- Update to jdk-17.0.15+6 - Set bundled freetype provide version to 2.13.2 - Set bundled harfbuzz provide version to 8.2.2 - Require tzdata-java 2025a at runtime and for build - CVE-2025-21502: fix Hotspot component vulnerability allowing unauthorized access to resources and exposure of sensitive information - CVE-2025-30698: fix 2D component vulnerability allowing unauthorized data access and partial denial of service - CVE-2025-30691: fix Compiler component vulnerability allowing unauthorized data access and modification (CVSS 4.8 Medium) - CVE-2025-21587: fix JSSE component vulnerability allowing unauthorized creation/deletion/modification of critical data - CVE-2024-20921: fix information disclosure in Hotspot that allows remote attackers to access sensitive data via untrusted input through exposed APIs or sandboxed environments - CVE-2024-21235: fix vulnerability in Hotspot that allows remote attackers to read or modify limited data via untrusted input through exposed APIs or sandboxed code - CVE-2024-21217: fix vulnerability in Serialization that allows remote attackers to trigger partial denial of service via untrusted input through exposed APIs or sandboxed code - CVE-2024-21210: fix vulnerability in Hotspot that allows remote attackers to modify limited data via untrusted input through exposed APIs or sandboxed code. - CVE-2024-21208: fix security vulnerability in OpenJDK component - CVE-2024-21147: fix Hotspot component vulnerability allowing unauthorized data access - CVE-2024-21145: fix 2D component vulnerability allowing unauthorized data access - CVE-2024-21144: fix security vulnerability in OpenJDK component - CVE-2024-21140: fix Hotspot component vulnerability - CVE-2024-21138: fix Hotspot component vulnerability causing partial denial of service - CVE-2024-21131: fix vulnerability in Hotspot that allows remote attackers to modify limited data via untrusted input through exposed APIs or sandboxed code - CVE-2024-21094: fix Hotspot component vulnerability allowing unauthorized data modification - CVE-2024-21085: fix Concurrency component vulnerability causing partial denial of service - CVE-2024-21068: fix Hotspot component vulnerability allowing unauthorized data access - CVE-2024-21011: fix Hotspot component vulnerability causing partial denial of service - CVE-2024-20918: fix information disclosure and data modification in Hotspot via untrusted input - CVE-2024-20952: fix information disclosure and data modification in Security via untrusted input - CVE-2024-20926: fix information disclosure in Scripting via untrusted input - CVE-2023-48161: fix buffer overflow in GifLib’s DumpSCreen2RGB function allowing local attackers to access sensitive information - CVE-2023-22025: fix data modification in Hotspot via untrusted input through exposed APIs or sandboxed code - CVE-2023-25193: fix O(n^2) growth vulnerability in HarfBuzz's hb-ot-layout-gsubgpos.hh when processing consecutive marks