Debian Trixie: Critical XML Vulnerability Patch for OpenJDK 25 DSA-6039-1

debian

October 26, 2025

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect string equality checks, XML XXE/XEE attacks or incorrect certificate validat...

Topics Covered

security advisory debian important openjdk XML attack string equality

Summary

For the stable distribution (trixie), these problems have been fixed in
version 25.0.1+8-1~deb13u1.

We recommend that you upgrade your openjdk-25 packages.

For the detailed security status of openjdk-25 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/openjdk-25

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Severity

important

Lowest

Low

Medium

High

Critical

Package: openjdk-25

CVE ID: CVE-2025-53057 CVE-2025-53066 CVE-2025-61748

Topics Covered

security advisory debian important openjdk XML attack string equality

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian Trixie: Critical XML Vulnerability Patch for OpenJDK 25 DSA-6039-1

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian Trixie: Critical XML Vulnerability Patch for OpenJDK 25 DSA-6039-1

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!