suse-su-2024:3954-1
Vulnerability from csaf_suse
Published
2024-11-08 13:10
Modified
2024-11-08 13:10
Summary
Security update for java-21-openjdk
Notes
Title of the patch
Security update for java-21-openjdk
Description of the patch
This update for java-21-openjdk fixes the following issues:
- Update to upstream tag jdk-21.0.5+13 (October 2024 CPU)
* Security fixes
+ JDK-8307383: Enhance DTLS connections
+ JDK-8311208: Improve CDS Support
+ JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client
+ JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization
+ JDK-8328726: Better Kerberos support
+ JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support
+ JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations
+ JDK-8335713: Enhance vectorization analysis
* Other changes
+ JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG
+ JDK-6967482: TAB-key does not work in JTables after selecting
details-view in JFileChooser
+ JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/
/ReadLongZipFileName.java leaks files if it fails
+ JDK-8051959: Add thread and timestamp options to
java.security.debug system property
+ JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING)
deletes bar even if foo is not readable
+ JDK-8166352: FilePane.createDetailsView() removes JTable TAB,
SHIFT-TAB functionality
+ JDK-8170817: G1: Returning MinTLABSize from
unsafe_max_tlab_alloc causes TLAB flapping
+ JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java
fails: 'reported cputime less than expected'
+ JDK-8211854: [aix] java/net/ServerSocket/
/AcceptInheritHandle.java fails: read times out
+ JDK-8222884: ConcurrentClassDescLookup.java times out intermittently
+ JDK-8238169: BasicDirectoryModel getDirectories and
DoChangeContents.run can deadlock
+ JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due
to 'BindException: Address already in use'
+ JDK-8242564: javadoc crashes:: class cast exception
com.sun.tools.javac.code.Symtab$6
+ JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/
/MouseEventAfterStartDragTest.html test failed
+ JDK-8261433: Better pkcs11 performance for
libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit
+ JDK-8269428: java/util/concurrent/ConcurrentHashMap/
/ToArray.java timed out
+ JDK-8269657: Test java/nio/channels/DatagramChannel/
/Loopback.java failed: Unexpected message
+ JDK-8280120: [IR Framework] Add attribute to @IR to
enable/disable IR matching based on the architecture
+ JDK-8280392: java/awt/Focus/NonFocusableWindowTest/
/NonfocusableOwnerTest.java failed with 'RuntimeException: Test failed.'
+ JDK-8280988: [XWayland] Click on title to request focus test failures
+ JDK-8280990: [XWayland] XTest emulated mouse click does not
bring window to front
+ JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java
#Parallel failed with 'RuntimeException: String verification failed'
+ JDK-8287325: AArch64: fix virtual threads with
-XX:UseBranchProtection=pac-ret
+ JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java
to IR verification test
+ JDK-8294148: Support JSplitPane for instructions and test UI
+ JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl
when connection is idle
+ JDK-8299487: Test java/net/httpclient/whitebox/
/SSLTubeTestDriver.java timed out
+ JDK-8299790: os::print_hex_dump is racy
+ JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java
fails with jtreg test timeout due to lost datagram
+ JDK-8301686: TLS 1.3 handshake fails if server_name doesn't
match resuming session
+ JDK-8303920: Avoid calling out to python in
DataDescriptorSignatureMissing test
+ JDK-8305072: Win32ShellFolder2.compareTo is inconsistent
+ JDK-8305825: getBounds API returns wrong value resulting in
multiple Regression Test Failures on Ubuntu 23.04
+ JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes
+ JDK-8307352: AARCH64: Improve itable_stub
+ JDK-8307778: com/sun/jdi/cds tests fail with jtreg's Virtual
test thread factory
+ JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/
/TestDescription.java timed out
+ JDK-8308286: Fix clang warnings in linux code
+ JDK-8308660: C2 compilation hits 'node must be dead' assert
+ JDK-8309067: gtest/AsyncLogGtest.java fails again in
stderrOutput_vm
+ JDK-8309621: [XWayland][Screencast] screen capture failure
with sun.java2d.uiScale other than 1
+ JDK-8309685: Fix -Wconversion warnings in assembler and
register code
+ JDK-8309894: compiler/vectorapi/
/VectorLogicalOpIdentityTest.java fails on SVE system with UseSVE=0
+ JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled
and disabled ComboBox does not match in these LAFs: GTK+
+ JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when
EnableJVMCI is specified
+ JDK-8310201: Reduce verbose locale output in -XshowSettings
launcher option
+ JDK-8310334: [XWayland][Screencast] screen capture error
message in debug
+ JDK-8310628: GcInfoBuilder.c missing JNI Exception checks
+ JDK-8310683: Refactor StandardCharset/standard.java to use JUnit
+ JDK-8310906: Fix -Wconversion warnings in runtime, oops and
some code header files.
+ JDK-8311306: Test com/sun/management/ThreadMXBean/
/ThreadCpuTimeArray.java failed: out of expected range
+ JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin
+ JDK-8311989: Test java/lang/Thread/virtual/Reflection.java
timed out
+ JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved
+ JDK-8312111: open/test/jdk/java/awt/Robot/ModifierRobotKey/
/ModifierRobotKeyTest.java fails on ubuntu 23.04
+ JDK-8312140: jdk/jshell tests failed with JDI socket timeouts
+ JDK-8312200: Fix Parse::catch_call_exceptions memory leak
+ JDK-8312229: Crash involving yield, switch and anonymous classes
+ JDK-8313674: (fc) java/nio/channels/FileChannel/
/BlockDeviceSize.java should test for more block devices
+ JDK-8313697: [XWayland][Screencast] consequent getPixelColor
calls are slow
+ JDK-8313983: jmod create --target-platform should replace
existing ModuleTarget attribute
+ JDK-8314163: os::print_hex_dump prints incorrectly for big
endian platforms and unit sizes larger than 1
+ JDK-8314225: SIGSEGV in JavaThread::is_lock_owned
+ JDK-8314515: java/util/concurrent/SynchronousQueue/
