openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1490-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.18.2.2025.1490.1

Category: openSUSE Local Security Checks

Title: openSUSE Security Advisory (SUSE-SU-2025:1490-1)

Summary: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.

Description: Summary:
The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.

Vulnerability Insight:
This update for java-17-openjdk fixes the following issues:

Update to upstream tag jdk-17.0.15+6 (April 2025 CPU)

CVEs:

+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)

Changes:

+ JDK-6355567: AdobeMarkerSegment causes failure to read
valid JPEG
+ JDK-8065099: [macos] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java fails: no background shine
through
+ JDK-8179502: Enhance OCSP, CRL and Certificate Fetch
Timeouts
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac
+ JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java throws NPE
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or
RGB tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details
button in FileChooser Dialog
+ JDK-8266435: WBMPImageReader.read() should not truncate
the input stream
+ JDK-8267893: Improve jtreg test failure handler do get
native/mixed stack traces for cores and live processes
+ JDK-8270961: [TESTBUG] Move GotWrongOOMEException into
vm.share.gc package
+ JDK-8274893: Update java.desktop classes to use
try-with-resources
+ JDK-8276202: LogFileOutput.invalid_file_vm asserts when
being executed from a read only working directory
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8281234: The -protected option is not always checked
in keytool and jarsigner
+ JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may
leak memory
+ JDK-8283387: [macos] a11y : Screen magnifier does not
show selected Tab
+ JDK-8283404: [macos] a11y : Screen magnifier does not
show JMenu name
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent
always returns 'true'
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8290400: Must run exe installers in jpackage jtreg
tests without UI
+ JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/
/MultiScreenLocationTest.java: Robot.mouseMove test failed on
Screen #0
+ JDK-8292704: sun/security/tools/jarsigner/compatibility/
/Compatibility.java use wrong key size for EC
+ JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8
with hard-coded isOel7
+ JDK-8293345: SunPKCS11 provider checks on PKCS11
Mechanism are problematic
+ JDK-8293412: Remove unnecessary java.security.egd
overrides
+ JDK-8294067: [macOS] javax/swing/JComboBox/6559152/
/bug6559152.java Cannot select an item from popup with ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-17-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2025-21587
Common Vulnerability Exposure (CVE) ID: CVE-2025-30691
Common Vulnerability Exposure (CVE) ID: CVE-2025-30698

Copyright Copyright (C) 2025 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.18.2.2025.1490.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2025:1490-1)
Summary:	The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory.
Description:	Summary: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:1490-1 advisory. Vulnerability Insight: This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 (April 2025 CPU) CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274) + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275) + CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276) Changes: + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG + JDK-8065099: [macos] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java fails: no background shine through + JDK-8179502: Enhance OCSP, CRL and Certificate Fetch Timeouts + JDK-8198237: [macos] Test java/awt/Frame/ /ExceptionOnSetExtendedStateTest/ /ExceptionOnSetExtendedStateTest.java fails + JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac + JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/ /NonOpaquePopupMenuTest.java throws NPE + JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB tab in JColorChooser + JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in FileChooser Dialog + JDK-8266435: WBMPImageReader.read() should not truncate the input stream + JDK-8267893: Improve jtreg test failure handler do get native/mixed stack traces for cores and live processes + JDK-8270961: [TESTBUG] Move GotWrongOOMEException into vm.share.gc package + JDK-8274893: Update java.desktop classes to use try-with-resources + JDK-8276202: LogFileOutput.invalid_file_vm asserts when being executed from a read only working directory + JDK-8277240: java/awt/Graphics2D/ScaledTransform/ /ScaledTransform.java dialog does not get disposed + JDK-8281234: The -protected option is not always checked in keytool and jarsigner + JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may leak memory + JDK-8283387: [macos] a11y : Screen magnifier does not show selected Tab + JDK-8283404: [macos] a11y : Screen magnifier does not show JMenu name + JDK-8283664: Remove jtreg tag manual=yesno for java/awt/print/PrinterJob/PrintTextTest.java + JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent always returns 'true' + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8290400: Must run exe installers in jpackage jtreg tests without UI + JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/ /MultiScreenLocationTest.java: Robot.mouseMove test failed on Screen #0 + JDK-8292704: sun/security/tools/jarsigner/compatibility/ /Compatibility.java use wrong key size for EC + JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8 with hard-coded isOel7 + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8293412: Remove unnecessary java.security.egd overrides + JDK-8294067: [macOS] javax/swing/JComboBox/6559152/ /bug6559152.java Cannot select an item from popup with ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-17-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21587 Common Vulnerability Exposure (CVE) ID: CVE-2025-30691 Common Vulnerability Exposure (CVE) ID: CVE-2025-30698
Copyright	Copyright (C) 2025 Greenbone AG