Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorymoderateupdateSUSE: 2025:0338-1 moderate: java-11-openjdk array handling issue
* bsc#1236278 Cross-References: * CVE-2025-21502 . # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:0338-1 Release Date: 2025-02-03T15:13:42Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for java-11-openjdk fixes the followingissues: Upgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts * JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java fails on linux-x64 * JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only * JDK-8247706: Unintentional use of new Date(year...) with absolute year * JDK-8299254: Support dealing with standard assert macro * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8328300: Convert PrintDialogsTest.java from Applet to main program * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8334332: TestIOException.java fails if run by root * JDK-8335428: Enhanced Building of Processes * JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336564: Enhance mask blit functionality redux * JDK-8338402: GHA: some of bundles may not get removed * JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26 * JDK-8339180: Enhanced Building of Processes: Follow-on Issue * JDK-8339470: [17u] More defensive fix for 8163921 * JDK-8339637: (tz) Update Timezone Data to 2024b * JDK-8339644: Improve parsing of Day/Month in tzdata rules * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names * JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1 * JDK-8340815: Add SECURITY.md file * JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compilefails * JDK-8342629: [11u] Properly message out that shenandoah is disabled * JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.26 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-338=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-338=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-338=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-338=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-338=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-338=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-338=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-338=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-338=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-338=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-338=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-338=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-338=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-338=1 * SUSE Linux EnterpriseServer for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-338=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-338=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-338=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-338=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-src-11.0.26.0-150000.3.122.1 * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-jmods-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 *java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 *java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) *java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1 * java-11-openjdk-devel-11.0.26.0-150000.3.122.1 * java-11-openjdk-headless-11.0.26.0-150000.3.122.1 * java-11-openjdk-demo-11.0.26.0-150000.3.122.1 * java-11-openjdk-11.0.26.0-150000.3.122.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21502.html * https://bugzilla.suse.com/show_bug.cgi?id=1236278 . SUSE-SU-2025:0338-1 Java 11 OpenJDK patch addresses array handling concerns. Essential update applies.. java-11-openjdk, SUSE update, security advisory, open source fix. . LinuxSecurity.com Team
Feb 03, 2025
SuSE
100
security advisorymoderateupdateSUSE 2025:0339-1 moderate: java-17-openjdk security patch
* bsc#1236278 Cross-References: * CVE-2025-21502 . # Security update for java-17-openjdk Announcement ID: SUSE-SU-2025:0339-1 Release Date: 2025-02-03T15:14:56Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.14+7 (January 2025 CPU): Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color * JDK-8028127: Regtestjava/security/Security/SynchronizedAccess.java is incorrect * JDK-8071693: Introspector ignores default interface methods * JDK-8195675: Call to insertText with single character from custom Input Method ignored * JDK-8202926: Test java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html fails * JDK-8207908: JMXStatusTest.java fails assertion intermittently * JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully stopped without starting listening" * JDK-8254759: [TEST_BUG] [macosx] javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails * JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with "RuntimeException: Could not find class leak" * JDK-8268364: jmethod clearing should be done during unloading * JDK-8269770: nsk tests should start IOPipe channel before launch debuggee - Debugee.prepareDebugee * JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than O_BUFLEN * JDK-8271456: Avoid looking up standard charsets in "java.desktop" module * JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM flags * JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM flags * JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release VMs * JDK-8272746: ZipFile can't open big file (NegativeArraySizeException) * JDK-8273914: Indy string concat changes order of operations * JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution * JDK-8274505: Too weak variable type leads to unnecessary cast in java.desktop * JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with "SocketTimeoutException: Read timed out" * JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime test * JDK-8280131: jcmd reports "Module jdk.jfr not found." when "jdk.management.jfr" is missing * JDK-8281379: Assign package declarations to all jtreg test cases under gc * JDK-8282578: AIOOBE in javax.sound.sampled.Clip * JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox * JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java timeouts * JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11 * JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie