Red Hat Security Advisory: java-25-openjdk security update

CVE-2026-22007 — openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04) CVE-2026-22008 — openjdk: Improved Arena allocations (Oracle CPU 2026-04) CVE-2026-22013 — openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04) CVE-2026-22016 — openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04) CVE-2026-22018 — openjdk: Enhance Zip file reading (Oracle CPU 2026-04) CVE-2026-22021 — openjdk: Enhance certificate chain validation (Oracle CPU 2026-04) CVE-2026-23865 — freetype: Information disclosure or denial of service via specially crafted font files CVE-2026-26740 — giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension CVE-2026-33416 — libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33636 — libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-34268 — openjdk: Enhance key generation (Oracle CPU 2026-04) CVE-2026-34282 — openjdk: Enhance TLS connection handling (Oracle CPU 2026-04)