Red Hat Security Advisory: java-17-openjdk security update
This Red Hat Security Advisory addresses multiple vulnerabilities in the java-17-openjdk packages, which provide the OpenJDK 17 Java Runtime Environment and Software Development Kit. The update fixes four security issues related to glyph drawing, TLS protocol support, and HTTP client header handling. Additionally, it resolves a bug affecting screen capture functionality on Wayland graphical systems by recommending the PipeWire package. The advisory covers Red Hat Enterprise Linux versions 8 and 9 and related variants. No known exploits in the wild have been reported. The update is rated as important by Red Hat Product Security, and a patch is available through the provided update channels.
AI Analysis
Technical Summary
The java-17-openjdk packages for Red Hat Enterprise Linux have multiple security fixes addressing CVE-2025-30749, CVE-2025-30754, CVE-2025-50059, and CVE-2025-50106. These vulnerabilities involve improvements in glyph drawing, TLS protocol support, and HTTP client header handling. The advisory also includes a bug fix for screen capture issues on Wayland systems by recommending the PipeWire package. The update applies to various Red Hat Enterprise Linux 8 and 9 versions and related builder and extended update support products. Red Hat has released an official security update (RHSA-2025:10867) to remediate these issues.
Potential Impact
The vulnerabilities fixed by this update affect the Java runtime and development environment, potentially impacting the security and stability of Java applications running on affected Red Hat Enterprise Linux systems. The issues relate to graphical rendering, TLS protocol handling, and HTTP client header processing, which could affect application behavior or security posture. The advisory rates the security impact as Important (high severity). No known active exploits have been reported.
Mitigation Recommendations
An official security update from Red Hat is available and should be applied to affected systems. Before applying this update, ensure all previously released errata relevant to your system have been installed. Follow Red Hat's guidance on applying updates as detailed in their documentation (https://access.redhat.com/articles/11258). The update also recommends installing the PipeWire package on Wayland-based systems to resolve screen capture issues. No additional mitigation actions are indicated by the vendor.
Red Hat Security Advisory: java-17-openjdk security update
Description
This Red Hat Security Advisory addresses multiple vulnerabilities in the java-17-openjdk packages, which provide the OpenJDK 17 Java Runtime Environment and Software Development Kit. The update fixes four security issues related to glyph drawing, TLS protocol support, and HTTP client header handling. Additionally, it resolves a bug affecting screen capture functionality on Wayland graphical systems by recommending the PipeWire package. The advisory covers Red Hat Enterprise Linux versions 8 and 9 and related variants. No known exploits in the wild have been reported. The update is rated as important by Red Hat Product Security, and a patch is available through the provided update channels.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The java-17-openjdk packages for Red Hat Enterprise Linux have multiple security fixes addressing CVE-2025-30749, CVE-2025-30754, CVE-2025-50059, and CVE-2025-50106. These vulnerabilities involve improvements in glyph drawing, TLS protocol support, and HTTP client header handling. The advisory also includes a bug fix for screen capture issues on Wayland systems by recommending the PipeWire package. The update applies to various Red Hat Enterprise Linux 8 and 9 versions and related builder and extended update support products. Red Hat has released an official security update (RHSA-2025:10867) to remediate these issues.
Potential Impact
The vulnerabilities fixed by this update affect the Java runtime and development environment, potentially impacting the security and stability of Java applications running on affected Red Hat Enterprise Linux systems. The issues relate to graphical rendering, TLS protocol handling, and HTTP client header processing, which could affect application behavior or security posture. The advisory rates the security impact as Important (high severity). No known active exploits have been reported.
Mitigation Recommendations
An official security update from Red Hat is available and should be applied to affected systems. Before applying this update, ensure all previously released errata relevant to your system have been installed. Follow Red Hat's guidance on applying updates as detailed in their documentation (https://access.redhat.com/articles/11258). The update also recommends installing the PipeWire package on Wayland-based systems to resolve screen capture issues. No additional mitigation actions are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:10867
- Cve Count
- 4
- Additional Cves
- ["CVE-2025-30754","CVE-2025-50059","CVE-2025-50106"]
- Cvss Version
- null
Threat ID: 6a1f4e87e29bf47b500805fb
Added to database: 6/2/2026, 9:43:35 PM
Last enriched: 6/2/2026, 10:06:31 PM
Last updated: 6/3/2026, 5:07:40 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.