This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.31+11 (April 2026 CPU).    
    
Security issues fixed:

- CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain
  unauthorized read access to a subset of accessible data (bsc#1262490).
- CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized
  access to critical data (bsc#1262494).
- CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized
  to access critical data (bsc#1262495).
- CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial
  denial of service (bsc#1262496).
- CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service
  (bsc#1262497).
- CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an
  out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118).
- CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain
  unauthorized read access to a subset of data (bsc#1262500).
- CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or
  frequently repeatable crash (bsc#1262501).

Other updates and bugfixes:

- Provide the timezone-java and tzdata-java (jsc#PED-15898).