Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

# openSUSE: 2025:1500-2 Medium: python-3.10 Denial Of Service

suse
Calendar Grey May 6, 2024
Dist Suse Esm H88
Uncover the minor severity security bulletin for java-17-openjdk, highlighting essential updates and SUSE patch guidelines.
* bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222986 * bsc#1222987

Summary

## This update for java-17-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Update to upstream tag jdk-17.0.11+9 (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes \+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796: [macosx]

Topics%20covered

Topics Covered

security advisory denial of service software updates low severity openSUSE patch instructions java-17-openjdk

References

* bsc#1213470

* bsc#1222979

* bsc#1222983

* bsc#1222986

* bsc#1222987

Cross-

* CVE-2024-21011

* CVE-2024-21012

* CVE-2024-21068

* CVE-2024-21094

CVSS scores:

* CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

* CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

* CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* Basesystem Module 15-SP5

* openSUSE Leap 15.4

* openSUSE Leap 15.5

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4

* SUSE Linux Enterprise Desktop 15 SP5

* SUSE Linux Enterprise High Performance Computing 15 SP4

* SUSE Linux Enterprise High Performance Computing 15 SP5

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:1499-1
Rating: low

Topics%20covered

Topics Covered

security advisory denial of service software updates low severity openSUSE patch instructions java-17-openjdk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here