suse-su-2024:1452-1
Vulnerability from csaf_suse
Published
2024-04-26 14:40
Modified
2024-04-26 14:40
Summary
Security update for java-11-openjdk
Notes
Title of the patch
Security update for java-11-openjdk
Description of the patch
This update for java-11-openjdk fixes the following issues:
- CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979)
- CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987)
- CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983)
- CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984)
- CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with 'Exceeded _node_regs array' (JDK-8317507,JDK-8325348,bsc#1222986)
Other fixes:
- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU)
* Security fixes
+ JDK-8318340: Improve RSA key implementations
* Other changes
+ JDK-6928542: Chinese characters in RTF are not decoded
+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/
/bug4517214.java fails on MacOS
+ JDK-7148092: [macosx] When Alt+down arrow key is pressed,
the combobox popup does not appear.
+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking
+ JDK-8054572: [macosx] JComboBox paints the border incorrectly
+ JDK-8058176: [mlvm] tests should not allow code cache
exhaustion
+ JDK-8067651: LevelTransitionTest.java, fix trivial methods
levels logic
+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005
intermittently times out
+ JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments
+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting
+ JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java
+ JDK-8169475: WheelModifier.java fails by timeout
+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh
to Java Jtreg Test
+ JDK-8186610: move ModuleUtils to top-level testlibrary
+ JDK-8192864: defmeth tests can hide failures
+ JDK-8193543: Regression automated test '/open/test/jdk/java/
/awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java'
fails
+ JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
/isexceeded001/TestDescription.java still failing
+ JDK-8202282: [TESTBUG] appcds TestCommon
.makeCommandLineForAppCDS() can be removed
+ JDK-8202790: DnD test DisposeFrameOnDragTest.java does not
clean up
+ JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/
/ChoicePopupLocation.java fails
+ JDK-8207211: [TESTBUG] Remove excessive output from
CDS/AppCDS tests
+ JDK-8207214: Broken links in JDK API serialized-form page
+ JDK-8207855: Make applications/jcstress invoke tests in
batches
+ JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/
/TestDescription.java fails in jdk/hs nightly
+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always
detected
+ JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails
in AUFS file system
+ JDK-8208699: remove unneeded imports from runtime tests
+ JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out
often in hs-tier7 testing
+ JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option
is not always required for appcds tests
+ JDK-8209549: remove VMPropsExt from TEST.ROOT
+ JDK-8209595: MonitorVmStartTerminate.java timed out
+ JDK-8209946: [TESTBUG] CDS tests should use '@run driver'
+ JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java
looks for libjsig in wrong location
+ JDK-8211978: Move testlibrary/jdk/testlibrary/
/SimpleSSLContext.java and testkeys to network testlibrary
+ JDK-8213622: Windows VS2013 build failure - ''snprintf':
identifier not found'
+ JDK-8213926: WB_EnqueueInitializerForCompilation requests
compilation for NULL
+ JDK-8213927: G1 ignores AlwaysPreTouch when
UseTransparentHugePages is enabled
+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr
modules
+ JDK-8214915: CtwRunner misses export for jdk.internal.access
+ JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws
NullPointerException
+ JDK-8217475: Unexpected StackOverflowError in 'process
reaper' thread
+ JDK-8218754: JDK-8068225 regression in JDIBreakpointTest
+ JDK-8219475: javap man page needs to be updated
+ JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/
/JMXInterfaceBindingTest.java passes trivially when it
shouldn't
+ JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper
.TestCaseImpl can't be defined in different runtime package as
its nest host
+ JDK-8225471: Test utility jdk.test.lib.util.FileUtils
.areAllMountPointsAccessible needs to tolerate duplicates
+ JDK-8226706: (se) Reduce the number of outer loop iterations
on Windows in java/nio/channels/Selector/RacyDeregister.java
+ JDK-8226905: unproblem list applications/ctw/modules/* tests
on windows
+ JDK-8226910: make it possible to use jtreg's -match via
run-test framework
+ JDK-8227438: [TESTLIB] Determine if file exists by
Files.exists in function FileUtils.deleteFileIfExistsWithRetry
+ JDK-8231585: java/lang/management/ThreadMXBean/
/MaxDepthForThreadInfoTest.java fails with
java.lang.NullPointerException
+ JDK-8232839: JDI AfterThreadDeathTest.java failed due to
'FAILED: Did not get expected IllegalThreadStateException on a
StepRequest.enable()'
+ JDK-8233453: MLVM deoptimize stress test timed out
+ JDK-8234309: LFGarbageCollectedTest.java fails with parse
Exception
+ JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails
+ JDK-8237777: 'Dumping core ...' is shown despite claiming
that '# No core dump will be written.'
+ JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java
failing with LDAP response read timeout
+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
+ JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails
+ JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001
failed due to '(IsSameObject#3) unexpected monitor object:
0x000000562336DBA8'
+ JDK-8246222: Rename javac test T6395981.java to be more
informative
+ JDK-8247818: GCC 10 warning stringop-overflow with symbol code
+ JDK-8249087: Always initialize _body[0..1] in Symbol
constructor
+ JDK-8251349: Add TestCaseImpl to
OverloadCompileQueueTest.java's build dependencies
+ JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/
/btree010.java fails with ClassNotFoundException:
nsk.sysdict.share.BTree0LLRLRLRRLR
+ JDK-8253543: sanity/client/SwingSet/src/
/ButtonDemoScreenshotTest.java failed with 'AssertionError:
All pixels are not black'
+ JDK-8253739: java/awt/image/MultiResolutionImage/
/MultiResolutionImageObserverTest.java fails
+ JDK-8253820: Save test images and dumps with timestamps from
client sanity suite
+ JDK-8255277: randomDelay in DrainDeadlockT and
LoggingDeadlock do not randomly delay
+ JDK-8255546: Missing coverage for
javax.smartcardio.CardPermission and ResponseAPDU
+ JDK-8255743: Relax SIGFPE match in in
runtime/ErrorHandling/SecondaryErrorTest.java
+ JDK-8257505: nsk/share/test/StressOptions stressTime is
scaled in getter but not when printed
+ JDK-8259801: Enable XML Signature secure validation mode by
default
+ JDK-8264135: UnsafeGetStableArrayElement should account for
different JIT implementation details
+ JDK-8265349: vmTestbase/../stress/compiler/deoptimize/
/Test.java fails with OOME due to CodeCache exhaustion.
