openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1429-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2025.1429.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:1429-1)

Resumen: The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2025:1429-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2025:1429-1 advisory.

Vulnerability Insight:
This update for java-21-openjdk fixes the following issues:

Update to upstream tag jdk-21.0.7+6 (April 2025 CPU)

CVEs fixed:

+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)

Changes:

+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/
/StressLoopback.java times out (aix)
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB
tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in
FileChooser Dialog
+ JDK-8227529: With malformed --app-image the error messages
are awful
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism
are problematic
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295159: DSO created with -ffast-math breaks Java
floating-point arithmetic
+ JDK-8302111: Serialization considerations
+ JDK-8304701: Request with timeout aborts later in-flight
request on HTTP/1.1 cxn
+ JDK-8309841: Jarsigner should print a warning if an entry is
removed
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/
/TestDependencyOffsets.java fails on 512-bit SVE
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with java.lang.RuntimeException:
wrong next drop action!
+ JDK-8313905: Checked_cast assert in CDS compare_by_loader
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails
with java.lang.AssertionError: Expected [0]. Actual [1618]:
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-21-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-21587
Common Vulnerability Exposure (CVE) ID: CVE-2025-30691
Common Vulnerability Exposure (CVE) ID: CVE-2025-30698

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2025.1429.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:1429-1)
Resumen:	The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2025:1429-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2025:1429-1 advisory. Vulnerability Insight: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.7+6 (April 2025 CPU) CVEs fixed: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) + CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-8198237: [macos] Test java/awt/Frame/ /ExceptionOnSetExtendedStateTest/ /ExceptionOnSetExtendedStateTest.java fails + JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/ /StressLoopback.java times out (aix) + JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB tab in JColorChooser + JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in FileChooser Dialog + JDK-8227529: With malformed --app-image the error messages are awful + JDK-8277240: java/awt/Graphics2D/ScaledTransform/ /ScaledTransform.java dialog does not get disposed + JDK-8283664: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintTextTest.java + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8294316: SA core file support is broken on macosx-x64 starting with macOS 12.x + JDK-8295159: DSO created with -ffast-math breaks Java floating-point arithmetic + JDK-8302111: Serialization considerations + JDK-8304701: Request with timeout aborts later in-flight request on HTTP/1.1 cxn + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8311546: Certificate name constraints improperly validated with leading period + JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/ /TestDependencyOffsets.java fails on 512-bit SVE + JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/ /NextDropActionTest.java fails with java.lang.RuntimeException: wrong next drop action! + JDK-8313905: Checked_cast assert in CDS compare_by_loader + JDK-8314752: Use google test string comparison macros + JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails with java.lang.AssertionError: Expected [0]. Actual [1618]: + JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/ /ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java timed out + JDK-8315825: Open some swing tests + JDK-8315882: Open some swing tests 2 + JDK-8315883: Open source several Swing JToolbar tests + JDK-8315952: Open source several Swing JToolbar JTooltip JTree tests + JDK-8316056: Open source several Swing JTree tests + JDK-8316146: Open some swing tests 4 + JDK-8316149: Open source several Swing JTree JViewport KeyboardManager tests + JDK-8316218: Open some swing tests 5 + JDK-8316371: Open some swing tests 6 + JDK-8316627: JViewport Test headless failure + JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-21-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21587 Common Vulnerability Exposure (CVE) ID: CVE-2025-30691 Common Vulnerability Exposure (CVE) ID: CVE-2025-30698
Copyright	Copyright (C) 2025 Greenbone AG