/Fairness.java failed with 'Error: fair=false i=8 j=0'
+ JDK-8314614: jdk/jshell/ImportTest.java failed with
'InternalError: Failed remote listen'
+ JDK-8315024: Vector API FP reduction tests should not test
for exact equality
+ JDK-8315031: YoungPLABSize and OldPLABSize not aligned by
ObjectAlignmentInBytes
+ JDK-8315422: getSoTimeout() would be in try block in
SSLSocketImpl
+ JDK-8315505: CompileTask timestamp printed can overflow
+ JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java
fails after JDK-8314837
+ JDK-8315804: Open source several Swing JTabbedPane JTextArea
JTextField tests
+ JDK-8315923: pretouch_memory by atomic-add-0 fragments huge
pages unexpectedly
+ JDK-8315965: Open source various AWT applet tests
+ JDK-8315969: compiler/rangechecks/
/TestRangeCheckHoistingScaledIV.java: make flagless
+ JDK-8316104: Open source several Swing SplitPane and
RadioButton related tests
+ JDK-8316131: runtime/cds/appcds/TestParallelGCWithCDS.java
fails with JNI error
+ JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java
java.lang.Exception: Could not find leak
+ JDK-8316211: Open source several manual applet tests
+ JDK-8316240: Open source several add/remove MenuBar manual tests
+ JDK-8316285: Opensource JButton manual tests
+ JDK-8316306: Open source and convert manual Swing test
+ JDK-8316328: Test jdk/jfr/event/oldobject/
/TestSanityDefault.java times out for some heap sizes
+ JDK-8316361: C2: assert(!failure) failed: Missed optimization
opportunity in PhaseIterGVN with -XX:VerifyIterativeGVN=10
+ JDK-8316389: Open source few AWT applet tests
+ JDK-8316756: C2 EA fails with 'missing memory path' when
encountering unsafe_arraycopy stub call
+ JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java
+ JDK-8317128: java/nio/file/Files/CopyAndMove.java failed with
AccessDeniedException
+ JDK-8317240: Promptly free OopMapEntry after fail to insert
the entry to OopMapCache
+ JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java:
Press on the outside area didn't cause ungrab
+ JDK-8317299: safepoint scalarization doesn't keep track of
the depth of the JVM state
+ JDK-8317360: Missing null checks in JfrCheckpointManager and
JfrStringPool initialization routines
+ JDK-8317372: Refactor some NumberFormat tests to use JUnit
+ JDK-8317446: ProblemList gc/arguments/TestNewSizeFlags.java
on macosx-aarch64 in Xcomp
+ JDK-8317449: ProblemList serviceability/jvmti/stress/
/StackTrace/NotSuspended/
/GetStackTraceNotSuspendedStressTest.java on several platforms
+ JDK-8317635: Improve GetClassFields test to verify
correctness of field order
+ JDK-8317696: Fix compilation with clang-16
+ JDK-8317738: CodeCacheFullCountTest failed with
'VirtualMachineError: Out of space in CodeCache for method
handle intrinsic'
+ JDK-8317831: compiler/codecache/CheckLargePages.java fails on
OL 8.8 with unexpected memory string
+ JDK-8318071: IgnoreUnrecognizedVMOptions flag still causes
failure in ArchiveHeapTestClass
+ JDK-8318479: [jmh] the test security.CacheBench failed for
multiple threads run
+ JDK-8318605: Enable parallelism in
vmTestbase/nsk/stress/stack tests
+ JDK-8319197: Exclude hb-subset and hb-style from compilation
+ JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates
+ JDK-8319773: Avoid inflating monitors when installing hash
codes for LM_LIGHTWEIGHT
+ JDK-8319793: C2 compilation fails with 'Bad graph detected in
build_loop_late' after JDK-8279888
+ JDK-8319817: Charset constructor should make defensive copy of aliases
+ JDK-8319818: Address GCC 13.2.0 warnings (stringop-overflow
and dangling-pointer)
+ JDK-8320079: The ArabicBox.java test has no control buttons
+ JDK-8320212: Disable GCC stringop-overflow warning for affected files
+ JDK-8320379: C2: Sort spilling/unspilling sequence for better
ld/st merging into ldp/stp on AArch64
+ JDK-8320602: Lock contention in SchemaDVFactory.getInstance()
+ JDK-8320608: Many jtreg printing tests are missing the
@printer keyword
+ JDK-8320655: awt screencast robot spin and sync issues with
native libpipewire api
+ JDK-8320675: PrinterJob/SecurityDialogTest.java hangs
+ JDK-8320945: problemlist tests failing on latest Windows 11 update
+ JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2
+ JDK-8321176: [Screencast] make a second attempt on screencast failure
+ JDK-8321206: Make Locale related system properties
`StaticProperty`
+ JDK-8321220: JFR: RecordedClass reports incorrect modifiers
+ JDK-8321278: C2: Partial peeling fails with assert 'last_peel
<- first_not_peeled'
+ JDK-8321509: False positive in get_trampoline fast path
causes crash
+ JDK-8321933: TestCDSVMCrash.java spawns two processes
+ JDK-8322008: Exclude some CDS tests from running with -Xshare:off
+ JDK-8322062: com/sun/jdi/JdwpAllowTest.java does not performs
negative testing with prefix length
+ JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC
+ JDK-8322726: C2: Unloaded signature class kills argument value
+ JDK-8322743: C2: prevent lock region elimination in OSR compilation
+ JDK-8322766: Micro bench SSLHandshake should use default algorithms
+ JDK-8322881: java/nio/file/Files/CopyMoveVariations.java
fails with AccessDeniedException due to permissions of files in /tmp
+ JDK-8322971: KEM.getInstance() should check if a 3rd-party
security provider is signed
+ JDK-8322996: BoxLockNode creation fails with assert(reg <
CHUNK_SIZE) failed: sanity
+ JDK-8323122: AArch64: Increase itable stub size estimate
+ JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java
failed with 'Events are not ordered! Reuse = false'
+ JDK-8323274: C2: array load may float above range check
+ JDK-8323552: AbstractMemorySegmentImpl#mismatch returns -1
when comparing distinct areas of the same instance of MemorySegment
+ JDK-8323577: C2 SuperWord: remove AlignVector restrictions on
IR tests added in JDK-8305055
+ JDK-8323584: AArch64: Unnecessary ResourceMark in
NativeCall::set_destination_mt_safe
+ JDK-8323670: A few client tests intermittently throw
ConcurrentModificationException
+ JDK-8323682: C2: guard check is not generated in
Arrays.copyOfRange intrinsic when allocation is eliminated by EA
+ JDK-8323782: Race: Thread::interrupt vs.
