2026-21925: java: Vulnerability in the Oracle Java SE component RMI</issue>
  <issue tracker="bnc" id="1255446">Partner-L3: java-11-openjdk-11.0.29.0-150000.3.132.2 is rendering blue borders when it should not, possibly due to missing the fix for 6304250 from upstream</issue>
  <issue tracker="bnc" id="1257037">VUL-0: CVE-2026-21933: java: Vulnerability in the Oracle Java SE component Networking</issue>
  <issue tracker="bnc" id="1257038">VUL-0: CVE-2026-21945: java: Vulnerability in the Oracle Java SE component Security</issue>
  <issue tracker="bnc" id="1257036">VUL-0: CVE-2026-21932: java: Vulnerability in the Oracle Java SE component AWT and JavaFX</issue>
  <issue tracker="jsc" id="PED-14507"/>
  <issue tracker="jsc" id="PED-15216"/>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-17-openjdk</summary>
  <description>This update for java-17-openjdk fixes the following issues:

Upgrade to upstream tag jdk-17.0.18+8 (January 2026 CPU)

Security fixes:

- CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034).
- CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036).
- CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037).
- CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038).

Other fixes:

- OpenJDK rendering blue borders when it should not, due to missing the fix for JDK-6304250 from upstream (bsc#1255446).
- Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15216).
</description>
</patchinfo>