+ JDK-8269025: jsig/Testjsig.java doesn't check exit code
+ JDK-8269077: TestSystemGC uses 'require vm.gc.G1' for large
pages subtest
+ JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java
doesn't check exit code
+ JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java
doesn't check exit code
+ JDK-8271828: mark hotspot runtime/classFileParserBug tests
which ignore external VM flags
+ JDK-8271829: mark hotspot runtime/Throwable tests which
ignore external VM flags
+ JDK-8271890: mark hotspot runtime/Dictionary tests which
ignore external VM flags
+ JDK-8272291: mark hotspot runtime/logging tests which ignore
external VM flags
+ JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn't
check exit codes
+ JDK-8272551: mark hotspot runtime/modules tests which ignore
external VM flags
+ JDK-8272552: mark hotspot runtime/cds tests which ignore
external VM flags
+ JDK-8273803: Zero: Handle 'zero' variant in
CommandLineOptionTest.java
+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java
fails in Windows 11
+ JDK-8274621: NullPointerException because listenAddress[0] is
null
+ JDK-8276796: gc/TestSystemGC.java large pages subtest fails
with ZGC
+ JDK-8280007: Enable Neoverse N1 optimizations for Arm
Neoverse V1 & N2
+ JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails
with java.lang.RuntimeException: values differ by more than
1GB
+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/
/ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java
from problemlist.
+ JDK-8281717: Cover logout method for several LoginModule
+ JDK-8282665: [REDO] ByteBufferTest.java: replace endless
recursion with RuntimeException in void ck(double x, double y)
+ JDK-8284090: com/sun/security/auth/module/AllPlatforms.java
fails to compile
+ JDK-8285756: clean up use of bad arguments for `@clean` in
langtools tests
+ JDK-8285785: CheckCleanerBound test fails with
PasswordCallback object is not released
+ JDK-8285867: Convert applet manual tests
SelectionVisible.java to Frame and automate
+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java fails on mac aarch64
+ JDK-8286969: Add a new test library API to execute kinit in
SecurityTools.java
+ JDK-8287113: JFR: Periodic task thread uses period for method
sampling events
+ JDK-8289511: Improve test coverage for XPath Axes: child
+ JDK-8289764: gc/lock tests failed with 'OutOfMemoryError:
Java heap space: failed reallocation of scalar replaced
objects'
+ JDK-8289948: Improve test coverage for XPath functions: Node
Set Functions
+ JDK-8290399: [macos] Aqua LAF does not fire an action event
if combo box menu is displayed
+ JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests
failed with 'isUsageThresholdExceeded() returned false, and is
still false, while threshold = MMMMMMM and used peak = NNNNNNN'
+ JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup
required permissions for jtreg version 7 jar
+ JDK-8292946: GC lock/jni/jnilock001 test failed
'assert(gch->gc_cause() == GCCause::_scavenge_alot ||
!gch->incremental_collection_failed()) failed: Twice in a row'
+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed
with 'RuntimeException: Retrieved backing PlatformLogger level
null is not the expected CONFIG'
+ JDK-8294158: HTML formatting for PassFailJFrame instructions
+ JDK-8294254: [macOS] javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java failure
+ JDK-8294402: Add diagnostic logging to
VMProps.checkDockerSupport
+ JDK-8294535: Add screen capture functionality to
PassFailJFrame
+ JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails
intermittently on a VM
+ JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
/AbstractDrbg/SpecTest.java intermittently timeout
+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java
failed: ExceptionInInitializerError: target class not found
+ JDK-8300269: The selected item in an editable JComboBox with
titled border is not visible in Aqua LAF
+ JDK-8300727: java/awt/List/ListGarbageCollectionTest/
/AwtListGarbageCollectionTest.java failed with 'List wasn't
garbage collected'
+ JDK-8301310: The SendRawSysexMessage test may cause a JVM
crash
+ JDK-8301377: adjust timeout for JLI
GetObjectSizeIntrinsicsTest.java subtest again
+ JDK-8301846: Invalid TargetDataLine after screen lock when
using JFileChooser or COM library
+ JDK-8302017: Allocate BadPaddingException only if it will be
thrown
+ JDK-8302109: Trivial fixes to btree tests
+ JDK-8302149: Speed up
compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java
+ JDK-8302607: increase timeout for
ContinuousCallSiteTargetChange.java
+ JDK-8304074: [JMX] Add an approximation of total bytes
allocated on the Java heap by the JVM
+ JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373
+ JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1
+ JDK-8305502: adjust timeouts in three more M&M tests
+ JDK-8305505: NPE in javazic compiler
+ JDK-8305972: Update XML Security for Java to 3.0.2
+ JDK-8306072: Open source several AWT MouseInfo related tests
+ JDK-8306076: Open source AWT misc tests
+ JDK-8306409: Open source AWT KeyBoardFocusManger,
LightWeightComponent related tests
+ JDK-8306640: Open source several AWT TextArea related tests
+ JDK-8306652: Open source AWT MenuItem related tests
+ JDK-8306681: Open source more AWT DnD related tests
+ JDK-8306683: Open source several clipboard and color AWT tests
+ JDK-8306752: Open source several container and component AWT
tests
+ JDK-8306753: Open source several container AWT tests
+ JDK-8306755: Open source few Swing JComponent and
AbstractButton tests
+ JDK-8306812: Open source several AWT Miscellaneous tests
+ JDK-8306871: Open source more AWT Drag & Drop tests
+ JDK-8306996: Open source Swing MenuItem related tests
+ JDK-8307123: Fix deprecation warnings in DPrinter
+ JDK-8307130: Open source few Swing JMenu tests
+ JDK-8307299: Move more DnD tests to open
+ JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing
JTableHeader tests