AbstractInterruptibleChannel.begin
+ JDK-8323801: <s> tag doesn't strikethrough the text
+ JDK-8323972: C2 compilation fails with
assert(!x->as_Loop()->is_loop_nest_inner_loop()) failed: loop
was transformed
+ JDK-8324174: assert(m->is_entered(current)) failed: invariant
+ JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max
limit on macOS >= 10.6 for RLIMIT_NOFILE
+ JDK-8324580: SIGFPE on THP initialization on kernels < 4.10
+ JDK-8324641: [IR Framework] Add Setup method to provide
custom arguments and set fields
+ JDK-8324668: JDWP process management needs more efficient
file descriptor handling
+ JDK-8324755: Enable parallelism in
vmTestbase/gc/gctests/LargeObjects tests
+ JDK-8324781: runtime/Thread/TestAlwaysPreTouchStacks.java
failed with Expected a higher ratio between stack committed and reserved
+ JDK-8324808: Manual printer tests have no Pass/Fail buttons,
instructions close set 3
+ JDK-8324969: C2: prevent elimination of unbalanced coarsened locking regions
+ JDK-8324983: Race in CompileBroker::possibly_add_compiler_threads
+ JDK-8325022: Incorrect error message on client authentication
+ JDK-8325037: x86: enable and fix
hotspot/jtreg/compiler/vectorization/TestRoundVectFloat.java
+ JDK-8325083: jdk/incubator/vector/Double512VectorTests.java
crashes in Assembler::vex_prefix_and_encode
+ JDK-8325179: Race in BasicDirectoryModel.validateFileCache
+ JDK-8325218: gc/parallel/TestAlwaysPreTouchBehavior.java fails
+ JDK-8325382: (fc) FileChannel.transferTo throws IOException
when position equals size
+ JDK-8325384: sun/security/ssl/SSLSessionImpl/
/ResumptionUpdateBoundValues.java failing intermittently when
main thread is a virtual thread
+ JDK-8325469: Freeze/Thaw code can crash in the presence of OSR frames
+ JDK-8325494: C2: Broken graph after not skipping CastII node
anymore for Assertion Predicates after JDK-8309902
+ JDK-8325520: Vector loads and stores with indices and masks
incorrectly compiled
+ JDK-8325542: CTW: Runner can produce negative StressSeed
+ JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM
+ JDK-8325616: JFR ZGC Allocation Stall events should record
stack traces
+ JDK-8325620: HTMLReader uses ConvertAction instead of
specified CharacterAction for <b>, <i>, <u>
+ JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes
survive minor garbage collections
+ JDK-8325763: Revert properties: vm.opt.x.*
+ JDK-8326106: Write and clear stack trace table outside of safepoint
+ JDK-8326129: Java Record Pattern Match leads to infinite loop
+ JDK-8326332: Unclosed inline tags cause misalignment in
summary tables
+ JDK-8326717: Disable stringop-overflow in shenandoahLock.cpp
+ JDK-8326734: text-decoration applied to <span> lost when
mixed with <u> or <s>
+ JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails
+ JDK-8327040: Problemlist ActionListenerCalledTwiceTest.java
test failing in macos14
+ JDK-8327137: Add test for ConcurrentModificationException in
BasicDirectoryModel
+ JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug
+ JDK-8327423: C2 remove_main_post_loops: check if main-loop
belongs to pre-loop, not just assert
+ JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java
on all platforms with ZGC
+ JDK-8327501: Common ForkJoinPool prevents class unloading in some cases
+ JDK-8327650: Test java/nio/channels/DatagramChannel/
/StressNativeSignal.java timed out
+ JDK-8327787: Convert javax/swing/border/Test4129681.java
applet test to main
+ JDK-8327840: Automate javax/swing/border/Test4129681.java
+ JDK-8327990: [macosx-aarch64] Various tests fail with
-XX:+AssertWXAtThreadSync
+ JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/
/GetBoundsResizeTest.java applet test to main
+ JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC
+ JDK-8328110: Allow simultaneous use of PassFailJFrame with
split UI and additional windows
+ JDK-8328115: Convert java/awt/font/TextLayout/
/TestJustification.html applet test to main
+ JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest
to automatic main test
+ JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html
+ JDK-8328234: Remove unused nativeUtils files
+ JDK-8328238: Convert few closed manual applet tests to main
+ JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful
+ JDK-8328273: sun/management/jmxremote/bootstrap/
/RmiRegistrySslTest.java failed with
java.rmi.server.ExportException: Port already in use
+ JDK-8328366: Thread.setContextClassloader from thread in FJP
commonPool task no longer works after JDK-8327501
+ JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/
/ClickDuringKeypress.java imports Applet
+ JDK-8328561: test java/awt/Robot/ManualInstructions/
/ManualInstructions.java isn't used
+ JDK-8328642: Convert applet test
MouseDraggedOutCauseScrollingTest.html to main
+ JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp
+ JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization
+ JDK-8328785: IOException: Symbol not found: C_GetInterface
for PKCS11 interface prior to V3.0
+ JDK-8328896: Fontmetrics for large Fonts has zero width
+ JDK-8328953: JEditorPane.read throws ChangedCharSetException
+ JDK-8328999: Update GIFlib to 5.2.2
+ JDK-8329004: Update Libpng to 1.6.43
+ JDK-8329088: Stack chunk thawing races with concurrent GC stack iteration
+ JDK-8329103: assert(!thread->in_asgct()) failed during
multi-mode profiling
+ JDK-8329126: No native wrappers generated anymore with
-XX:-TieredCompilation after JDK-8251462
+ JDK-8329134: Reconsider TLAB zapping
+ JDK-8329258: TailCall should not use frame pointer register for jump target
+ JDK-8329510: Update ProblemList for
JFileChooser/8194044/FileSystemRootTest.java
+ JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed
because The End and Start buttons are not placed correctly and
Tab focus does not move as expected
+ JDK-8329665: fatal error: memory leak: allocating without ResourceMark
+ JDK-8329667: [macos] Issue with JTree related fix for
JDK-8317771
+ JDK-8329995: Restricted access to `/proc` can cause JFR
initialization to crash
+ JDK-8330027: Identity hashes of archived objects must be
based on a reproducible random seed
+ JDK-8330063: Upgrade jQuery to 3.7.1
+ JDK-8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries
+ JDK-8330146: assert(!_thread->is_in_any_VTMS_transition()) failed
+ JDK-8330520: linux clang build fails in os_linux.cpp with
static_assert with no message is a C++17 extension
+ JDK-8330576: ZYoungCompactionLimit should have range check
+ JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)
+ JDK-8330748: ByteArrayOutputStream.writeTo(OutputStream) pins carrier
+ JDK-8330814: Cleanups for KeepAliveCache tests
+ JDK-8330819: C2 SuperWord: bad dominance after pre-loop limit
adjustment with base that has CastLL after pre-loop
+ JDK-8330849: Add test to verify memory usage with recursive locking
+ JDK-8330981: ZGC: Should not dedup strings in the finalizer graph
+ JDK-8331011: [XWayland] TokenStorage fails under Security Manager
+ JDK-8331063: Some HttpClient tests don't report leaks
+ JDK-8331077: nroff man page update for jar tool
+ JDK-8331142: Add test for number of loader threads in BasicDirectoryModel
+ JDK-8331153: JFR: Improve logging of
jdk/jfr/api/consumer/filestream/TestOrdered.java
+ JDK-8331164: createJMHBundle.sh download jars fail when url
needed to be redirected
+ JDK-8331266: Bump update version for OpenJDK: jdk-21.0.5
+ JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS
+ JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock
+ JDK-8331421: ubsan: vmreg.cpp checking error member call on
misaligned address
+ JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows only
+ JDK-8331518: Tests should not use the 'Classpath' exception
form of the legal header
+ JDK-8331572: Allow using OopMapCache outside of STW GC phases
+ JDK-8331573: Rename CollectedHeap::is_gc_active to be
explicitly about STW GCs
+ JDK-8331575: C2: crash when ConvL2I is split thru phi at LongCountedLoop
+ JDK-8331605:
jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure
+ JDK-8331626: unsafe.cpp:162:38: runtime error in
index_oop_from_field_offset_long - applying non-zero offset
4563897424 to null pointer
+ JDK-8331714: Make OopMapCache installation lock-free
+ JDK-8331731: ubsan: relocInfo.cpp:155:30: runtime error:
applying non-zero offset to null pointer
+ JDK-8331746: Create a test to verify that the cmm id is not ignored
+ JDK-8331771: ZGC: Remove OopMapCacheAlloc_lock ordering workaround
+ JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error:
load of value 208, which is not a valid value for type 'bool'
+ JDK-8331798: Remove unused arg of checkErgonomics() in
TestMaxHeapSizeTools.java
+ JDK-8331854: ubsan: copy.hpp:218:10: runtime error: addition
of unsigned offset to 0x7fc2b4024518 overflowed to 0x7fc2b4024510
+ JDK-8331863: DUIterator_Fast used before it is constructed
+ JDK-8331885: C2: meet between unloaded and speculative types
is not symmetric
+ JDK-8331931: JFR: Avoid loading regex classes during startup
+ JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java
frequently fails on Windows in CI
+ JDK-8332008: Enable issuestitle check
+ JDK-8332113: Update nsk.share.Log to be always verbose
+ JDK-8332154: Memory leak in SynchronousQueue
+ JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml
+ JDK-8332248: (fc) java/nio/channels/FileChannel/
/BlockDeviceSize.java failed with RuntimeException
+ JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16
+ JDK-8332431: NullPointerException in JTable of SwingSet2
+ JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error:
null pointer passed as argument 1, which is declared to never be null
+ JDK-8332490: JMH org.openjdk.bench.java.util.zip
.InflaterInputStreams.inflaterInputStreamRead OOM
+ JDK-8332499: Gtest codestrings.validate_vm fail on linux x64 when hsdis is present
+ JDK-8332524: Instead of printing 'TLSv1.3,' it is showing 'TLS13'
+ JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5:
runtime error: null pointer passed as argument 2, which is
declared to never be null
+ JDK-8332675: test/hotspot/jtreg/gc/testlibrary/Helpers.java
compileClass javadoc does not match after 8321812
+ JDK-8332699: ubsan: jfrEventSetting.inline.hpp:31:43: runtime
error: index 163 out of bounds for type 'jfrNativeEventSetting [162]'
+ JDK-8332717: ZGC: Division by zero in heuristics
+ JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error:
member call on null pointer of type 'struct Array'
+ JDK-8332818: ubsan: archiveHeapLoader.cpp:70:27: runtime
error: applying non-zero offset 18446744073707454464 to null pointer
+ JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error:
null pointer passed as argument 2, which is declared to never be null
+ JDK-8332885: Clarify failure_handler self-tests
+ JDK-8332894: ubsan: vmError.cpp:2090:26: runtime error: division by zero
+ JDK-8332898: failure_handler: log directory of commands
+ JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error:
load of value 171, which is not a valid value for type 'bool'
+ JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21:
runtime error: signed integer overflow: 9223372036854775807 + 1
cannot be represented in type 'long int'
+ JDK-8332905: C2 SuperWord: bad AD file, with RotateRightV and
first operand not a pack
+ JDK-8332920: C2: Partial Peeling is wrongly applied for CmpU
with negative limit
+ JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched
JNINativeInterface tables, check for new entries
+ JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/
/TestDescription.java fails with no GC's recorded
+ JDK-8332959: C2: ZGC fails with 'Incorrect load shift' when
invoking Object.clone() reflectively on an array
+ JDK-8333088: ubsan: shenandoahAdaptiveHeuristics.cpp:245:44:
runtime error: division by zero
+ JDK-8333093: Incorrect comment in zAddress_aarch64.cpp
+ JDK-8333099: Missing check for is_LoadVector in StoreNode::Identity
+ JDK-8333149: ubsan : memset on nullptr target detected in
jvmtiEnvBase.cpp get_object_monitor_usage
+ JDK-8333178: ubsan: jvmti_tools.cpp:149:16: runtime error:
null pointer passed as argument 2, which is declared to never be null
+ JDK-8333270: HandlersOnComplexResetUpdate and
HandlersOnComplexUpdate tests fail with 'Unexpected reference'
if timeoutFactor is less than 1/3
+ JDK-8333277: ubsan: mlib_ImageScanPoly.c:292:43: runtime
error: division by zero
+ JDK-8333353: Delete extra empty line in CodeBlob.java
+ JDK-8333354: ubsan: frame.inline.hpp:91:25: and
src/hotspot/share/runtime/frame.inline.hpp:88:29: runtime
error: member call on null pointer of type 'const struct SmallRegisterMap'
+ JDK-8333361: ubsan,test : libHeapMonitorTest.cpp:518:9:
runtime error: null pointer passed as argument 2, which is
declared to never be null
+ JDK-8333363: ubsan: instanceKlass.cpp: runtime error: member
call on null pointer of type 'struct AnnotationArray'
+ JDK-8333366: C2: CmpU3Nodes are not pushed back to worklist
in PhaseCCP leading to non-fixpoint assertion failure
+ JDK-8333398: Uncomment the commented test in test/jdk/java/
/util/jar/JarFile/mrjar/MultiReleaseJarAPI.java
+ JDK-8333462: Performance regression of new DecimalFormat()
when compare to jdk11
+ JDK-8333477: Delete extra empty spaces in Makefiles
+ JDK-8333542: Breakpoint in parallel code does not work
+ JDK-8333622: ubsan: relocInfo_x86.cpp:101:56: runtime error:
pointer index expression with base (-1) overflowed
+ JDK-8333639: ubsan: cppVtables.cpp:81:55: runtime error:
index 14 out of bounds for type 'long int [1]'
+ JDK-8333652: RISC-V: compiler/vectorapi/
/VectorGatherMaskFoldingTest.java fails when using RVV
+ JDK-8333716: Shenandoah: Check for disarmed method before
taking the nmethod lock
+ JDK-8333724: Problem list security/infra/java/security/cert/
/CertPathValidator/certification/CAInterop.java
#teliasonerarootcav1
+ JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw
an exception with 0 failures
+ JDK-8333887: ubsan: unsafe.cpp:247:13: runtime error: store
to null pointer of type 'volatile int'
+ JDK-8334078: RISC-V: TestIntVect.java fails after JDK-8332153
when running without RVV
+ JDK-8334123: log the opening of Type 1 fonts
+ JDK-8334166: Enable binary check
+ JDK-8334239: Introduce macro for ubsan method/function exclusions
+ JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java
should not depend on SecurityManager
+ JDK-8334332: TestIOException.java fails if run by root
+ JDK-8334333: MissingResourceCauseTestRun.java fails if run by root
+ JDK-8334339: Test java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java fails on alinux3
+ JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14
+ JDK-8334421: assert(!oldbox->is_unbalanced()) failed: this
should not be called for unbalanced region
+ JDK-8334482: Shenandoah: Deadlock when safepoint is pending
