This Red Hat security advisory covers an update to the Red Hat build of OpenJDK 17.0.16 for Windows, which replaces version 17.0.15. The update addresses four security vulnerabilities: CVE-2025-30749 and CVE-2025-50106 related to improved glyph drawing, CVE-2025-30754 enhancing TLS protocol support, and CVE-2025-50059 improving HTTP client header handling. These fixes improve the security posture of the Java runtime and development kit by resolving issues that could potentially affect the integrity and security of Java applications running on Windows. The advisory does not provide CVSS scores but classifies the update as important. No known exploits in the wild have been reported. The update also includes bug fixes and enhancements beyond the security fixes.

The vulnerabilities addressed affect the Red Hat build of OpenJDK 17 on Windows and relate to graphical rendering (glyph drawing), TLS protocol handling, and HTTP client header processing. While the exact impact details and CVSS scores are not provided, Red Hat rates the security impact as important, indicating these issues could potentially lead to security risks if left unpatched. There are no known exploits in the wild at the time of the advisory. The update mitigates these vulnerabilities, reducing the risk to systems running the affected OpenJDK version.

Red Hat has released an updated build of OpenJDK 17.0.16 for Windows that addresses these vulnerabilities. Users should apply this update to replace version 17.0.15 after ensuring all previously released errata relevant to their system have been applied. Detailed instructions for applying the update are available in the Red Hat knowledge base article linked in the advisory. Since this is an official fix from Red Hat, applying the update is the recommended remediation. No additional mitigations or workarounds are specified.