The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix: * OpenJDK: Improper ECDSA signature verification * OpenJDK: Defective secure validation in Apache Santuario * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler * OpenJDK: Missing check for negative ObjectIdentifier * OpenJDK: URI parsing inconsistencies For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Enable the import of plain keys into the NSS Software Token while in FIPS mode [Rocky Linux-8, openjdk-17] * Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode [Rocky Linux-8, openjdk-17]