during nmethods iteration
+ JDK-8334592: ProblemList serviceability/jvmti/stress/
/StackTrace/NotSuspended/
/GetStackTraceNotSuspendedStressTest.java in jdk21 on all platforms
+ JDK-8334594: Generational ZGC: Deadlock after OopMap rewrites in 8331572
+ JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java
fails on linux-aarch64
+ JDK-8334618: ubsan: support setting additional ubsan check options
+ JDK-8334653: ISO 4217 Amendment 177 Update
+ JDK-8334769: Shenandoah: Move CodeCache_lock close to its use
in ShenandoahConcurrentNMethodIterator
+ JDK-8334867: Add back assertion from JDK-8325494
+ JDK-8335007: Inline OopMapCache table
+ JDK-8335134: Test com/sun/jdi/BreakpointOnClassPrepare.java timeout
+ JDK-8335150: Test LogGeneratedClassesTest.java fails on
rpmbuild mock enviroment
+ JDK-8335237: ubsan: vtableStubs.hpp is_vtable_stub exclude
from ubsan checks
+ JDK-8335283: Build failure due to 'no_sanitize' attribute directive ignored
+ JDK-8335409: Can't allocate and retain memory from resource
area in frame::oops_interpreted_do oop closure after 8329665
+ JDK-8335493: check_gc_overhead_limit should reset
SoftRefPolicy::_should_clear_all_soft_refs
+ JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true
+ JDK-8335743: jhsdb jstack cannot print some information on
the waiting thread
+ JDK-8335775: Remove extraneous 's' in comment of
rawmonitor.cpp test file
+ JDK-8335904: Fix invalid comment in ShenandoahLock
+ JDK-8335967: 'text-decoration: none' does not work with 'A' HTML tags
+ JDK-8336284: Test TestClhsdbJstackLock.java/
TestJhsdbJstackLock.java fails with -Xcomp after JDK-8335743
+ JDK-8336301: test/jdk/java/nio/channels/
/AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion
+ JDK-8336342: Fix known X11 library locations in sysroot
+ JDK-8336343: Add more known sysroot library locations for ALSA
+ JDK-8336926: jdk/internal/util/ReferencedKeyTest.java can
fail with ConcurrentModificationException
+ JDK-8336928: GHA: Bundle artifacts removal broken
+ JDK-8337038: Test java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java shoud set as /native
+ JDK-8337283: configure.log is truncated when build dir is on
different filesystem
+ JDK-8337622: IllegalArgumentException in java.lang.reflect.Field.get
+ JDK-8337664: Distrust TLS server certificates issued after
Oct 2024 and anchored by Entrust Root CAs
+ JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods
are inconsistent with their setVerbose methods
+ JDK-8338286: GHA: Demote x86_32 to hotspot build only
+ JDK-8338696: (fs) BasicFileAttributes.creationTime() falls
back to epoch if birth time is unavailable (Linux)
+ JDK-8339869: [21u] Test CreationTime.java fails with
UnsatisfiedLinkError after 8334339
+ JDK-8341057: Add 2 SSL.com TLS roots
+ JDK-8341059: Change Entrust TLS distrust date to November 12, 2024
+ JDK-8341674: [21u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.5
+ JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366
Patchnames
SUSE-2024-3954,SUSE-SLE-Module-Basesystem-15-SP6-2024-3954,openSUSE-SLE-15.6-2024-3954
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-21-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-21-openjdk fixes the following issues:\n\n- Update to upstream tag jdk-21.0.5+13 (October 2024 CPU)\n * Security fixes\n + JDK-8307383: Enhance DTLS connections\n + JDK-8311208: Improve CDS Support\n + JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client\n + JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization\n + JDK-8328726: Better Kerberos support\n + JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support\n + JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations\n + JDK-8335713: Enhance vectorization analysis\n * Other changes\n + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG\n + JDK-6967482: TAB-key does not work in JTables after selecting\n details-view in JFileChooser\n + JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/\n /ReadLongZipFileName.java leaks files if it fails\n + JDK-8051959: Add thread and timestamp options to\n java.security.debug system property\n + JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING)\n deletes bar even if foo is not readable\n + JDK-8166352: FilePane.createDetailsView() removes JTable TAB,\n SHIFT-TAB functionality\n + JDK-8170817: G1: Returning MinTLABSize from\n unsafe_max_tlab_alloc causes TLAB flapping\n + JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java\n fails: \u0027reported cputime less than expected\u0027\n + JDK-8211854: [aix] java/net/ServerSocket/\n /AcceptInheritHandle.java fails: read times out\n + JDK-8222884: ConcurrentClassDescLookup.java times out intermittently\n + JDK-8238169: BasicDirectoryModel getDirectories and\n DoChangeContents.run can deadlock\n + JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due\n to \u0027BindException: Address already in use\u0027\n + JDK-8242564: javadoc crashes:: class cast exception\n com.sun.tools.javac.code.Symtab$6\n + JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/\n /MouseEventAfterStartDragTest.html test failed\n + JDK-8261433: Better pkcs11 performance for\n libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit\n + JDK-8269428: java/util/concurrent/ConcurrentHashMap/\n /ToArray.java timed out\n + JDK-8269657: Test java/nio/channels/DatagramChannel/\n /Loopback.java failed: Unexpected message\n + JDK-8280120: [IR Framework] Add attribute to @IR to\n enable/disable IR matching based on the architecture\n + JDK-8280392: java/awt/Focus/NonFocusableWindowTest/\n /NonfocusableOwnerTest.java failed with \u0027RuntimeException: Test failed.\u0027\n + JDK-8280988: [XWayland] Click on title to request focus test failures\n + JDK-8280990: [XWayland] XTest emulated mouse click does not\n bring window to front\n + JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java\n #Parallel failed with \u0027RuntimeException: String verification failed\u0027\n + JDK-8287325: AArch64: fix virtual threads with\n -XX:UseBranchProtection=pac-ret\n + JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java\n to IR verification test\n + JDK-8294148: Support JSplitPane for instructions and test UI\n + JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl\n when connection is idle\n + JDK-8299487: Test java/net/httpclient/whitebox/\n /SSLTubeTestDriver.java timed out\n + JDK-8299790: os::print_hex_dump is racy\n + JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java\n fails with jtreg test timeout due to lost datagram\n + JDK-8301686: TLS 1.3 handshake fails if server_name doesn\u0027t\n match resuming session\n + JDK-8303920: Avoid calling out to python in\n DataDescriptorSignatureMissing test\n + JDK-8305072: Win32ShellFolder2.compareTo is inconsistent\n + JDK-8305825: getBounds API returns wrong value resulting in\n multiple Regression Test Failures on Ubuntu 23.04\n + JDK-8307193: Several Swing jtreg tests use class.forName on L\u0026F classes\n + JDK-8307352: AARCH64: Improve itable_stub\n + JDK-8307778: com/sun/jdi/cds tests fail with jtreg\u0027s Virtual\n test thread factory\n + JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/\n /TestDescription.java timed out\n + JDK-8308286: Fix clang warnings in linux code\n + JDK-8308660: C2 compilation hits \u0027node must be dead\u0027 assert\n + JDK-8309067: gtest/AsyncLogGtest.java fails again in\n stderrOutput_vm\n + JDK-8309621: [XWayland][Screencast] screen capture failure\n with sun.java2d.uiScale other than 1\n + JDK-8309685: Fix -Wconversion warnings in assembler and\n register code\n + JDK-8309894: compiler/vectorapi/\n /VectorLogicalOpIdentityTest.java fails on SVE system with UseSVE=0\n + JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled\n and disabled ComboBox does not match in these LAFs: GTK+\n + JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when\n EnableJVMCI is specified\n + JDK-8310201: Reduce verbose locale output in -XshowSettings\n launcher option\n + JDK-8310334: [XWayland][Screencast] screen capture error\n message in debug\n + JDK-8310628: GcInfoBuilder.c missing JNI Exception checks\n + JDK-8310683: Refactor StandardCharset/standard.java to use JUnit\n + JDK-8310906: Fix -Wconversion warnings in runtime, oops and\n some code header files.