problem * JDK-8286160: (fs) Files.exists returns unexpected results with C:\pagefile.sys because it's not readable * JDK-8287003: InputStreamReader::read() can return zero despite writing a char in the buffer * JDK-8288976: classfile parser 'wrong name' error message has the names the wrong way around * JDK-8289184: runtime/ClassUnload/DictionaryDependsTest.java failed with "Test failed: should be unloaded" * JDK-8290023: Remove use of IgnoreUnrecognizedVMOptions in gc tests * JDK-8290269: gc/shenandoah/TestVerifyJCStress.java fails due to invalid tag: required after JDK-8290023 * JDK-8292309: Fix "java/awt/PrintJob/ConstrainedPrintingTest/ConstrainedPrintingTest.java" test * JDK-8293061: Combine CDSOptions and AppCDSOptions test utility classes * JDK-8293877: Rewrite MineField test * JDK-8294193: Files.createDirectories throws FileAlreadyExistsException for a symbolic link whose target is an existing directory * JDK-8294726: Update URLs in minefield tests * JDK-8295239: Refactor java/util/Formatter/Basic script into a Java native test launcher * JDK-8295344: Harden runtime/StackGuardPages/TestStackGuardPages.java * JDK-8295859: Update Manual Test Groups * JDK-8296709: WARNING: JNI call made without checking exceptions * JDK-8296718: Refactor bootstrap Test Common Functionalities to test/lib/Utils * JDK-8296787: Unify debug printing format of X.509 cert serial numbers * JDK-8296972: [macos13] java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java: getExtendedState() != 6 as expected. * JDK-8298513: vmTestbase/nsk/jdi/EventSet/suspendPolicy/suspendpolicy009/TestDescription.java fails with usage tracker * JDK-8300416: java.security.MessageDigestSpi clone can result in thread- unsafe clones * JDK-8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated * JDK-8302225: SunJCE Provider doesn't validate key sizes when using 'constrained' transforms for AES/KW and AES/KWP * JDK-8303697: ProcessTools doesn't print last line of process output * JDK-8303705: Field sleeper.started should be volatile JdbLockTestTarg.java * JDK-8303742: CompletableFuture.orTimeout leaks if the future completes exceptionally * JDK-8304020: Speed up test/jdk/java/util/zip/ZipFile/TestTooManyEntries.java and clarify its purpose * JDK-8304557: java/util/concurrent/CompletableFuture/CompletableFutureOrTimeoutExceptionallyTest.java times out * JDK-8306015: Update sun.security.ssl TLS tests to use SSLContextTemplate or SSLEngineTemplate * JDK-8307297: Move some DnD tests to open * JDK-8307408: Some jdk/sun/tools/jhsdb tests don't pass test JVM args to the debuggee JVM * JDK-8309109: AArch64: [TESTBUG] compiler/intrinsics/sha/cli/TestUseSHA3IntrinsicsOptionOnSupportedCPU.java fails on Neoverse N2 and V1 * JDK-8309303: jdk/internal/misc/VM/RuntimeArguments test ignores jdk/internal/vm/options * JDK-8309532: java/lang/Class/getDeclaredField/FieldSetAccessibleTest should filter modules that depend on JVMCI * JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled ComboBox does not match in these LAFs: GTK- * JDK-8310731: Configure a javax.net.ssl.SNIMatcher for the HTTP/1.1 test servers in java/net/httpclient tests * JDK-8312111: open/test/jdk/java/awt/Robot/ModifierRobotKey/ModifierRobotKeyTest.java fails on ubuntu 23.04 * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds * JDK-8313638:Add test for dump of resolved references * JDK-8313854: Some tests in serviceability area fail on localized Windows platform * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le * JDK-8314333: Update com/sun/jdi/ProcessAttachTest.java to use ProcessTools.createTestJvm(..) * JDK-8314824: Fix serviceability/jvmti/8036666/GetObjectLockCount.java to use vm flags * JDK-8314829: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java ignores vm flags * JDK-8314831: NMT tests ignore vm flags * JDK-8315097: Rename createJavaProcessBuilder * JDK-8315406: [REDO] serviceability/jdwp/AllModulesCommandTest.java ignores VM flags * JDK-8315988: Parallel: Make TestAggressiveHeap use createTestJvm * JDK-8316410: GC: Make TestCompressedClassFlags use createTestJvm * JDK-8316446: 4 sun/management/jdp tests ignore VM flags * JDK-8316447: 8 sun/management/jmxremote tests ignore VM flags * JDK-8316464: 3 sun/tools tests ignore VM flags * JDK-8316562: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java times out after JDK-8314829 * JDK-8316581: Improve performance of Symbol::print_value_on() * JDK-8317042: G1: Make TestG1ConcMarkStepDurationMillis use createTestJvm * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame * JDK-8317188: G1: Make TestG1ConcRefinementThreads use createTestJvm * JDK-8317218: G1: Make TestG1HeapRegionSize use createTestJvm * JDK-8317347: Parallel: Make TestInitialTenuringThreshold use createTestJvm * JDK-8317738: CodeCacheFullCountTest failed with "VirtualMachineError: Out of space in CodeCache for method handle intrinsic" * JDK-8318964: Fix build failures caused by 8315097 * JDK-8319574: Exec/process tests should be marked as flagless * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not conform to the javadoc and may leak DateTimeException * JDK-8319651: Several network tests ignore vm flags when start java process * JDK-8319817: Charset constructor should makedefensive copy of aliases * JDK-8320586: update manual test/jdk/TEST.groups * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple instructions * JDK-8320675: PrinterJob/SecurityDialogTest.java hangs * JDK-8321163: [test] OutputAnalyzer.getExitValue() unnecessarily logs even when process has already completed * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably trigger class unloading * JDK-8321470: ThreadLocal.nextHashCode can be static final * JDK-8321543: Update NSS to version 3.96 * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile * JDK-8322754: click JComboBox when dialog about to close causes IllegalComponentStateException * JDK-8322766: Micro bench SSLHandshake should use default algorithms * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not match the order * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries * JDK-8323562: SaslInputStream.read() may return wrong value * JDK-8323688: C2: Fix UB of jlong