This Red Hat security advisory covers the OpenJDK 11.0.30 ELS release for Windows builds, which replaces version 11.0.29. It addresses six CVEs: two buffer overflow vulnerabilities in the LIBPNG library (CVE-2025-64720 and CVE-2025-65018), and four additional vulnerabilities related to JMX connections (CVE-2026-21925), URI handling (CVE-2026-21932), HTTP server request handling (CVE-2026-21933), and certificate checking (CVE-2026-21945). The advisory rates the security impact as moderate and provides a link to detailed release notes and update instructions. The update is applicable to multiple architectures of Red Hat Enterprise Linux running OpenJDK 11 ELS. No CVSS scores are provided within the advisory, and no known active exploits have been reported.

The vulnerabilities fixed in this update include heap and standard buffer overflows in the LIBPNG library, which could potentially lead to memory corruption. Other fixes improve security in JMX connections, URI handling, HTTP server request processing, and certificate validation. The overall security impact is rated as moderate by Red Hat. There are no reports of known exploits in the wild targeting these vulnerabilities at this time.

Red Hat has released an official update for OpenJDK 11.0.30 ELS that addresses these vulnerabilities. Users should apply this update to replace the previous 11.0.29 build. Before applying the update, ensure all previously released errata relevant to your system are installed. Detailed update instructions are available at Red Hat's official documentation: https://access.redhat.com/articles/11258. No additional mitigation steps are indicated or required beyond applying the official update.