RedHat has issued an advisory yesterday (October 16):
https://access.redhat.com/errata/RHSA-2019:3128

Suggested advisory:
========================

The updated packages fix several bugs and some security issues:

Improper handling of Kerberos proxy credentials (Kerberos, 8220302). (CVE-2019-2949)

Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518). (CVE-2019-2975)

Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892). (CVE-2019-2978)

Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298). (CVE-2019-2989)

Missing restrictions on use of custom SocketImpl (Networking, 8218573). (CVE-2019-2945)

NULL pointer dereference in DrawGlyphList (2D, 8222690). (CVE-2019-2962)

Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684). (CVE-2019-2964)

Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505). (CVE-2019-2973)

Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532). (CVE-2019-2981)

Unexpected exception thrown during Font object deserialization (Serialization, 8224915). (CVE-2019-2983)

Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286). (CVE-2019-2987)

Integer overflow in bounds check in SunGraphics2D (2D, 8225292). (CVE-2019-2988)

Excessive memory allocation in CMap when reading TrueType font (2D, 8225597). (CVE-2019-2992)

Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765). (CVE-2019-2999)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2949
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2999
https://access.redhat.com/errata/RHSA-2019:3128
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA
========================

Updated packages in core/updates_testing:
========================
java-1.8.0-openjdk-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-headless-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-devel-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-demo-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-src-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-javadoc-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-javadoc-zip-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-accessibility-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-openjfx-1.8.0.232-1.b09.1.mga7
java-1.8.0-openjdk-openjfx-devel-1.8.0.232-1.b09.1.mga7

from SRPMS:
java-1.8.0-openjdk-1.8.0.232-1.b09.1.mga7.src.rpm

Whiteboard: MGA7TOO => (none)
Status: NEW => ASSIGNED
Version: Cauldron => 7
Assignee: nicolas.salguero => qa-bugs

When I generated the openjdk tarball, I forgot PR3667 (remove some cryptographic algorithms). So there is a new build based upon Fedora tarball.

Updated packages in core/updates_testing:
========================
java-1.8.0-openjdk-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-headless-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-devel-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-demo-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-src-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-javadoc-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-javadoc-zip-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-accessibility-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-openjfx-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-openjfx-devel-1.8.0.232-1.b09.2.mga7

from SRPMS:
java-1.8.0-openjdk-1.8.0.232-1.b09.2.mga7.src.rpm

Installed and tested without issues.

Tested using sweethome3d, projectlibre, netbeans, htmlcleaner, yuicompressor. No regressions noticed.

System: Mageia 7, x86_64, Plasma DE, LXQt DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver.

$ uname -a
Linux marte 5.3.6-desktop-2.mga7 #1 SMP Sun Oct 13 18:22:10 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ rpm -qa | grep java-1.8.0-openjdk
java-1.8.0-openjdk-1.8.0.232-1.b09.2.mga7
java-1.8.0-openjdk-headless-1.8.0.232-1.b09.2.mga7

CC: (none) => mageia
Whiteboard: (none) => MGA7-64-OK

Validating. Advisory in Comment 3.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0302.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED