ELA-1556-1 openjdk-11 security update

multiple vulnerabilities

2025-10-26

Package	openjdk-11
Version	11.0.29+6-1~deb10u1 (buster)
Related CVEs	CVE-2025-53057 CVE-2025-53066

Two vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in XML external entity injection attacks or incorrect certificate validation.

For Debian 10 buster, these problems have been fixed in version 11.0.29+6-1~deb10u1.

We recommend that you upgrade your openjdk-11 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.