openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1490-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2025.1490.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:1490-1)

Resumen: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.

Vulnerability Insight:
This update for java-17-openjdk fixes the following issues:

Update to upstream tag jdk-17.0.15+6 (April 2025 CPU)

CVEs:

+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)

Changes:

+ JDK-6355567: AdobeMarkerSegment causes failure to read
valid JPEG
+ JDK-8065099: [macos] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java fails: no background shine
through
+ JDK-8179502: Enhance OCSP, CRL and Certificate Fetch
Timeouts
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac
+ JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java throws NPE
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or
RGB tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details
button in FileChooser Dialog
+ JDK-8266435: WBMPImageReader.read() should not truncate
the input stream
+ JDK-8267893: Improve jtreg test failure handler do get
native/mixed stack traces for cores and live processes
+ JDK-8270961: [TESTBUG] Move GotWrongOOMEException into
vm.share.gc package
+ JDK-8274893: Update java.desktop classes to use
try-with-resources
+ JDK-8276202: LogFileOutput.invalid_file_vm asserts when
being executed from a read only working directory
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8281234: The -protected option is not always checked
in keytool and jarsigner
+ JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may
leak memory
+ JDK-8283387: [macos] a11y : Screen magnifier does not
show selected Tab
+ JDK-8283404: [macos] a11y : Screen magnifier does not
show JMenu name
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent
always returns 'true'
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8290400: Must run exe installers in jpackage jtreg
tests without UI
+ JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/
/MultiScreenLocationTest.java: Robot.mouseMove test failed on
Screen #0
+ JDK-8292704: sun/security/tools/jarsigner/compatibility/
/Compatibility.java use wrong key size for EC
+ JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8
with hard-coded isOel7
+ JDK-8293345: SunPKCS11 provider checks on PKCS11
Mechanism are problematic
+ JDK-8293412: Remove unnecessary java.security.egd
overrides
+ JDK-8294067: [macOS] javax/swing/JComboBox/6559152/
/bug6559152.java Cannot select an item from popup with ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-17-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-21587
Common Vulnerability Exposure (CVE) ID: CVE-2025-30691
Common Vulnerability Exposure (CVE) ID: CVE-2025-30698

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2025.1490.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:1490-1)
Resumen:	The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory. Vulnerability Insight: This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 (April 2025 CPU) CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) + CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG + JDK-8065099: [macos] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java fails: no background shine through + JDK-8179502: Enhance OCSP, CRL and Certificate Fetch Timeouts + JDK-8198237: [macos] Test java/awt/Frame/ /ExceptionOnSetExtendedStateTest/ /ExceptionOnSetExtendedStateTest.java fails + JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac + JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java throws NPE + JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB tab in JColorChooser + JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in FileChooser Dialog + JDK-8266435: WBMPImageReader.read() should not truncate the input stream + JDK-8267893: Improve jtreg test failure handler do get native/mixed stack traces for cores and live processes + JDK-8270961: [TESTBUG] Move GotWrongOOMEException into vm.share.gc package + JDK-8274893: Update java.desktop classes to use try-with-resources + JDK-8276202: LogFileOutput.invalid_file_vm asserts when being executed from a read only working directory + JDK-8277240: java/awt/Graphics2D/ScaledTransform/ /ScaledTransform.java dialog does not get disposed + JDK-8281234: The -protected option is not always checked in keytool and jarsigner + JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may leak memory + JDK-8283387: [macos] a11y : Screen magnifier does not show selected Tab + JDK-8283404: [macos] a11y : Screen magnifier does not show JMenu name + JDK-8283664: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintTextTest.java + JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent always returns 'true' + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8290400: Must run exe installers in jpackage jtreg tests without UI + JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/ /MultiScreenLocationTest.java: Robot.mouseMove test failed on Screen #0 + JDK-8292704: sun/security/tools/jarsigner/compatibility/ /Compatibility.java use wrong key size for EC + JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8 with hard-coded isOel7 + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8293412: Remove unnecessary java.security.egd overrides + JDK-8294067: [macOS] javax/swing/JComboBox/6559152/ /bug6559152.java Cannot select an item from popup with ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-17-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21587 Common Vulnerability Exposure (CVE) ID: CVE-2025-30691 Common Vulnerability Exposure (CVE) ID: CVE-2025-30698
Copyright	Copyright (C) 2025 Greenbone AG