overflow in PhaseIdealLoop::is_counted_loop() * JDK-8324808: Manual printer tests have no Pass/Fail buttons, instructions close set 3 * JDK-8324841: PKCS11 tests still skip execution * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with UseLargePages * JDK-8325525: Create jtreg test case for JDK-8325203 * JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM * JDK-8325610: CTW: Add StressIncrementalInlining to stress options * JDK-8325616: JFR ZGC Allocation Stall events should record stack traces * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java * JDK-8325851: Hide PassFailJFrame.Builder constructor * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten instead of Deflater.getTotalOut * JDK-8326121: vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl failed with Full gc happened. Test was useless. * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests * JDK-8326898: NSK tests should listen on loopback addresses only * JDK-8326948: Force English locale for timeout formatting * JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug * JDK-8327474: Review use of java.io.tmpdir in jdk tests * JDK-8327924: Simplify TrayIconScalingTest.java * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html to main program * JDK-8328242: Add a log area to the PassFailJFrame * JDK-8328303: 3 JDI tests timed out with UT enabled * JDK-8328379: Convert URLDragTest.html applet test to main * JDK-8328402: Implement pausing functionality for the PassFailJFrame * JDK-8328619: sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed with BindException: Address already in use * JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization * JDK-8328723: IP Address error when client enables HTTPS endpoint check on server socket * JDK-8328957: Update PKCS11Test.java to not use hardcoded path * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address * JDK-8330464: hserr generic events - add entry for the before_exit calls * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess * JDK-8330814: Cleanups for KeepAliveCache tests * JDK-8331142: Add test for number of loader threads in BasicDirectoryModel * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts method for essential options * JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS * JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock * JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows only * JDK-8331626: unsafe.cpp:162:38: runtime error in index_oop_from_field_offset_long - applying non-zero offset4563897424 to null pointer * JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error: load of value 208, which is not a valid value for type 'bool' * JDK-8331863: DUIterator_Fast used before it is constructed * JDK-8331864: Update Public Suffix List to 1cbd6e7 * JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java frequently fails on Windows in CI * JDK-8332340: Add JavacBench as a test case for CDS * JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer passed as argument 1, which is declared to never be null * JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error: member call on null pointer of type 'struct Array' * JDK-8332724: x86 MacroAssembler may over-align code * JDK-8332777: Update JCStress test suite * JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on macOS * JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error: load of value 171, which is not a valid value for type 'bool' * JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21: runtime error: signed integer overflow: 9223372036854775807 - 1 cannot be represented in type 'long int' * JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched JNINativeInterface tables, check for new entries * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java failed with: Invalid ECDH ServerKeyExchange signature * JDK-8333824: Unused ClassValue in VarHandles * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed in testWakeupDuringSelect * JDK-8334562: Automate com/sun/security/auth/callback/TextCallbackHandler/Default.java test * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times out with -Xcomp * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to compile * JDK-8335428: Enhanced Building of Processes * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content different at byte ... * JDK-8335493: check_gc_overhead_limit should reset SoftRefPolicy::_should_clear_all_soft_refs * JDK-8335530: Java file extension missing in AuthenticatorTest * JDK-8335709: C2: assert(!loop-> is_member(get_loop(useblock))) failed: must be outside loop * JDK-8335904: Fix invalid comment in ShenandoahLock * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java fails with java.lang.ArithmeticException * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app name * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check is calculator process is alive * JDK-8336342: Fix known X11 library locations in sysroot * JDK-8336343: Add more known sysroot library locations for ALSA * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and GdkPixbuf * JDK-8336564: Enhance mask blit functionality redux * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with /manual and /timeout * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string returns wrong result * JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland * JDK-8337410: The makefiles should set problemlist and adjust timeout basing on the given VM flags * JDK-8337780: RISC-V: C2:Change C calling convention for sp to NS * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on Windows * JDK-8337851: Some tests have name which confuse jtreg * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on older docker releases * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned after JDK-8338058 * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate in ProblemList * JDK-8338286: GHA: Demote x86_32 to hotspot build only * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface to listen for connections * JDK-8338402: GHA: some of bundles may not get removed * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find symbol after JDK-8299813 * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2 * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java * JDK-8339081: Bump update version for OpenJDK: jdk-17.0.14 * JDK-8339180: Enhanced Building of Processes: Follow-on Issue * JDK-8339248: RISC-V: Remove li64 macro assembler routine and related code * JDK-8339384: Unintentional IOException in jdk.jdi module when JDWP end of stream occurs * JDK-8339470: [17u] More defensive fix for 8163921 * JDK-8339487: ProcessHandleImpl os_getChildren sysctl call - retry in case of ENOMEM and enhance exception message * JDK-8339548: GHA: RISC-V: Use Debian snapshot archive for bootstrap * JDK-8339560: Unaddressed comments during code review of JDK-8337664 * JDK-8339591: Mark jdk/jshell/ExceptionMessageTest.java intermittent * JDK-8339637: (tz) Update Timezone Data to 2024b * JDK-8339644: Improve parsing of Day/Month in tzdata rules * JDK-8339731: java.desktop/share/classes/javax/swing/text/html/default.css typo in margin settings * JDK-8339741: RISC-V: C ABI breakage for integer on stack * JDK-8339787: Add someadditional diagnostic output to java/net/ipv6tests/UdpTest.java * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files * JDK-8339892: Several security shell tests don't set TESTJAVAOPTS * JDK-8339931: Update problem list for WindowUpdateFocusabilityTest.java * JDK-8340007: Refactor KeyEvent/FunctionKeyTest.java * JDK-8340008: KeyEvent/KeyTyped/Numpad1KeyTyped.java has 15 seconds timeout * JDK-8340210: Add positionTestUI() to PassFailJFrame.Builder * JDK-8340230: Tests crash: assert(is_in_encoding_range || k-> is_interface() || k-> is_abstract()) failed: sanity * JDK-8340306: Add border around instructions in PassFailJFrame * JDK-8340308: PassFailJFrame: Make rows default to number of lines in instructions * JDK-8340365: Position the first window of a window list * JDK-8340387: Update OS detection code to recognize Windows Server 2025 * JDK-8340418: GHA: MacOS AArch64 bundles can be removed prematurely * JDK-8340461: Amend description for logArea * JDK-8340466: Add description for PassFailJFrame constructors * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names * JDK-8340632: ProblemList java/nio/channels/DatagramChannel/ for Macos * JDK-8340657: [PPC64] SA determines wrong unextendedSP * JDK-8340684: Reading from an input stream backed by a closed ZipFile has no test coverage * JDK-8340785: Update description of PassFailJFrame and samples * JDK-8340799: Add border inside instruction frame in PassFailJFrame * JDK-8340812: LambdaForm customization via MethodHandle::updateForm is not thread safe * JDK-8340815: Add SECURITY.md file * JDK-8340899: Remove wildcard bound in PositionWindows.positionTestWindows * JDK-8341146: RISC-V: Unnecessary fences used for load-acquire in template interpreter * JDK-8341235: Improve default instruction frame title in PassFailJFrame * JDK-8341562: RISC-V: Generate comments in -XX:-PrintInterpreter to link to source code * JDK-8341635: [17u]runtime/ErrorHandling/ClassPathEnvVar test ignores external VM flags * JDK-8341688: Aarch64: Generate comments in -XX:-PrintInterpreter to link to source code * JDK-8341806: Gcc version detection failure on Alinux3 * JDK-8341927: Replace hardcoded security providers with new test.provider.name system property * JDK-8341997: Tests create files in src tree instead of scratch dir * JDK-8342181: Update tests to use stronger Key and Salt size * JDK-8342183: Update tests to use stronger algorithms and keys * JDK-8342188: Update tests to use stronger key parameters and certificates * JDK-8342496: C2/Shenandoah: SEGV in compiled code when running jcstress * JDK-8342578: GHA: RISC-V: Bootstrap using Debian snapshot is still failing * JDK-8342669: [21u] Fix TestArrayAllocatorMallocLimit after backport of JDK-8315097 * JDK-8342681: TestLoadBypassesNullCheck.java fails improperly specified VM option * JDK-8342701: [PPC64] TestOSRLotsOfLocals.java crashes * JDK-8342962: [s390x] TestOSRLotsOfLocals.java crashes * JDK-8343285: java.lang.Process is unresponsive and CPU usage spikes to 100% * JDK-8343474: [updates] Customize README.md to specifics of update project * JDK-8343687: [17u] TestAntiDependencyForPinnedLoads requires UTF-8 * JDK-8343848: Fix typo of property name in TestOAEPPadding after 8341927 * JDK-8343877: Test AsyncClose.java intermittent fails - Socket.getInputStream().read() wasn't preempted * JDK-8343923: GHA: Switch to Xcode 15 on MacOS AArch64 runners * JDK-8347011: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-339=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-339=1 * Basesystem Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP6-2025-339=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-339=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-339=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-339=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-339=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-339=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-339=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-339=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-339=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-339=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-339=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-339=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-339=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-src-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 *java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-src-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 *java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-devel-17.0.14.0-150400.3.51.1 * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-17.0.14.0-150400.3.51.1 * java-17-openjdk-17.0.14.0-150400.3.51.1 * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1 * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1 * java-17-openjdk-demo-17.0.14.0-150400.3.51.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21502.html * https://bugzilla.suse.com/show_bug.cgi?id=1236278 . SUSE has released a new version of java-17-openjdk to rectify a notable security issue linked to array processing; make sure to update your system.. java security update, SUSE advisory, openSUSE java-17 patches, java-17-openjdk security. . LinuxSecurity.com Team
Feb 03, 2025
SuSE
100
security advisorymoderate severitysoftware advisoryopenSUSE 15.6: 2025:0279-1 moderate: java-21-openjdk array handling issue
* bsc#1236278 Cross-References: * CVE-2025-21502 . # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:0279-1 Release Date: 2025-01-28T23:47:05Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows * JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect * JDK-8195675: Call to insertText with single character from custom Input Method ignored * JDK-8207908: JMXStatusTest.java fails assertion intermittently * JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully stopped without starting listening" * JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox * JDK-8296787: Unify debug printing format of X.509 cert serial numbers * JDK-8296972: [macos13] java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java: getExtendedState() != 6 as expected. * JDK-8306446: java/lang/management/ThreadMXBean/Locks.javatransient failures * JDK-8308429: jvmti/StopThread/stopthrd007 failed with "NoClassDefFoundError: Could not initialize class jdk.internal.misc.VirtualThreads" * JDK-8309218: java/util/concurrent/locks/Lock/OOMEInAQS.java still times out with ZGC, Generational ZGC, and SerialGC * JDK-8311301: MethodExitTest may fail with stack buffer overrun * JDK-8311656: Shenandoah: Unused ShenandoahSATBAndRemarkThreadsClosure::_claim_token * JDK-8312518: [macos13] setFullScreenWindow() shows black screen on macOS 13 & above * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le * JDK-8315701: [macos] Regression: KeyEvent has different keycode on different keyboard layouts * JDK-8316428: G1: Nmethod count statistics only count last code root set iterated * JDK-8316893: Compile without -fno-delete-null-pointer-checks * JDK-8316895: SeenThread::print_action_queue called on a null pointer * JDK-8316907: Fix nonnull-compare warnings * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame * JDK-8317575: AArch64: C2_MacroAssembler::fast_lock uses rscratch1 for cmpxchg result * JDK-8318105: [jmh] the test java.security.HSS failed with 2 active threads * JDK-8318442: java/net/httpclient/ManyRequests2.java fails intermittently on Linux * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not conform to the javadoc and may leak DateTimeException * JDK-8319673: Few security tests ignore VM flags * JDK-8319678: Several tests from corelibs areas ignore VM flags * JDK-8319960: RISC-V: compiler/intrinsics/TestInteger/LongUnsignedDivMod.java failed with "counts: Graph contains wrong number of nodes" * JDK-8319970: AArch64: enable tests compiler/intrinsics/Test(Long|Integer)UnsignedDivMod.java on aarch64 * JDK-8319973: AArch64: Save and restore FPCR in the call stub * JDK-8320192: SHAKE256 does not work correctly if n > = 137 * JDK-8320397: RISC-V:Avoid passing t0 as temp register to MacroAssembler:: cmpxchg_obj_header/cmpxchgptr * JDK-8320575: generic type information lost on mandated parameters of record's compact constructors * JDK-8320586: update manual test/jdk/TEST.groups * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple instructions * JDK-8320682: [AArch64] C1 compilation fails with "Field too big for insn" * JDK-8320892: AArch64: Restore FPU control state after JNI * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably trigger class unloading * JDK-8321470: ThreadLocal.nextHashCode can be static final * JDK-8321474: TestAutoCreateSharedArchiveUpgrade.java should be updated with JDK 21 * JDK-8321543: Update NSS to version 3.96 * JDK-8321550: Update several runtime/cds tests to use vm flags or mark as flagless * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile * JDK-8321940: Improve CDSHeapVerifier in handling of interned strings * JDK-8322166: Files.isReadable/isWritable/isExecutable expensive when file does not exist * JDK-8322754: click JComboBox when dialog about to close causes IllegalComponentStateException * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not match the order * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries * JDK-8323562: SaslInputStream.read() may return wrong value * JDK-8323688: C2: Fix UB of jlong overflow in PhaseIdealLoop::is_counted_loop() * JDK-8324841: PKCS11 tests still skip execution * JDK-8324861: Exceptions::wrap_dynamic_exception() doesn't have ResourceMark * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with UseLargePages * JDK-8325399: Add tests for virtual threads doing Selector operations * JDK-8325506: Ensure randomness is only read from provided SecureRandom object * JDK-8325525: Create jtreg test case for JDK-8325203 *JDK-8325610: CTW: Add StressIncrementalInlining to stress options * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java * JDK-8325851: Hide PassFailJFrame.Builder constructor * JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten instead of Deflater.getTotalOut * JDK-8326121: vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl failed with Full gc happened. Test was useless. * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests * JDK-8326898: NSK tests should listen on loopback addresses only * JDK-8327924: Simplify TrayIconScalingTest.java * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html to main program * JDK-8328242: Add a log area to the PassFailJFrame * JDK-8328303: 3 JDI tests timed out with UT enabled * JDK-8328379: Convert URLDragTest.html applet test to main * JDK-8328402: Implement pausing functionality for the PassFailJFrame * JDK-8328619: sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed with BindException: Address already in use * JDK-8328665: serviceability/jvmti/vthread/PopFrameTest failed with a timeout * JDK-8328723: IP Address error when client enables HTTPS endpoint check on server socket * JDK-8329353: ResolvedReferencesNotNullTest.java failed with Incorrect resolved references array, quxString should not be archived * JDK-8329533: TestCDSVMCrash fails on libgraal * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts method for essential options * JDK-8331393: AArch64: u32 _partial_subtype_ctr loaded/stored as 64 * JDK-8331864: Update Public Suffix List