\n + JDK-8311306: Test com/sun/management/ThreadMXBean/\n /ThreadCpuTimeArray.java failed: out of expected range\n + JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin\n + JDK-8311989: Test java/lang/Thread/virtual/Reflection.java\n timed out\n + JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved\n + JDK-8312111: open/test/jdk/java/awt/Robot/ModifierRobotKey/\n /ModifierRobotKeyTest.java fails on ubuntu 23.04\n + JDK-8312140: jdk/jshell tests failed with JDI socket timeouts\n + JDK-8312200: Fix Parse::catch_call_exceptions memory leak\n + JDK-8312229: Crash involving yield, switch and anonymous classes\n + JDK-8313674: (fc) java/nio/channels/FileChannel/\n /BlockDeviceSize.java should test for more block devices\n + JDK-8313697: [XWayland][Screencast] consequent getPixelColor\n calls are slow\n + JDK-8313983: jmod create --target-platform should replace\n existing ModuleTarget attribute\n + JDK-8314163: os::print_hex_dump prints incorrectly for big\n endian platforms and unit sizes larger than 1\n + JDK-8314225: SIGSEGV in JavaThread::is_lock_owned\n + JDK-8314515: java/util/concurrent/SynchronousQueue/\n /Fairness.java failed with \u0027Error: fair=false i=8 j=0\u0027\n + JDK-8314614: jdk/jshell/ImportTest.java failed with\n \u0027InternalError: Failed remote listen\u0027\n + JDK-8315024: Vector API FP reduction tests should not test\n for exact equality\n + JDK-8315031: YoungPLABSize and OldPLABSize not aligned by\n ObjectAlignmentInBytes\n + JDK-8315422: getSoTimeout() would be in try block in\n SSLSocketImpl\n + JDK-8315505: CompileTask timestamp printed can overflow\n + JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java\n fails after JDK-8314837\n + JDK-8315804: Open source several Swing JTabbedPane JTextArea\n JTextField tests\n + JDK-8315923: pretouch_memory by atomic-add-0 fragments huge\n pages unexpectedly\n + JDK-8315965: Open source various AWT applet tests\n + JDK-8315969: compiler/rangechecks/\n /TestRangeCheckHoistingScaledIV.java: make flagless\n + JDK-8316104: Open source several Swing SplitPane and\n RadioButton related tests\n + JDK-8316131: runtime/cds/appcds/TestParallelGCWithCDS.java\n fails with JNI error\n + JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java\n java.lang.Exception: Could not find leak\n + JDK-8316211: Open source several manual applet tests\n + JDK-8316240: Open source several add/remove MenuBar manual tests\n + JDK-8316285: Opensource JButton manual tests\n + JDK-8316306: Open source and convert manual Swing test\n + JDK-8316328: Test jdk/jfr/event/oldobject/\n /TestSanityDefault.java times out for some heap sizes\n + JDK-8316361: C2: assert(!failure) failed: Missed optimization\n opportunity in PhaseIterGVN with -XX:VerifyIterativeGVN=10\n + JDK-8316389: Open source few AWT applet tests\n + JDK-8316756: C2 EA fails with \u0027missing memory path\u0027 when\n encountering unsafe_arraycopy stub call\n + JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java\n + JDK-8317128: java/nio/file/Files/CopyAndMove.java failed with\n AccessDeniedException\n + JDK-8317240: Promptly free OopMapEntry after fail to insert\n the entry to OopMapCache\n + JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java:\n Press on the outside area didn\u0027t cause ungrab\n + JDK-8317299: safepoint scalarization doesn\u0027t keep track of\n the depth of the JVM state\n + JDK-8317360: Missing null checks in JfrCheckpointManager and\n JfrStringPool initialization routines\n + JDK-8317372: Refactor some NumberFormat tests to use JUnit\n + JDK-8317446: ProblemList gc/arguments/TestNewSizeFlags.java\n on macosx-aarch64 in Xcomp\n + JDK-8317449: ProblemList serviceability/jvmti/stress/\n /StackTrace/NotSuspended/\n /GetStackTraceNotSuspendedStressTest.java on several platforms\n + JDK-8317635: Improve GetClassFields test to verify\n correctness of field order\n + JDK-8317696: Fix compilation with clang-16\n + JDK-8317738: CodeCacheFullCountTest failed with\n \u0027VirtualMachineError: Out of space in CodeCache for method\n handle intrinsic\u0027\n + JDK-8317831: compiler/codecache/CheckLargePages.java fails on\n OL 8.8 with unexpected memory string\n + JDK-8318071: IgnoreUnrecognizedVMOptions flag still causes\n failure in ArchiveHeapTestClass\n + JDK-8318479: [jmh] the test security.CacheBench failed for\n multiple threads run\n + JDK-8318605: Enable parallelism in\n vmTestbase/nsk/stress/stack tests\n + JDK-8319197: Exclude hb-subset and hb-style from compilation\n + JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates\n + JDK-8319773: Avoid inflating monitors when installing hash\n codes for LM_LIGHTWEIGHT\n + JDK-8319793: C2 compilation fails with \u0027Bad graph detected in\n build_loop_late\u0027 after JDK-8279888\n + JDK-8319817: Charset constructor should make defensive copy of aliases\n + JDK-8319818: Address GCC 13.2.0 warnings (stringop-overflow\n and dangling-pointer)\n + JDK-8320079: The ArabicBox.java test has no control buttons\n + JDK-8320212: Disable GCC stringop-overflow warning for affected files\n + JDK-8320379: C2: Sort spilling/unspilling sequence for better\n ld/st merging into ldp/stp on AArch64\n + JDK-8320602: Lock contention in SchemaDVFactory.getInstance()\n + JDK-8320608: Many jtreg printing tests are missing the\n @printer keyword\n + JDK-8320655: awt screencast robot spin and sync issues with\n native libpipewire api\n + JDK-8320675: PrinterJob/SecurityDialogTest.java hangs\n + JDK-8320945: problemlist tests failing on latest Windows 11 update\n + JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2\n + JDK-8321176: [Screencast] make a second attempt on screencast failure\n + JDK-8321206: Make Locale related system properties\n `StaticProperty`\n + JDK-8321220: JFR: RecordedClass reports incorrect modifiers\n + JDK-8321278: C2: Partial peeling fails with assert \u0027last_peel\n \u003c- first_not_peeled\u0027\n + JDK-8321509: False positive in get_trampoline fast path\n causes crash\n + JDK-8321933: TestCDSVMCrash.java spawns two processes\n + JDK-8322008: Exclude some CDS tests from running with -Xshare:off\n + JDK-8322062: com/sun/jdi/JdwpAllowTest.java does not performs\n negative testing with prefix length\n + JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC\n + JDK-8322726: C2: Unloaded signature class kills argument value\n + JDK-8322743: C2: prevent lock region elimination in OSR compilation\n + JDK-8322766: Micro bench SSLHandshake should use default algorithms\n + JDK-8322881: java/nio/file/Files/CopyMoveVariations.java\n fails with AccessDeniedException due to permissions of files in /tmp\n + JDK-8322971: KEM.getInstance() should check if a 3rd-party\n security provider is signed\n + JDK-8322996: BoxLockNode creation fails with assert(reg \u003c\n CHUNK_SIZE) failed: sanity\n + JDK-8323122: AArch64: Increase itable stub size estimate\n + JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java\n failed with \u0027Events are not ordered! Reuse = false\u0027\n + JDK-8323274: C2: array load may float above range check\n + JDK-8323552: AbstractMemorySegmentImpl#mismatch returns -1\n when comparing distinct areas of the same instance of MemorySegment\n + JDK-8323577: C2 SuperWord: remove AlignVector restrictions on\n IR tests added in JDK-8305055\n + JDK-8323584: AArch64: Unnecessary ResourceMark in\n NativeCall::set_destination_mt_safe\n + JDK-8323670: A few client tests intermittently throw\n ConcurrentModificationException\n + JDK-8323682: C2: guard check is not generated in\n Arrays.copyOfRange intrinsic when allocation is eliminated by EA\n + JDK-8323782: Race: Thread::interrupt vs.