+ JDK-8307381: Open Source JFrame, JIF related Swing Tests
+ JDK-8307683: Loop Predication should not hoist range checks
with trap on success projection by negating their condition
+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC
while allocating
+ JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler
.compile does not close files
+ JDK-8308223: failure handler missed jcmd.vm.info command
+ JDK-8308232: nsk/jdb tests don't pass -verbose flag to the
debuggee
+ JDK-8308245: Add -proc:full to describe current default
annotation processing policy
+ JDK-8308336: Test java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use
+ JDK-8309104: [JVMCI] compiler/unsafe/
/UnsafeGetStableArrayElement test asserts wrong values with
Graal
+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton
predicates for all If nodes in loop predication
+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/
/agentthr001/TestDescription.java crashing due to empty while
loop
+ JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when
using second test directory
+ JDK-8309870: Using -proc:full should be considered requesting
explicit annotation processing
+ JDK-8310106: sun.security.ssl.SSLHandshake
.getHandshakeProducer() incorrectly checks handshakeConsumers
+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails
+ JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/
/interrupt001.java timed out due to missing prompt
+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
timed out
+ JDK-8311081: KeytoolReaderP12Test.java fail on localized
Windows platform
+ JDK-8311511: Improve description of NativeLibrary JFR event
+ JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java
+ JDK-8313081: MonitoringSupport_lock should be unconditionally
initialized after 8304074
+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in
makefiles
+ JDK-8313164: src/java.desktop/windows/native/libawt/windows/
/awt_Robot.cpp GetRGBPixels adjust releasing of resources
+ JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground
release resources in early returns
+ JDK-8313643: Update HarfBuzz to 8.2.2
+ JDK-8313816: Accessing jmethodID might lead to spurious
crashes
+ JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to
extra concurrent mark with -Xcomp
+ JDK-8314164: java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fails intermittently
in timeout
+ JDK-8314883:
Java_java_util_prefs_FileSystemPreferences_lockFile0 write
result errno in missing case
+ JDK-8315034: File.mkdirs() occasionally fails to create
folders on Windows shared folder
+ JDK-8315042: NPE in PKCS7.parseOldSignedData
+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some
cases
+ JDK-8315499: build using devkit on Linux ppc64le RHEL puts
path to devkit into libsplashscreen
+ JDK-8315594: Open source few headless Swing misc tests
+ JDK-8315600: Open source few more headless Swing misc tests
+ JDK-8315602: Open source swing security manager test
+ JDK-8315606: Open source few swing text/html tests
+ JDK-8315611: Open source swing text/html and tree test
+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should
run with -Xbatch
+ JDK-8315731: Open source several Swing Text related tests
+ JDK-8315761: Open source few swing JList and JMenuBar tests
+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/
/bug4654927.java: component must be showing on the screen to
determine its location
+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use
createTestJvm
+ JDK-8316028: Update FreeType to 2.13.2
+ JDK-8316030: Update Libpng to 1.6.40
+ JDK-8316106: Open source few swing JInternalFrame and
JMenuBar tests
+ JDK-8316461: Fix: make test outputs TEST SUCCESS after
unsuccessful exit
+ JDK-8316947: Write a test to check textArea triggers
MouseEntered/MouseExited events properly
+ JDK-8317307: test/jdk/com/sun/jndi/ldap/
/LdapPoolTimeoutTest.java fails with ConnectException:
Connection timed out: no further information
+ JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js
+ JDK-8318154: Improve stability of WheelModifier.java test
+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/
/BootClassPathTest.sh fails on Japanese Windows
+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails
with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1
+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java
+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni
tests
+ JDK-8318608: Enable parallelism in
vmTestbase/nsk/stress/threads tests
+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with
'transport error 202: bind failed: Address already in use'
+ JDK-8318889: C2: add bailout after assert Bad graph detected
in build_loop_late
+ JDK-8318951: Additional negative value check in JPEG decoding
+ JDK-8318955: Add ReleaseIntArrayElements in
Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to
early return
+ JDK-8318971: Better Error Handling for Jar Tool When
Processing Non-existent Files
+ JDK-8318983: Fix comment typo in PKCS12Passwd.java
+ JDK-8319124: Update XML Security for Java to 3.0.3
+ JDK-8319456: jdk/jfr/event/gc/collection/
/TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker
Initiated GC' not in the valid causes
+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh
+ JDK-8320001: javac crashes while adding type annotations to
the return type of a constructor
+ JDK-8320208: Update Public Suffix List to b5bf572
+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks
wrong, missed optimization opportunity
+ JDK-8320597: RSA signature verification fails on signed data
that does not encode params correctly
+ JDK-8320798: Console read line with zero out should zero out
underlying buffer
+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23
+ JDK-8320937: support latest VS2022 MSC_VER in
abstract_vm_version.cpp
+ JDK-8321151: JDK-8294427 breaks Windows L&F on all older
Windows versions
+ JDK-8321215: Incorrect x86 instruction encoding for VSIB
addressing mode
+ JDK-8321408: Add Certainly roots R1 and E1
