openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1525-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.18.2.2025.1525.1

Category: openSUSE Local Security Checks

Title: openSUSE Security Advisory (SUSE-SU-2025:1525-1)

Summary: The remote host is missing an update for the 'java-1_8_0-openjdk' package(s) announced via the SUSE-SU-2025:1525-1 advisory.

Description: Summary:
The remote host is missing an update for the 'java-1_8_0-openjdk' package(s) announced via the SUSE-SU-2025:1525-1 advisory.

Vulnerability Insight:
This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u452 (icedtea-3.35.0)

Security issues fixed:

- CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component.
(bsc#1241274)
- CVE-2025-30691: unauthorized update, insert or delete access to a subset of Oracle Java SE data through the Compiler
component. (bsc#1241275)
- CVE-2025-30698: unauthorized access to Oracle Java SE data and unauthorized ability to cause partial DoS through the
2D component. (bsc#1241276)

Non-security issues fixed:

- JDK-8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException:
Tag mismatch.
- JDK-8261020: wrong format parameter in create_emergency_chunk_path.
- JDK-8266881: enable debug log for SSLEngineExplorerMatchedSNI.java.
- JDK-8268457: XML Transformer outputs Unicode supplementary character incorrectly to HTML.
- JDK-8309841: Jarsigner should print a warning if an entry is removed.
- JDK-8337494: clarify JarInputStream behavior.
- JDK-8339637: (tz) update Timezone Data to 2024b.
- JDK-8339644: improve parsing of Day/Month in tzdata rules
- JDK-8339810: clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract.
- JDK-8340552: harden TzdbZoneRulesCompiler against missing zone names.
- JDK-8342562: enhance Deflater operations.
- JDK-8346587: distrust TLS server certificates anchored by Camerfirma Root CAs.
- JDK-8347847: enhance jar file support.
- JDK-8347965: (tz) update Timezone Data to 2025a.
- JDK-8348211: [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708.
- JDK-8350816: [8u] update TzdbZoneRulesCompiler to ignore HST/EST/MST links.
- JDK-8352097: (tz) zone.tab update missed in 2025a backport.
- JDK-8353433: XCG currency code not recognized in JDK 8u.

Affected Software/OS:
'java-1_8_0-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2025-21587
Common Vulnerability Exposure (CVE) ID: CVE-2025-30691
Common Vulnerability Exposure (CVE) ID: CVE-2025-30698

Copyright Copyright (C) 2025 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.18.2.2025.1525.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2025:1525-1)
Summary:	The remote host is missing an update for the 'java-1_8_0-openjdk' package(s) announced via the SUSE-SU-2025:1525-1 advisory.
Description:	Summary: The remote host is missing an update for the 'java-1_8_0-openjdk' package(s) announced via the SUSE-SU-2025:1525-1 advisory. Vulnerability Insight: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u452 (icedtea-3.35.0) Security issues fixed: - CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. (bsc#1241274) - CVE-2025-30691: unauthorized update, insert or delete access to a subset of Oracle Java SE data through the Compiler component. (bsc#1241275) - CVE-2025-30698: unauthorized access to Oracle Java SE data and unauthorized ability to cause partial DoS through the 2D component. (bsc#1241276) Non-security issues fixed: - JDK-8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch. - JDK-8261020: wrong format parameter in create_emergency_chunk_path. - JDK-8266881: enable debug log for SSLEngineExplorerMatchedSNI.java. - JDK-8268457: XML Transformer outputs Unicode supplementary character incorrectly to HTML. - JDK-8309841: Jarsigner should print a warning if an entry is removed. - JDK-8337494: clarify JarInputStream behavior. - JDK-8339637: (tz) update Timezone Data to 2024b. - JDK-8339644: improve parsing of Day/Month in tzdata rules - JDK-8339810: clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract. - JDK-8340552: harden TzdbZoneRulesCompiler against missing zone names. - JDK-8342562: enhance Deflater operations. - JDK-8346587: distrust TLS server certificates anchored by Camerfirma Root CAs. - JDK-8347847: enhance jar file support. - JDK-8347965: (tz) update Timezone Data to 2025a. - JDK-8348211: [8u] sun/management/jmxremote/startstop/JMXStartStopTest.java fails after backport of JDK-8066708. - JDK-8350816: [8u] update TzdbZoneRulesCompiler to ignore HST/EST/MST links. - JDK-8352097: (tz) zone.tab update missed in 2025a backport. - JDK-8353433: XCG currency code not recognized in JDK 8u. Affected Software/OS: 'java-1_8_0-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21587 Common Vulnerability Exposure (CVE) ID: CVE-2025-30691 Common Vulnerability Exposure (CVE) ID: CVE-2025-30698
Copyright	Copyright (C) 2025 Greenbone AG