\n AbstractInterruptibleChannel.begin\n + JDK-8323801: \u003cs\u003e tag doesn\u0027t strikethrough the text\n + JDK-8323972: C2 compilation fails with\n assert(!x-\u003eas_Loop()-\u003eis_loop_nest_inner_loop()) failed: loop\n was transformed\n + JDK-8324174: assert(m-\u003eis_entered(current)) failed: invariant\n + JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max\n limit on macOS \u003e= 10.6 for RLIMIT_NOFILE\n + JDK-8324580: SIGFPE on THP initialization on kernels \u003c 4.10\n + JDK-8324641: [IR Framework] Add Setup method to provide\n custom arguments and set fields\n + JDK-8324668: JDWP process management needs more efficient\n file descriptor handling\n + JDK-8324755: Enable parallelism in\n vmTestbase/gc/gctests/LargeObjects tests\n + JDK-8324781: runtime/Thread/TestAlwaysPreTouchStacks.java\n failed with Expected a higher ratio between stack committed and reserved\n + JDK-8324808: Manual printer tests have no Pass/Fail buttons,\n instructions close set 3\n + JDK-8324969: C2: prevent elimination of unbalanced coarsened locking regions\n + JDK-8324983: Race in CompileBroker::possibly_add_compiler_threads\n + JDK-8325022: Incorrect error message on client authentication\n + JDK-8325037: x86: enable and fix\n hotspot/jtreg/compiler/vectorization/TestRoundVectFloat.java\n + JDK-8325083: jdk/incubator/vector/Double512VectorTests.java\n crashes in Assembler::vex_prefix_and_encode\n + JDK-8325179: Race in BasicDirectoryModel.validateFileCache\n + JDK-8325218: gc/parallel/TestAlwaysPreTouchBehavior.java fails\n + JDK-8325382: (fc) FileChannel.transferTo throws IOException\n when position equals size\n + JDK-8325384: sun/security/ssl/SSLSessionImpl/\n /ResumptionUpdateBoundValues.java failing intermittently when\n main thread is a virtual thread\n + JDK-8325469: Freeze/Thaw code can crash in the presence of OSR frames\n + JDK-8325494: C2: Broken graph after not skipping CastII node\n anymore for Assertion Predicates after JDK-8309902\n + JDK-8325520: Vector loads and stores with indices and masks\n incorrectly compiled\n + JDK-8325542: CTW: Runner can produce negative StressSeed\n + JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM\n + JDK-8325616: JFR ZGC Allocation Stall events should record\n stack traces\n + JDK-8325620: HTMLReader uses ConvertAction instead of\n specified CharacterAction for \u003cb\u003e, \u003ci\u003e, \u003cu\u003e\n + JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes\n survive minor garbage collections\n + JDK-8325763: Revert properties: vm.opt.x.*\n + JDK-8326106: Write and clear stack trace table outside of safepoint\n + JDK-8326129: Java Record Pattern Match leads to infinite loop\n + JDK-8326332: Unclosed inline tags cause misalignment in\n summary tables\n + JDK-8326717: Disable stringop-overflow in shenandoahLock.cpp\n + JDK-8326734: text-decoration applied to \u003cspan\u003e lost when\n mixed with \u003cu\u003e or \u003cs\u003e\n + JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails\n + JDK-8327040: Problemlist ActionListenerCalledTwiceTest.java\n test failing in macos14\n + JDK-8327137: Add test for ConcurrentModificationException in\n BasicDirectoryModel\n + JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug\n + JDK-8327423: C2 remove_main_post_loops: check if main-loop\n belongs to pre-loop, not just assert\n + JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java\n on all platforms with ZGC\n + JDK-8327501: Common ForkJoinPool prevents class unloading in some cases\n + JDK-8327650: Test java/nio/channels/DatagramChannel/\n /StressNativeSignal.java timed out\n + JDK-8327787: Convert javax/swing/border/Test4129681.java\n applet test to main\n + JDK-8327840: Automate javax/swing/border/Test4129681.java\n + JDK-8327990: [macosx-aarch64] Various tests fail with\n -XX:+AssertWXAtThreadSync\n + JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/\n /GetBoundsResizeTest.java applet test to main\n + JDK-8328075: Shenandoah: Avoid forwarding when objects don\u0027t move in full-GC\n + JDK-8328110: Allow simultaneous use of PassFailJFrame with\n split UI and additional windows\n + JDK-8328115: Convert java/awt/font/TextLayout/\n /TestJustification.html applet test to main\n + JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest\n to automatic main test\n + JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html\n + JDK-8328234: Remove unused nativeUtils files\n + JDK-8328238: Convert few closed manual applet tests to main\n + JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful\n + JDK-8328273: sun/management/jmxremote/bootstrap/\n /RmiRegistrySslTest.java failed with\n java.rmi.server.ExportException: Port already in use\n + JDK-8328366: Thread.setContextClassloader from thread in FJP\n commonPool task no longer works after JDK-8327501\n + JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/\n /ClickDuringKeypress.java imports Applet\n + JDK-8328561: test java/awt/Robot/ManualInstructions/\n /ManualInstructions.java isn\u0027t used\n + JDK-8328642: Convert applet test\n MouseDraggedOutCauseScrollingTest.html to main\n + JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp\n + JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization\n + JDK-8328785: IOException: Symbol not found: C_GetInterface\n for PKCS11 interface prior to V3.0\n + JDK-8328896: Fontmetrics for large Fonts has zero width\n + JDK-8328953: JEditorPane.read throws ChangedCharSetException\n + JDK-8328999: Update GIFlib to 5.2.2\n + JDK-8329004: Update Libpng to 1.6.43\n + JDK-8329088: Stack chunk thawing races with concurrent GC stack iteration\n + JDK-8329103: assert(!thread-\u003ein_asgct()) failed during\n multi-mode profiling\n + JDK-8329126: No native wrappers generated anymore with\n -XX:-TieredCompilation after JDK-8251462\n + JDK-8329134: Reconsider TLAB zapping\n + JDK-8329258: TailCall should not use frame pointer register for jump target\n + JDK-8329510: Update ProblemList for\n JFileChooser/8194044/FileSystemRootTest.java\n + JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed\n because The End and Start buttons are not placed correctly and\n Tab focus does not move as expected\n + JDK-8329665: fatal error: memory leak: allocating without ResourceMark\n + JDK-8329667: [macos] Issue with JTree related fix for\n JDK-8317771\n + JDK-8329995: Restricted access to `/proc` can cause JFR\n initialization to crash\n + JDK-8330027: Identity hashes of archived objects must be\n based on a reproducible random seed\n + JDK-8330063: Upgrade jQuery to 3.7.1\n + JDK-8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries\n + JDK-8330146: assert(!