+ JDK-8321480: ISO 4217 Amendment 176 Update
+ JDK-8322178: Error. can't find jdk.testlibrary
.SimpleSSLContext in test directory or libraries
+ JDK-8322417: Console read line with zero out should zero out
when throwing exception
+ JDK-8322725: (tz) Update Timezone Data to 2023d
+ JDK-8322750: Test 'api/java_awt/interactive/
/SystemTrayTests.html' failed because A blue ball icon is
added outside of the system tray
+ JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is
failing assert
+ JDK-8322772: Clean up code after JDK-8322417
+ JDK-8323008: filter out harmful -std* flags added by autoconf
from CXX
+ JDK-8323243: JNI invocation of an abstract instance method
corrupts the stack
+ JDK-8323515: Create test alias 'all' for all test roots
+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/
/platform/docker/TestDockerMemoryMetrics.java always fail
because OOM killed
+ JDK-8324184: Windows VS2010 build failed with 'error C2275:
'int64_t''
+ JDK-8324307: [11u] hotspot fails to build with GCC 12 and
newer (non-static data member initializers)
+ JDK-8324347: Enable 'maybe-uninitialized' warning for
FreeType 2.13.1
+ JDK-8324659: GHA: Generic jtreg errors are not reported
+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/
/AKISerialNumber.java is failing
+ JDK-8325150: (tz) Update Timezone Data to 2024a
+ JDK-8326109: GCC 13 reports maybe-uninitialized warnings for
jni.cpp with dtrace enabled
+ JDK-8326503: [11u] java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fail because of
package org.junit.jupiter.api does not exist
+ JDK-8327391: Add SipHash attribution file
+ JDK-8329837: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23
- Removed the possibility to use the system timezone-java (bsc#1213470).
Patchnames
SUSE-2024-1452,SUSE-SLE-SERVER-12-SP5-2024-1452
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-11-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-11-openjdk fixes the following issues:\n\n- CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979)\n- CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987)\n- CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) \n- CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) \n- CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with \u0027Exceeded _node_regs array\u0027 (JDK-8317507,JDK-8325348,bsc#1222986)\n\nOther fixes:\n- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU)\n * Security fixes\n + JDK-8318340: Improve RSA key implementations\n * Other changes\n + JDK-6928542: Chinese characters in RTF are not decoded\n + JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/\n /bug4517214.java fails on MacOS\n + JDK-7148092: [macosx] When Alt+down arrow key is pressed,\n the combobox popup does not appear.\n + JDK-8054022: HttpURLConnection timeouts with Expect:\n 100-Continue and no chunking\n + JDK-8054572: [macosx] JComboBox paints the border incorrectly\n + JDK-8058176: [mlvm] tests should not allow code cache\n exhaustion\n + JDK-8067651: LevelTransitionTest.java, fix trivial methods\n levels logic\n + JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005\n intermittently times out\n + JDK-8156889: ListKeychainStore.sh fails in some virtualized\n environments\n + JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps\n timeouting\n + JDK-8166554: Avoid compilation blocking in\n OverloadCompileQueueTest.java\n + JDK-8169475: WheelModifier.java fails by timeout\n + JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh\n to Java Jtreg Test\n + JDK-8186610: move ModuleUtils to top-level testlibrary\n + JDK-8192864: defmeth tests can hide failures\n + JDK-8193543: Regression automated test \u0027/open/test/jdk/java/\n /awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java\u0027\n fails\n + JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/\n /isexceeded001/TestDescription.java still failing\n + JDK-8202282: [TESTBUG] appcds TestCommon\n .makeCommandLineForAppCDS() can be removed\n + JDK-8202790: DnD test DisposeFrameOnDragTest.java does not\n clean up\n + JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/\n /ChoicePopupLocation.java fails\n + JDK-8207211: [TESTBUG] Remove excessive output from\n CDS/AppCDS tests\n + JDK-8207214: Broken links in JDK API serialized-form page\n + JDK-8207855: Make applications/jcstress invoke tests in\n batches\n + JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/\n /TestDescription.java fails in jdk/hs nightly\n + JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java\n .findDeadlock.INDIFY_Test Deadlocked threads are not always\n detected\n + JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails\n in AUFS file system\n + JDK-8208699: remove unneeded imports from runtime tests\n + JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out\n often in hs-tier7 testing\n + JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option\n is not always required for appcds tests\n + JDK-8209549: remove VMPropsExt from TEST.ROOT\n + JDK-8209595: MonitorVmStartTerminate.java timed out\n + JDK-8209946: [TESTBUG] CDS tests should use \u0027@run driver\u0027\n + JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java\n looks for libjsig in wrong location\n + JDK-8211978: Move testlibrary/jdk/testlibrary/\n /SimpleSSLContext.java and testkeys to network testlibrary\n + JDK-8213622: Windows VS2013 build failure - \u0027\u0027snprintf\u0027:\n identifier not found\u0027\n + JDK-8213926: WB_EnqueueInitializerForCompilation requests\n compilation for NULL\n + JDK-8213927: G1 ignores AlwaysPreTouch when\n UseTransparentHugePages is enabled\n + JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr\n modules\n + JDK-8214915: CtwRunner misses export for jdk.internal.access\n + JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws\n NullPointerException\n + JDK-8217475: Unexpected StackOverflowError in \u0027process\n reaper\u0027 thread\n + JDK-8218754: JDK-8068225 regression in JDIBreakpointTest\n + JDK-8219475: javap man page needs to be updated\n + JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/\n /JMXInterfaceBindingTest.java passes trivially when it\n shouldn\u0027t\n + JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper\n .TestCaseImpl can\u0027t be defined in different runtime package as\n its nest host\n + JDK-8225471: Test utility jdk.test.lib.util.FileUtils\n .areAllMountPointsAccessible needs to tolerate duplicates\n + JDK-8226706: (se) Reduce the number of outer loop iterations\n on Windows in java/nio/channels/Selector/RacyDeregister.java\n + JDK-8226905: unproblem list applications/ctw/modules/* tests\n on windows\n + JDK-8226910: make it possible to use jtreg\u0027s -match via\n run-test framework\n + JDK-8227438: [TESTLIB] Determine if file exists by\n Files.exists in function FileUtils.deleteFileIfExistsWithRetry\n + JDK-8231585: java/lang/management/ThreadMXBean/\n /MaxDepthForThreadInfoTest.java fails with\n java.lang.NullPointerException\n + JDK-8232839: JDI AfterThreadDeathTest.java failed due to\n \u0027FAILED: Did not get expected IllegalThreadStateException on a\n StepRequest.enable()\u0027\n + JDK-8233453: MLVM deoptimize stress test timed out\n + JDK-8234309: LFGarbageCollectedTest.java fails with parse\n Exception\n + JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/\n /AccessibleChoiceTest.java fails\n + JDK-8237777: \u0027Dumping core ...\u0027 is shown despite claiming\n that \u0027# No core dump will be written.\u0027\n + JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java\n failing with LDAP response read timeout\n + JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel\n + JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/\n /AccessibleChoiceTest.java fails\n + JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001\n failed due to \u0027(IsSameObject#3) unexpected monitor object:\n 0x000000562336DBA8\u0027\n + JDK-8246222: Rename javac test T6395981.java to be more\n informative\n + JDK-8247818: GCC 10 warning stringop-overflow with symbol code\n + JDK-8249087: Always initialize _body[0..1] in Symbol\n constructor\n + JDK-8251349: Add TestCaseImpl to\n OverloadCompileQueueTest.java\u0027s build dependencies\n + JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/\n /btree010.java fails with ClassNotFoundException:\n nsk.sysdict.share.BTree0LLRLRLRRLR\n + JDK-8253543: sanity/client/SwingSet/src/\n /ButtonDemoScreenshotTest.java failed with \u0027AssertionError:\n All pixels are not black\u0027\n + JDK-8253739: java/awt/image/MultiResolutionImage/\n /MultiResolutionImageObserverTest.java fails\n + JDK-8253820: Save test images and dumps with timestamps from\n client sanity suite\n + JDK-8255277: randomDelay in DrainDeadlockT and\n LoggingDeadlock do not randomly delay\n + JDK-8255546: Missing coverage for\n javax.smartcardio.CardPermission and ResponseAPDU\n + JDK-8255743: Relax SIGFPE match in in\n runtime/ErrorHandling/SecondaryErrorTest.java\n + JDK-8257505: nsk/share/test/StressOptions stressTime is\n scaled in getter but not when printed\n + JDK-8259801: Enable XML Signature secure validation mode by\n default\n + JDK-8264135: UnsafeGetStableArrayElement should account for\n different JIT implementation details\n + JDK-8265349: vmTestbase/../stress/compiler/deoptimize/\n /Test.java fails with OOME due to CodeCache exhaustion.\n + JDK-8269025: jsig/Testjsig.java doesn\u0027t check exit code\n + JDK-8269077: TestSystemGC uses \u0027require vm.gc.G1\u0027 for large\n pages subtest\n + JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java\n doesn\u0027t check exit code\n + JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java\n doesn\u0027t check exit code\n + JDK-8271828: mark hotspot runtime/classFileParserBug tests\n which ignore external VM flags\n + JDK-8271829: mark hotspot runtime/Throwable tests which\n ignore external VM flags\n + JDK-8271890: mark hotspot runtime/Dictionary tests which\n ignore external VM flags\n + JDK-8272291: mark hotspot runtime/logging tests which ignore\n external VM flags\n + JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn\u0027t\n check exit codes\n + JDK-8272551: mark hotspot runtime/modules tests which ignore\n external VM flags\n + JDK-8272552: mark hotspot runtime/cds tests which ignore\n external VM flags\n + JDK-8273803: Zero: Handle \u0027zero\u0027 variant in\n CommandLineOptionTest.java\n + JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java\n fails in Windows 11\n + JDK-8274621: NullPointerException because listenAddress[0] is\n null\n + JDK-8276796: gc/TestSystemGC.java large pages subtest fails\n with ZGC\n + JDK-8280007: Enable Neoverse N1 optimizations for Arm\n Neoverse V1 \u0026 N2\n + JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails\n with java.lang.RuntimeException: values differ by more than\n 1GB\n + JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/\n /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java\n from problemlist.\n + JDK-8281717: Cover logout method for several LoginModule\n + JDK-8282665: [REDO] ByteBufferTest.java: replace endless\n recursion with RuntimeException in void ck(double x, double y)\n + JDK-8284090: com/sun/security/auth/module/AllPlatforms.java\n fails to compile\n + JDK-8285756: clean up use of bad arguments for `@clean` in\n langtools tests\n + JDK-8285785: CheckCleanerBound test fails with\n PasswordCallback object is not released\n + JDK-8285867: Convert applet manual tests\n SelectionVisible.java to Frame and automate\n + JDK-8286846: test/jdk/javax/swing/plaf/aqua/\n /CustomComboBoxFocusTest.java fails on mac aarch64\n + JDK-8286969: Add a new test library API to execute kinit in\n SecurityTools.java\n + JDK-8287113: JFR: Periodic task thread uses period for method\n sampling events\n + JDK-8289511: Improve test coverage for XPath Axes: child\n + JDK-8289764: gc/lock tests failed with \u0027OutOfMemoryError:\n Java heap space: failed reallocation of scalar replaced\n objects\u0027\n + JDK-8289948: Improve test coverage for XPath functions: Node\n Set Functions\n + JDK-8290399: [macos] Aqua LAF does not fire an action event\n if combo box menu is displayed\n + JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests\n failed with \u0027isUsageThresholdExceeded() returned false, and is\n still false, while threshold = MMMMMMM and used peak = NNNNNNN\u0027\n + JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup\n required permissions for jtreg version 7 jar\n + JDK-8292946: GC lock/jni/jnilock001 test failed\n \u0027assert(gch-\u003egc_cause() == GCCause::_scavenge_alot ||\n !gch-\u003eincremental_collection_failed()) failed: Twice in a row\u0027\n + JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed\n with \u0027RuntimeException: Retrieved backing PlatformLogger level\n null is not the expected CONFIG\u0027\n + JDK-8294158: HTML formatting for PassFailJFrame instructions\n + JDK-8294254: [macOS] javax/swing/plaf/aqua/\n /CustomComboBoxFocusTest.java failure\n + JDK-8294402: Add diagnostic logging to\n VMProps.checkDockerSupport\n + JDK-8294535: Add screen capture functionality to\n PassFailJFrame\n + JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails\n intermittently on a VM\n + JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/\n /AbstractDrbg/SpecTest.java intermittently timeout\n + JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java\n failed: ExceptionInInitializerError: target class not found\n + JDK-8300269: The selected item in an editable JComboBox with\n titled border is not visible in Aqua LAF\n + JDK-8300727: java/awt/List/ListGarbageCollectionTest/\n /AwtListGarbageCollectionTest.java failed with \u0027List wasn\u0027t\n garbage collected\u0027\n + JDK-8301310: The SendRawSysexMessage test may cause a JVM\n crash\n + JDK-8301377: adjust timeout for JLI\n GetObjectSizeIntrinsicsTest.java subtest again\n + JDK-8301846: Invalid TargetDataLine after screen lock when\n using JFileChooser or COM library\n + JDK-8302017: Allocate BadPaddingException only if it will be\n thrown\n + JDK-8302109: Trivial fixes to btree tests\n + JDK-8302149: Speed up\n compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java\n + JDK-8302607: increase timeout for\n ContinuousCallSiteTargetChange.java\n + JDK-8304074: [JMX] Add an approximation of total bytes\n allocated on the Java heap by the JVM\n + JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373\n + JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1\n + JDK-8305502: adjust timeouts in three more M\u0026M tests\n + JDK-8305505: NPE in javazic compiler\n + JDK-8305972: Update XML Security for Java to 3.0.2\n + JDK-8306072: Open source several AWT MouseInfo related tests\n + JDK-8306076: Open source AWT misc tests\n + JDK-8306409: Open source AWT KeyBoardFocusManger,\n LightWeightComponent related tests\n + JDK-8306640: Open source several AWT TextArea related tests\n + JDK-8306652: Open source AWT MenuItem related tests\n + JDK-8306681: Open source more AWT DnD related tests\n + JDK-8306683: Open source several clipboard and color AWT tests\n + JDK-8306752: Open source several container and component AWT\n tests\n + JDK-8306753: Open source several container AWT tests\n + JDK-8306755: Open source few Swing JComponent and\n AbstractButton tests\n + JDK-8306812: Open source several AWT Miscellaneous tests\n + JDK-8306871: Open source more AWT Drag \u0026 Drop tests\n + JDK-8306996: Open source Swing MenuItem related tests\n + JDK-8307123: Fix deprecation warnings in DPrinter\n + JDK-8307130: Open source few Swing JMenu tests\n + JDK-8307299: Move more DnD tests to open\n + JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing\n JTableHeader tests\n + JDK-8307381: Open Source JFrame, JIF related Swing Tests\n + JDK-8307683: Loop Predication should not hoist range checks\n with trap on success projection by negating their condition\n + JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC\n while allocating\n + JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler\n .compile does not close files\n + JDK-8308223: failure handler missed jcmd.vm.info command\n + JDK-8308232: nsk/jdb tests don\u0027t pass -verbose flag to the\n debuggee\n + JDK-8308245: Add -proc:full to describe current default\n annotation processing policy\n + JDK-8308336: Test java/net/HttpURLConnection/\n /HttpURLConnectionExpectContinueTest.java failed:\n java.net.BindException: Address already in use\n + JDK-8309104: [JVMCI] compiler/unsafe/\n /UnsafeGetStableArrayElement test asserts wrong values with\n Graal\n + JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton\n predicates for all If nodes in loop predication\n + JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/\n /agentthr001/TestDescription.java crashing due to empty while\n loop\n + JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when\n using second test directory\n + JDK-8309870: Using -proc:full should be considered requesting\n explicit annotation processing\n + JDK-8310106: sun.security.ssl.SSLHandshake\n .getHandshakeProducer() incorrectly checks handshakeConsumers\n + JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/\n /bug6889007.java fails\n + JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/\n /interrupt001.java timed out due to missing prompt\n + JDK-8310807: java/nio/channels/DatagramChannel/Connect.java\n timed out\n + JDK-8311081: KeytoolReaderP12Test.java fail on localized\n Windows platform\n + JDK-8311511: Improve description of NativeLibrary JFR event\n + JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java\n + JDK-8313081: MonitoringSupport_lock should be unconditionally\n initialized after 8304074\n + JDK-8313082: Enable CreateCoredumpOnCrash for testing in\n makefiles\n + JDK-8313164: src/java.desktop/windows/native/libawt/windows/\n /awt_Robot.cpp GetRGBPixels adjust releasing of resources\n + JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground\n release resources in early returns\n + JDK-8313643: Update HarfBuzz to 8.2.2\n + JDK-8313816: Accessing jmethodID might lead to spurious\n crashes\n + JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to\n extra concurrent mark with -Xcomp\n + JDK-8314164: java/net/HttpURLConnection/\n /HttpURLConnectionExpectContinueTest.java fails intermittently\n in timeout\n + JDK-8314883:\n Java_java_util_prefs_FileSystemPreferences_lockFile0 write\n result errno in missing case\n + JDK-8315034: File.mkdirs() occasionally fails to create\n folders on Windows shared folder\n + JDK-8315042: NPE in PKCS7.parseOldSignedData\n + JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some\n cases\n + JDK-8315499: build using devkit on Linux ppc64le RHEL puts\n path to devkit into libsplashscreen\n + JDK-8315594: Open source few headless Swing misc tests\n + JDK-8315600: Open source few more headless Swing misc tests\n + JDK-8315602: Open source swing security manager test\n + JDK-8315606: Open source few swing text/html tests\n + JDK-8315611: Open source swing text/html and tree test\n + JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should\n run with -Xbatch\n + JDK-8315731: Open source several Swing Text related tests\n + JDK-8315761: Open source few swing JList and JMenuBar tests\n + JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/\n /bug4654927.java: component must be showing on the screen to\n determine its location\n + JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use\n createTestJvm\n + JDK-8316028: Update FreeType to 2.13.2\n + JDK-8316030: Update Libpng to 1.6.40\n + JDK-8316106: Open source few swing JInternalFrame and\n JMenuBar tests\n + JDK-8316461: Fix: make test outputs TEST SUCCESS after\n unsuccessful exit\n + JDK-8316947: Write a test to check textArea triggers\n MouseEntered/MouseExited events properly\n + JDK-8317307: test/jdk/com/sun/jndi/ldap/\n /LdapPoolTimeoutTest.java fails with ConnectException:\n Connection timed out: no further information\n + JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js\n + JDK-8318154: Improve stability of WheelModifier.java test\n + JDK-8318410: jdk/java/lang/instrument/BootClassPath/\n /BootClassPathTest.sh fails on Japanese Windows\n + JDK-8318468: compiler/tiered/LevelTransitionTest.java fails\n with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1\n + JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java\n + JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni\n tests\n + JDK-8318608: Enable parallelism in\n vmTestbase/nsk/stress/threads tests\n + JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with\n \u0027transport error 202: bind failed: Address already in use\u0027\n + JDK-8318889: C2: add bailout after assert Bad graph detected\n in build_loop_late\n + JDK-8318951: Additional negative value check in JPEG decoding\n + JDK-8318955: Add ReleaseIntArrayElements in\n Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to\n early return\n + JDK-8318971: Better Error Handling for Jar Tool When\n Processing Non-existent Files\n + JDK-8318983: Fix comment typo in PKCS12Passwd.java\n + JDK-8319124: Update XML Security for Java to 3.0.3\n + JDK-8319456: jdk/jfr/event/gc/collection/\n /TestGCCauseWith[Serial|Parallel].java : GC cause \u0027GCLocker\n Initiated GC\u0027 not in the valid causes\n + JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh\n + JDK-8320001: javac crashes while adding type annotations to\n the return type of a constructor\n + JDK-8320208: Update Public Suffix List to b5bf572\n + JDK-8320363: ppc64 TypeEntries::type_unknown logic looks\n wrong, missed optimization opportunity\n + JDK-8320597: RSA signature verification fails on signed data\n that does not encode params correctly\n + JDK-8320798: Console read line with zero out should zero out\n underlying buffer\n + JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23\n + JDK-8320937: support latest VS2022 MSC_VER in\n abstract_vm_version.cpp\n + JDK-8321151: JDK-8294427 breaks Windows L\u0026F on all older\n Windows versions\n + JDK-8321215: Incorrect x86 instruction encoding for VSIB\n addressing mode\n + JDK-8321408: Add Certainly roots R1 and E1\n + JDK-8321480: ISO 4217 Amendment 176 Update\n + JDK-8322178: Error. can\u0027t find jdk.testlibrary\n .SimpleSSLContext in test directory or libraries\n + JDK-8322417: Console read line with zero out should zero out\n when throwing exception\n + JDK-8322725: (tz) Update Timezone Data to 2023d\n + JDK-8322750: Test \u0027api/java_awt/interactive/\n /SystemTrayTests.html\u0027 failed because A blue ball icon is\n added outside of the system tray\n + JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is\n failing assert\n + JDK-8322772: Clean up code after JDK-8322417\n + JDK-8323008: filter out harmful -std* flags added by autoconf\n from CXX\n + JDK-8323243: JNI invocation of an abstract instance method\n corrupts the stack\n + JDK-8323515: Create test alias \u0027all\u0027 for all test roots\n + JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/\n /platform/docker/TestDockerMemoryMetrics.java always fail\n because OOM killed\n + JDK-8324184: Windows VS2010 build failed with \u0027error C2275:\n \u0027int64_t\u0027\u0027\n + JDK-8324307: [11u] hotspot fails to build with GCC 12 and\n newer (non-static data member initializers)\n + JDK-8324347: Enable \u0027maybe-uninitialized\u0027 warning for\n FreeType 2.13.1\n + JDK-8324659: GHA: Generic jtreg errors are not reported\n + JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/\n /AKISerialNumber.java is failing\n + JDK-8325150: (tz) Update Timezone Data to 2024a\n + JDK-8326109: GCC 13 reports maybe-uninitialized warnings for\n jni.cpp with dtrace enabled\n + JDK-8326503: [11u] java/net/HttpURLConnection/\n /HttpURLConnectionExpectContinueTest.java fail because of\n package org.junit.jupiter.api does not exist\n + JDK-8327391: Add SipHash attribution file\n + JDK-8329837: [11u] Remove designator\n DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23\n\n- Removed the possibility to use the system timezone-java (bsc#1213470).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1452,SUSE-SLE-SERVER-12-SP5-2024-1452",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1452-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1452-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241452-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1452-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/035111.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213470",
