Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: Java-25-OpenJDK Important Security Patch CVE-2025-53057, 4287-1

suse
Calendar Grey November 28, 2025
Dist Suse Esm H88
Critical update for java-25-openjdk addressing important vulnerabilities and security enhancements as outlined in the advisory.
* bsc#1252414 * bsc#1252417 * bsc#1252418 * jsc#PED-14233

Summary

## This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.1+8 (October 2025 CPU) * Security fixes: * JDK-8360937, CVE-2025-53057, bsc#1252414: Enhance certificate handling * JDK-8356294, CVE-2025-53066, bsc#1252417: Enhance Path Factories * JDK-8359454, CVE-2025-61748, bsc#1252418: Enhance String handling * JDK-8352637: Enhance bytecode verification * Other fixes: * JDK-8367031: [backout] Change java.time month/day field types to 'byte' * JDK-8368308: ISO 4217 Amendment 180 Update * JDK-8366223: ZGC: ZPageAllocator::cleanup_failed_commit_multi_partition is broken * JDK-8360647: [XWayland] [OL10] NumPad keys are not triggered * JDK-8361212: Remove AffirmTrust root CAs * JDK-8356587: Missing object ID X in pool jdk.types.Method

Topics%20covered

Topics Covered

security advisory SuSE patch important certificate handling java-25-openjdk

References

* bsc#1252414

* bsc#1252417

* bsc#1252418

* jsc#PED-14233

Cross-

* CVE-2025-53057

* CVE-2025-53066

* CVE-2025-61748

CVSS scores:

* CVE-2025-53057 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2025-53057 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2025-53057 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2025-53066 ( SUSE ): 8.7

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-53066 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2025-53066 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2025-61748 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:4287-1
Release Date: 2025-11-28T08:23:45Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE patch important certificate handling java-25-openjdk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here