openSUSE 15.6: java-21-openjdk Important Security Fix CVE-2025-30749

opensuse

August 4, 2025

An update that solves four vulnerabilities and has one security fix can now be installed.

Description

This update for java-21-openjdk fixes the following issues:

Update to upstream tag jdk-21.0.8+9 (July 2025 CPU):

Security fixes:

* CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595)

* CVE-2025-30754: incomplete handshake may lead to weakening TLS protections

(bsc#1246598)

* CVE-2025-50059: Improve HTTP client header handling (bsc#1246575)

* CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584)

Other fixes:

* Allow compilation of openjdk for 40 years (bsc#1213796)

Changelog:

+ JDK-6956385: URLConnection.getLastModified() leaks file

handles for jar:file and file: URLs

+ JDK-8051591: Test

javax/swing/JTabbedPane/8007563/Test8007563.java fails

+ JDK-8136895: Writer not closed with disk full error, file

resource leaked

+ JDK-8180450: secondary_super_cache does not scale well

+ JDK-8183348: Better cleanup for

jdk/test/sun/security/pkcs12/P12SecretKey.java

+ JDK-8200566:...

Read the Full Advisory

Topics Covered

security advisory heap corruption important OpenSUSE java-21-openjdk tls provisions

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch SUSE-2025-2657=1 openSUSE-SLE-15.6-2025-2657=1

* Basesystem Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2657=1

* Basesystem Module 15-SP7

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2657=1

Package List

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)

* java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1

* java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1

* java-21-openjdk-devel-21.0.8.0-150600.3.15.1

* java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1

* java-21-openjdk-src-21.0.8.0-150600.3.15.1

* java-21-openjdk-21.0.8.0-150600.3.15.1

* java-21-openjdk-demo-21.0.8.0-150600.3.15.1

* java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1

* java-21-openjdk-headless-21.0.8.0-150600.3.15.1

* java-21-openjdk-jmods-21.0.8.0-150600.3.15.1

* openSUSE Leap 15.6 (noarch)

* java-21-openjdk-javadoc-21.0.8.0-150600.3.15.1

* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)

* java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1

* java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1

* java-21-openjdk-devel-21.0.8.0-150600.3.15.1

* java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1

* java-21-openjdk-21.0.8.0-150600.3.15.1

* java-21-openjdk-demo-21.0.8.0-150600.3.15.1

*...

Read the Full Advisory

References

* bsc#1213796

* bsc#1246575

* bsc#1246584

* bsc#1246595

* bsc#1246598

## References:

* https://www.suse.com/security/cve/CVE-2025-30749.html

* https://www.suse.com/security/cve/CVE-2025-30754.html

* https://www.suse.com/security/cve/CVE-2025-50059.html

* https://www.suse.com/security/cve/CVE-2025-50106.html

* https://bugzilla.suse.com/show_bug.cgi?id=1213796

* https://bugzilla.suse.com/show_bug.cgi?id=1246575

* https://bugzilla.suse.com/show_bug.cgi?id=1246584

* https://bugzilla.suse.com/show_bug.cgi?id=1246595

* https://bugzilla.suse.com/show_bug.cgi?id=1246598

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2025:02657-1

Release Date: 2025-08-04T10:34:53Z

Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7

Topics Covered

security advisory heap corruption important OpenSUSE java-21-openjdk tls provisions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE 15.6: java-21-openjdk Important Security Fix CVE-2025-30749

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE 15.6: java-21-openjdk Important Security Fix CVE-2025-30749

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!