"url": "https://bugzilla.suse.com/1213470"
},
{
"category": "self",
"summary": "SUSE Bug 1222979",
"url": "https://bugzilla.suse.com/1222979"
},
{
"category": "self",
"summary": "SUSE Bug 1222983",
"url": "https://bugzilla.suse.com/1222983"
},
{
"category": "self",
"summary": "SUSE Bug 1222984",
"url": "https://bugzilla.suse.com/1222984"
},
{
"category": "self",
"summary": "SUSE Bug 1222986",
"url": "https://bugzilla.suse.com/1222986"
},
{
"category": "self",
"summary": "SUSE Bug 1222987",
"url": "https://bugzilla.suse.com/1222987"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21094/"
}
],
"title": "Security update for java-11-openjdk",
"tracking": {
"current_release_date": "2024-04-26T14:40:10Z",
"generator": {
"date": "2024-04-26T14:40:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1452-1",
"initial_release_date": "2024-04-26T14:40:10Z",
"revision_history": [
{
"date": "2024-04-26T14:40:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-11.0.23.0-3.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-jmods-11.0.23.0-3.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.aarch64",
"product": {
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.aarch64",
"product_id": "java-11-openjdk-src-11.0.23.0-3.75.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-11.0.23.0-3.75.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-demo-11.0.23.0-3.75.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-devel-11.0.23.0-3.75.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-headless-11.0.23.0-3.75.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-jmods-11.0.23.0-3.75.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.i586",
"product": {
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.i586",
"product_id": "java-11-openjdk-src-11.0.23.0-3.75.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.23.0-3.75.1.noarch",
"product": {
"name": "java-11-openjdk-javadoc-11.0.23.0-3.75.1.noarch",
"product_id": "java-11-openjdk-javadoc-11.0.23.0-3.75.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-jmods-11.0.23.0-3.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.ppc64le",
"product": {
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.ppc64le",
"product_id": "java-11-openjdk-src-11.0.23.0-3.75.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-11.0.23.0-3.75.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-jmods-11.0.23.0-3.75.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.s390x",
"product": {
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.s390x",
"product_id": "java-11-openjdk-src-11.0.23.0-3.75.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-11.0.23.0-3.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-jmods-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-jmods-11.0.23.0-3.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.x86_64",
"product": {
"name": "java-11-openjdk-src-11.0.23.0-3.75.1.x86_64",
"product_id": "java-11-openjdk-src-11.0.23.0-3.75.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21011"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21011",
"url": "https://www.suse.com/security/cve/CVE-2024-21011"
},
{
"category": "external",
"summary": "SUSE Bug 1222979 for CVE-2024-21011",
"url": "https://bugzilla.suse.com/1222979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-26T14:40:10Z",
"details": "low"
}
],
"title": "CVE-2024-21011"
},
{
"cve": "CVE-2024-21012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21012"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21012",
"url": "https://www.suse.com/security/cve/CVE-2024-21012"
},
{
"category": "external",
"summary": "SUSE Bug 1222987 for CVE-2024-21012",
"url": "https://bugzilla.suse.com/1222987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-26T14:40:10Z",
"details": "low"
}
],
"title": "CVE-2024-21012"
},
{
"cve": "CVE-2024-21068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21068"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21068",
"url": "https://www.suse.com/security/cve/CVE-2024-21068"
},
{
"category": "external",
"summary": "SUSE Bug 1222983 for CVE-2024-21068",
"url": "https://bugzilla.suse.com/1222983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-26T14:40:10Z",
"details": "low"
}
],
"title": "CVE-2024-21068"
},
{
"cve": "CVE-2024-21085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21085"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21085",
"url": "https://www.suse.com/security/cve/CVE-2024-21085"
},
{
"category": "external",
"summary": "SUSE Bug 1222984 for CVE-2024-21085",
"url": "https://bugzilla.suse.com/1222984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-26T14:40:10Z",
"details": "low"
}
],
"title": "CVE-2024-21085"
},
{
"cve": "CVE-2024-21094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21094"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21094",
"url": "https://www.suse.com/security/cve/CVE-2024-21094"
},
{
"category": "external",
"summary": "SUSE Bug 1222986 for CVE-2024-21094",
"url": "https://bugzilla.suse.com/1222986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.23.0-3.75.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.23.0-3.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-26T14:40:10Z",
"details": "low"
}
],
"title": "CVE-2024-21094"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…