to 1cbd6e7 * JDK-8332112: Updatensk.share.Log to don't print summary during VM shutdown hook * JDK-8332340: Add JavacBench as a test case for CDS * JDK-8332461: ubsan : dependencies.cpp:906:3: runtime error: load of value 4294967295, which is not a valid value for type 'DepType' * JDK-8332724: x86 MacroAssembler may over-align code * JDK-8332777: Update JCStress test suite * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on macOS * JDK-8333098: ubsan: bytecodeInfo.cpp:318:59: runtime error: division by zero * JDK-8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use finalization * JDK-8333144: docker tests do not work when ubsan is configured * JDK-8333235: vmTestbase/nsk/jdb/kill/kill001/kill001.java fails with C1 * JDK-8333248: VectorGatherMaskFoldingTest.java failed when maximum vector bits is 64 * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java failed with: Invalid ECDH ServerKeyExchange signature * JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java is failing on Japanese Windows * JDK-8333728: ubsan: shenandoahFreeSet.cpp:1347:24: runtime error: division by zero * JDK-8333754: Add a Test against ECDSA and ECDH NIST Test vector * JDK-8333824: Unused ClassValue in VarHandles * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed in testWakeupDuringSelect * JDK-8334475: UnsafeIntrinsicsTest.java#ZGenerationalDebug assert(!assert_on_failure) failed: Has low-order bits set * JDK-8334560: [PPC64]: postalloc_expand_java_dynamic_call_sched does not copy all fields * JDK-8334562: Automate com/sun/security/auth/callback/TextCallbackHandler/Default.java test * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling * JDK-8334719: (se) Deferred close of SelectableChannel may result in a Selector doingthe final close before concurrent I/O on channel has completed * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times out with -Xcomp * JDK-8335172: Add manual steps to run security/auth/callback/TextCallbackHandler/Password.java test * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to compile * JDK-8335428: Enhanced Building of Processes * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content different at byte ... * JDK-8335530: Java file extension missing in AuthenticatorTest * JDK-8335664: Parsing jsr broken: assert(bci> = 0 && bci < c-> method()-> code_size()) failed: index out of bounds * JDK-8335709: C2: assert(!loop-> is_member(get_loop(useblock))) failed: must be outside loop * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java fails with java.lang.ArithmeticException * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app name * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check is calculator process is alive * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and GdkPixbuf * JDK-8336564: Enhance mask blit functionality redux * JDK-8336640: Shenandoah: Parallel worker use in parallel_heap_region_iterate * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with /manual and /timeout * JDK-8336911: ZGC: Division by zero in heuristics after JDK-8332717 * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string returns wrong result * JDK-8337067: Test runtime/classFileParserBug/Bad_NCDFE_Msg.java won't compile * JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland * JDK-8337331: crash: pinned virtual thread will leadto jvm crash when running with the javaagent option * JDK-8337410: The makefiles should set problemlist and adjust timeout basing on the given VM flags * JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on Windows * JDK-8337826: Improve logging in OCSPTimeout and SimpleOCSPResponder to help diagnose JDK-8309754 * JDK-8337851: Some tests have name which confuse jtreg * JDK-8337876: [IR Framework] Add support for IR tests with @Stable * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on older docker releases * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned after JDK-8338058 * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate in ProblemList * JDK-8338110: Exclude Fingerprinter::do_type from ubsan checks * JDK-8338112: Test testlibrary_tests/ir_framework/tests/TestPrivilegedMode.java fails with release build * JDK-8338344: Test TestPrivilegedMode.java intermittent fails java.lang.NoClassDefFoundError: jdk/test/lib/Platform * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface to listen for connections * JDK-8338389: [JFR] Long strings should be added to the string pool * JDK-8338402: GHA: some of bundles may not get removed * JDK-8338449: ubsan: division by zero in sharedRuntimeTrans.cpp * JDK-8338550: Do libubsan1 installation in test container only if requested * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find symbol after JDK-8299813 * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2 * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java * JDK-8338924: C1: assert(0
Jan 29, 2025
SuSE
202
security advisorymoderatesecurity updateopenSUSE Leap 15.6: SUSE-SU-2025:0279-1 moderate: java-21-openjdk
An update that solves one vulnerability can now be installed.. # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:0279-1 Release Date: 2025-01-28T23:47:05Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows * JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect * JDK-8195675: Call to insertText with single character from custom Input Method ignored * JDK-8207908: JMXStatusTest.java fails assertion intermittently * JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully stopped without starting listening" * JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox * JDK-8296787: Unify debug printing format of X.509 cert serial numbers * JDK-8296972: [macos13] java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java: getExtendedState() != 6 as expected. * JDK-8306446:java/lang/management/ThreadMXBean/Locks.java transient failures * JDK-8308429: jvmti/StopThread/stopthrd007 failed with "NoClassDefFoundError: Could not initialize class jdk.internal.misc.VirtualThreads" * JDK-8309218: java/util/concurrent/locks/Lock/OOMEInAQS.java still times out with ZGC, Generational ZGC, and SerialGC * JDK-8311301: MethodExitTest may fail with stack buffer overrun * JDK-8311656: Shenandoah: Unused ShenandoahSATBAndRemarkThreadsClosure::_claim_token * JDK-8312518: [macos13] setFullScreenWindow() shows black screen on macOS 13 & above * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le * JDK-8315701: [macos] Regression: KeyEvent has different keycode on different keyboard layouts * JDK-8316428: G1: Nmethod count statistics only count last code root set iterated * JDK-8316893: Compile without -fno-delete-null-pointer-checks * JDK-8316895: SeenThread::print_action_queue called on a null pointer * JDK-8316907: Fix nonnull-compare warnings * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame * JDK-8317575: AArch64: C2_MacroAssembler::fast_lock uses rscratch1 for cmpxchg result * JDK-8318105: [jmh] the test java.security.HSS failed with 2 active threads * JDK-8318442: java/net/httpclient/ManyRequests2.java fails intermittently on Linux * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not conform to the javadoc and may leak DateTimeException * JDK-8319673: Few security tests ignore VM flags * JDK-8319678: Several tests from corelibs areas ignore VM flags * JDK-8319960: RISC-V: compiler/intrinsics/TestInteger/LongUnsignedDivMod.java failed with "counts: Graph contains wrong number of nodes" * JDK-8319970: AArch64: enable tests compiler/intrinsics/Test(Long|Integer)UnsignedDivMod.java on aarch64 * JDK-8319973: AArch64: Save and restore FPCR in the call stub * JDK-8320192: SHAKE256 does not workcorrectly if n > = 137 * JDK-8320397: RISC-V: Avoid passing t0 as temp register to MacroAssembler:: cmpxchg_obj_header/cmpxchgptr * JDK-8320575: generic type information lost on mandated parameters of record's compact constructors * JDK-8320586: update manual test/jdk/TEST.groups * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple instructions * JDK-8320682: [AArch64] C1 compilation fails with "Field too big for insn" * JDK-8320892: AArch64: Restore FPU control state after JNI * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably trigger class unloading * JDK-8321470: ThreadLocal.nextHashCode can be static final * JDK-8321474: TestAutoCreateSharedArchiveUpgrade.java should be updated with JDK 21 * JDK-8321543: Update NSS to version 3.96 * JDK-8321550: Update several runtime/cds tests to use vm flags or mark as flagless * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile * JDK-8321940: Improve CDSHeapVerifier in handling of interned strings * JDK-8322166: Files.isReadable/isWritable/isExecutable expensive when file does not exist * JDK-8322754: click JComboBox when dialog about to close causes IllegalComponentStateException * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not match the order * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries * JDK-8323562: SaslInputStream.read() may return wrong value * JDK-8323688: C2: Fix UB of jlong overflow in PhaseIdealLoop::is_counted_loop() * JDK-8324841: PKCS11 tests still skip execution * JDK-8324861: Exceptions::wrap_dynamic_exception() doesn't have ResourceMark * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with UseLargePages * JDK-8325399: Add tests for virtual threads doing Selector operations * JDK-8325506: Ensure randomness is only read from provided SecureRandom object *JDK-8325525: Create jtreg test case for JDK-8325203 * JDK-8325610: CTW: Add StressIncrementalInlining to stress options * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java * JDK-8325851: Hide PassFailJFrame.Builder constructor * JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten instead of Deflater.getTotalOut * JDK-8326121: vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl failed with Full gc happened. Test was useless. * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests * JDK-8326898: NSK tests should listen on loopback addresses only * JDK-8327924: Simplify TrayIconScalingTest.java * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html to main program * JDK-8328242: Add a log area to the PassFailJFrame * JDK-8328303: 3 JDI tests timed out with UT enabled * JDK-8328379: Convert URLDragTest.html applet test to main * JDK-8328402: Implement pausing functionality for the PassFailJFrame * JDK-8328619: sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed with BindException: Address already in use * JDK-8328665: serviceability/jvmti/vthread/PopFrameTest failed with a timeout * JDK-8328723: IP Address error when client enables HTTPS endpoint check on server socket * JDK-8329353: ResolvedReferencesNotNullTest.java failed with Incorrect resolved references array, quxString should not be archived * JDK-8329533: TestCDSVMCrash fails on libgraal * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts method for essential options * JDK-8331393: AArch64: u32 _partial_subtype_ctr loaded/stored as 64 * JDK-8331864: UpdatePublic Suffix List to 1cbd6e7 * JDK-8332112: Update nsk.share.Log to don't print summary during VM shutdown hook * JDK-8332340: Add JavacBench as a test case for CDS * JDK-8332461: ubsan : dependencies.cpp:906:3: runtime error: load of value 4294967295, which is not a valid value for type 'DepType' * JDK-8332724: x86 MacroAssembler may over-align code * JDK-8332777: Update JCStress test suite * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on macOS * JDK-8333098: ubsan: bytecodeInfo.cpp:318:59: runtime error: division by zero * JDK-8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use finalization * JDK-8333144: docker tests do not work when ubsan is configured * JDK-8333235: vmTestbase/nsk/jdb/kill/kill001/kill001.java fails with C1 * JDK-8333248: VectorGatherMaskFoldingTest.java failed when maximum vector bits is 64 * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java failed with: Invalid ECDH ServerKeyExchange signature * JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java is failing on Japanese Windows * JDK-8333728: ubsan: shenandoahFreeSet.cpp:1347:24: runtime error: division by zero * JDK-8333754: Add a Test against ECDSA and ECDH NIST Test vector * JDK-8333824: Unused ClassValue in VarHandles * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed in testWakeupDuringSelect * JDK-8334475: UnsafeIntrinsicsTest.java#ZGenerationalDebug assert(!assert_on_failure) failed: Has low-order bits set * JDK-8334560: [PPC64]: postalloc_expand_java_dynamic_call_sched does not copy all fields * JDK-8334562: Automate com/sun/security/auth/callback/TextCallbackHandler/Default.java test * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling * JDK-8334719: (se) Deferred closeof SelectableChannel may result in a Selector doing the final close before concurrent I/O on channel has completed * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times out with -Xcomp * JDK-8335172: Add manual steps to run security/auth/callback/TextCallbackHandler/Password.java test * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to compile * JDK-8335428: Enhanced Building of Processes * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content different at byte ... * JDK-8335530: Java file extension missing in AuthenticatorTest * JDK-8335664: Parsing jsr broken: assert(bci> = 0 && bci < c-> method()-> code_size()) failed: index out of bounds * JDK-8335709: C2: assert(!loop-> is_member(get_loop(useblock))) failed: must be outside loop * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java fails with java.lang.ArithmeticException * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app name * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check is calculator process is alive * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and GdkPixbuf * JDK-8336564: Enhance mask blit functionality redux * JDK-8336640: Shenandoah: Parallel worker use in parallel_heap_region_iterate * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with /manual and /timeout * JDK-8336911: ZGC: Division by zero in heuristics after JDK-8332717 * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string returns wrong result * JDK-8337067: Test runtime/classFileParserBug/Bad_NCDFE_Msg.java won't compile * JDK-8337320: Update ProblemList.txt with tests known to fail onXWayland * JDK-8337331: crash: pinned virtual thread will lead to jvm crash when running with the javaagent option * JDK-8337410: The makefiles should set problemlist and adjust timeout basing on the given VM flags * JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on Windows * JDK-8337826: Improve logging in OCSPTimeout and SimpleOCSPResponder to help diagnose JDK-8309754 * JDK-8337851: Some tests have name which confuse jtreg * JDK-8337876: [IR Framework] Add support for IR tests with @Stable * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on older docker releases * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned after JDK-8338058 * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate in ProblemList * JDK-8338110: Exclude Fingerprinter::do_type from ubsan checks * JDK-8338112: Test testlibrary_tests/ir_framework/tests/TestPrivilegedMode.java fails with release build * JDK-8338344: Test TestPrivilegedMode.java intermittent fails java.lang.NoClassDefFoundError: jdk/test/lib/Platform * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface to listen for connections * JDK-8338389: [JFR] Long strings should be added to the string pool * JDK-8338402: GHA: some of bundles may not get removed * JDK-8338449: ubsan: division by zero in sharedRuntimeTrans.cpp * JDK-8338550: Do libubsan1 installation in test container only if requested * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find symbol after JDK-8299813 * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2 * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java * JDK-8338924: C1: assert(0
Jan 29, 2025
OpenSUSE
100
security advisorymoderateupdateSUSE Linux 12 SP5: SUSE-SU-2025:0235-1 moderate: java-11-openjdk fix
* bsc#1236278 Cross-References: * CVE-2025-21502 . # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:0235-1 Release Date: 2025-01-24T16:34:34Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts * JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java fails on linux-x64 * JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only * JDK-8247706: Unintentional use of new Date(year...) with absolute year * JDK-8299254: Support dealing with standard assert macro * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8328300: Convert PrintDialogsTest.java from Applet to main program * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8334332: TestIOException.java fails if run by root * JDK-8335428: Enhanced Building ofProcesses * JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336564: Enhance mask blit functionality redux * JDK-8338402: GHA: some of bundles may not get removed * JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26 * JDK-8339180: Enhanced Building of Processes: Follow-on Issue * JDK-8339470: [17u] More defensive fix for 8163921 * JDK-8339637: (tz) Update Timezone Data to 2024b * JDK-8339644: Improve parsing of Day/Month in tzdata rules * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names * JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1 * JDK-8340815: Add SECURITY.md file * JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compile fails * JDK-8342629: [11u] Properly message out that shenandoah is disabled * JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.26 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-235=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-235=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.26.0-3.84.1 * java-11-openjdk-headless-11.0.26.0-3.84.1 * java-11-openjdk-11.0.26.0-3.84.1 * java-11-openjdk-demo-11.0.26.0-3.84.1 * java-11-openjdk-devel-11.0.26.0-3.84.1 * java-11-openjdk-debugsource-11.0.26.0-3.84.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-11-openjdk-debuginfo-11.0.26.0-3.84.1 * java-11-openjdk-headless-11.0.26.0-3.84.1 * java-11-openjdk-11.0.26.0-3.84.1 * java-11-openjdk-demo-11.0.26.0-3.84.1 * java-11-openjdk-devel-11.0.26.0-3.84.1 * java-11-openjdk-debugsource-11.0.26.0-3.84.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21502.html * https://bugzilla.suse.com/show_bug.cgi?id=1236278 . A recent patch for java-11-openjdk improves list processing and addresses various bugs. Announcement ID: SUSE-SU-2025:0301-1.. java update,SUSE Linux,security advisory,update,openjdk. . LinuxSecurity.com Team
Jan 24, 2025
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!