This update for mybatis, ognl fixes the following issues:
Version update to 3.5.7:
* Bug fixes:
* Improved performance under JDK 8. #2223
Version update to 3.5.8:
* List of changes:
* Avoid NullPointerException when mapping an empty string to java.lang.Character. #2368
* Fixed an incorrect argument when initializing static object. This resolves a compatibility issue with quarkus-mybatis. #2284
* Performance improvements. #2297 #2335 #2340
Version update to 3.5.9:
* List of changes:
* Add nullable to
Version update to 3.5.10:
* Bug fixes:
* Unexpected illegal reflective access warning (or InaccessibleObjectException on Java 16+) when calling method in OGNL expression. #2392
* IllegalAccessException when auto-mapping Records (JEP-359) #2195
* 'interrupted'...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3285=1
* openSUSE Leap 15.6 (noarch)
* ognl-javadoc-3.4.7-150200.5.3.1
* mybatis-3.5.19-150200.5.9.1
* ognl-3.4.7-150200.5.3.1
* mybatis-javadoc-3.5.19-150200.5.9.1
* bsc#1248252
## References:
* https://www.suse.com/security/cve/CVE-2025-53192.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248252
Get the latest Linux and open source security news straight to your inbox.