How soon can we expect updated images when there’s a critical vulnerability?

Java currently has a serious vulnerability published april 19:
CVE-2022-21449

https://openjdk.java.net/groups/vulnerability/advisories/2022-04-19

I have checked updates for the openjdk official images since yesterday morning.
Images were last pushed yesterday, but doesn’t seem to include the security fix.

For instance openjdk:18-jdk-slim:
openjdk:18-jdk-slim@sha256:c75cc7e3da69f50d23086c2b78098fde5979a0c3995285b9e720deff32f45843

When i run it and check java -version I get
“openjdk version “18” 2022-03-22”

I have read Docker Official Images | Docker Documentation

“Ensure that security updates are applied in a timely manner.” is a bit unclear.

Hi

Check this: