openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:0339-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.857033

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:0339-1)

Resumen: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.

Vulnerability Insight:
- CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

- JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color
- JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect
- JDK-8071693: Introspector ignores default interface methods
- JDK-8195675: Call to insertText with single character from custom Input Method ignored
- JDK-8202926: Test java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html fails
- JDK-8207908: JMXStatusTest.java fails assertion intermittently
- JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly.
- JDK-8240343: JDI stopListening/stoplis001 'FAILED: listening is successfully stopped without starting listening'
- JDK-8254759: [TEST_BUG] [macosx] javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails
- JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with 'RuntimeException: Could not find class leak'
- JDK-8268364: jmethod clearing should be done during unloading
- JDK-8269770: nsk tests should start IOPipe channel before launch debuggee - Debugee.prepareDebugee
- JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than O_BUFLEN
- JDK-8271456: Avoid looking up standard charsets in 'java.desktop' module
- JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM flags
- JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM flags
- JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release VMs
- JDK-8272746: ZipFile can't open big file (NegativeArraySizeException)
- JDK-8273914: Indy string concat changes order of operations
- JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution
- JDK-8274505: Too weak variable type leads to unnecessary cast in java.desktop
- JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with 'SocketTimeoutException: Read timed out'
- JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime test
- JDK-8280131: jcmd reports 'Module jdk.jfr not found.' when 'jdk.management.jfr' is missing
- JDK-8281379: Assign package declarations to all jtreg test cases under gc
- JDK-8282578: AIOOBE in javax.sound.sampled.Clip
- JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox
- JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java timeouts
- JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11
- JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie problem
- JDK-8286160: (fs) Files.exists returns unexpected results with C:\pagefile.sys because it's not readable
- JDK-8287003: InputStreamReader::read() can return zero despite writing a char in the buffer
- JDK-8288976: classfile parser 'wrong name' error message has the names the wrong way around
- ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-17-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-21502

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.857033
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:0339-1)
Resumen:	The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory. Vulnerability Insight: - CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: - JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color - JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect - JDK-8071693: Introspector ignores default interface methods - JDK-8195675: Call to insertText with single character from custom Input Method ignored - JDK-8202926: Test java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html fails - JDK-8207908: JMXStatusTest.java fails assertion intermittently - JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. - JDK-8240343: JDI stopListening/stoplis001 'FAILED: listening is successfully stopped without starting listening' - JDK-8254759: [TEST_BUG] [macosx] javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails - JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with 'RuntimeException: Could not find class leak' - JDK-8268364: jmethod clearing should be done during unloading - JDK-8269770: nsk tests should start IOPipe channel before launch debuggee - Debugee.prepareDebugee - JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than O_BUFLEN - JDK-8271456: Avoid looking up standard charsets in 'java.desktop' module - JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM flags - JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM flags - JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release VMs - JDK-8272746: ZipFile can't open big file (NegativeArraySizeException) - JDK-8273914: Indy string concat changes order of operations - JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution - JDK-8274505: Too weak variable type leads to unnecessary cast in java.desktop - JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with 'SocketTimeoutException: Read timed out' - JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime test - JDK-8280131: jcmd reports 'Module jdk.jfr not found.' when 'jdk.management.jfr' is missing - JDK-8281379: Assign package declarations to all jtreg test cases under gc - JDK-8282578: AIOOBE in javax.sound.sampled.Clip - JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox - JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java timeouts - JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11 - JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie problem - JDK-8286160: (fs) Files.exists returns unexpected results with C:\pagefile.sys because it's not readable - JDK-8287003: InputStreamReader::read() can return zero despite writing a char in the buffer - JDK-8288976: classfile parser 'wrong name' error message has the names the wrong way around - ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-17-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21502
Copyright	Copyright (C) 2025 Greenbone AG