_thread-\u003eis_in_any_VTMS_transition()) failed\n + JDK-8330520: linux clang build fails in os_linux.cpp with\n static_assert with no message is a C++17 extension\n + JDK-8330576: ZYoungCompactionLimit should have range check\n + JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)\n + JDK-8330748: ByteArrayOutputStream.writeTo(OutputStream) pins carrier\n + JDK-8330814: Cleanups for KeepAliveCache tests\n + JDK-8330819: C2 SuperWord: bad dominance after pre-loop limit\n adjustment with base that has CastLL after pre-loop\n + JDK-8330849: Add test to verify memory usage with recursive locking\n + JDK-8330981: ZGC: Should not dedup strings in the finalizer graph\n + JDK-8331011: [XWayland] TokenStorage fails under Security Manager\n + JDK-8331063: Some HttpClient tests don\u0027t report leaks\n + JDK-8331077: nroff man page update for jar tool\n + JDK-8331142: Add test for number of loader threads in BasicDirectoryModel\n + JDK-8331153: JFR: Improve logging of\n jdk/jfr/api/consumer/filestream/TestOrdered.java\n + JDK-8331164: createJMHBundle.sh download jars fail when url\n needed to be redirected\n + JDK-8331266: Bump update version for OpenJDK: jdk-21.0.5\n + JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS\n + JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock\n + JDK-8331421: ubsan: vmreg.cpp checking error member call on\n misaligned address\n + JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows only\n + JDK-8331518: Tests should not use the \u0027Classpath\u0027 exception\n form of the legal header\n + JDK-8331572: Allow using OopMapCache outside of STW GC phases\n + JDK-8331573: Rename CollectedHeap::is_gc_active to be\n explicitly about STW GCs\n + JDK-8331575: C2: crash when ConvL2I is split thru phi at LongCountedLoop\n + JDK-8331605:\n jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure\n + JDK-8331626: unsafe.cpp:162:38: runtime error in\n index_oop_from_field_offset_long - applying non-zero offset\n 4563897424 to null pointer\n + JDK-8331714: Make OopMapCache installation lock-free\n + JDK-8331731: ubsan: relocInfo.cpp:155:30: runtime error:\n applying non-zero offset to null pointer\n + JDK-8331746: Create a test to verify that the cmm id is not ignored\n + JDK-8331771: ZGC: Remove OopMapCacheAlloc_lock ordering workaround\n + JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error:\n load of value 208, which is not a valid value for type \u0027bool\u0027\n + JDK-8331798: Remove unused arg of checkErgonomics() in\n TestMaxHeapSizeTools.java\n + JDK-8331854: ubsan: copy.hpp:218:10: runtime error: addition\n of unsigned offset to 0x7fc2b4024518 overflowed to 0x7fc2b4024510\n + JDK-8331863: DUIterator_Fast used before it is constructed\n + JDK-8331885: C2: meet between unloaded and speculative types\n is not symmetric\n + JDK-8331931: JFR: Avoid loading regex classes during startup\n + JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java\n frequently fails on Windows in CI\n + JDK-8332008: Enable issuestitle check\n + JDK-8332113: Update nsk.share.Log to be always verbose\n + JDK-8332154: Memory leak in SynchronousQueue\n + JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml\n + JDK-8332248: (fc) java/nio/channels/FileChannel/\n /BlockDeviceSize.java failed with RuntimeException\n + JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16\n + JDK-8332431: NullPointerException in JTable of SwingSet2\n + JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error:\n null pointer passed as argument 1, which is declared to never be null\n + JDK-8332490: JMH org.openjdk.bench.java.util.zip\n .InflaterInputStreams.inflaterInputStreamRead OOM\n + JDK-8332499: Gtest codestrings.validate_vm fail on linux x64 when hsdis is present\n + JDK-8332524: Instead of printing \u0027TLSv1.3,\u0027 it is showing \u0027TLS13\u0027\n + JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5:\n runtime error: null pointer passed as argument 2, which is\n declared to never be null\n + JDK-8332675: test/hotspot/jtreg/gc/testlibrary/Helpers.java\n compileClass javadoc does not match after 8321812\n + JDK-8332699: ubsan: jfrEventSetting.inline.hpp:31:43: runtime\n error: index 163 out of bounds for type \u0027jfrNativeEventSetting [162]\u0027\n + JDK-8332717: ZGC: Division by zero in heuristics\n + JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error:\n member call on null pointer of type \u0027struct Array\u0027\n + JDK-8332818: ubsan: archiveHeapLoader.cpp:70:27: runtime\n error: applying non-zero offset 18446744073707454464 to null pointer\n + JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error:\n null pointer passed as argument 2, which is declared to never be null\n + JDK-8332885: Clarify failure_handler self-tests\n + JDK-8332894: ubsan: vmError.cpp:2090:26: runtime error: division by zero\n + JDK-8332898: failure_handler: log directory of commands\n + JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error:\n load of value 171, which is not a valid value for type \u0027bool\u0027\n + JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21:\n runtime error: signed integer overflow: 9223372036854775807 + 1\n cannot be represented in type \u0027long int\u0027\n + JDK-8332905: C2 SuperWord: bad AD file, with RotateRightV and\n first operand not a pack\n + JDK-8332920: C2: Partial Peeling is wrongly applied for CmpU\n with negative limit\n + JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched\n JNINativeInterface tables, check for new entries\n + JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/\n /TestDescription.java fails with no GC\u0027s recorded\n + JDK-8332959: C2: ZGC fails with \u0027Incorrect load shift\u0027 when\n invoking Object.clone() reflectively on an array\n + JDK-8333088: ubsan: shenandoahAdaptiveHeuristics.cpp:245:44:\n runtime error: division by zero\n + JDK-8333093: Incorrect comment in zAddress_aarch64.cpp\n + JDK-8333099: Missing check for is_LoadVector in StoreNode::Identity\n + JDK-8333149: ubsan : memset on nullptr target detected in\n jvmtiEnvBase.cpp get_object_monitor_usage\n + JDK-8333178: ubsan: jvmti_tools.cpp:149:16: runtime error:\n null pointer passed as argument 2, which is declared to never be null\n + JDK-8333270: HandlersOnComplexResetUpdate and\n HandlersOnComplexUpdate tests fail with \u0027Unexpected reference\u0027\n if timeoutFactor is less than 1/3\n + JDK-8333277: ubsan: mlib_ImageScanPoly.c:292:43: runtime\n error: division by zero\n + JDK-8333353: Delete extra empty line in CodeBlob.java\n + JDK-8333354: ubsan: frame.inline.hpp:91:25: and\n src/hotspot/share/runtime/frame.inline.hpp:88:29: runtime\n error: member call on null pointer of type \u0027const struct SmallRegisterMap\u0027\n + JDK-8333361: ubsan,test : libHeapMonitorTest.cpp:518:9:\n runtime error: null pointer passed as argument 2, which is\n declared to never be null\n + JDK-8333363: ubsan: instanceKlass.cpp: runtime error: member\n call on null pointer of type \u0027struct AnnotationArray\u0027\n + JDK-8333366: C2: CmpU3Nodes are not pushed back to worklist\n in PhaseCCP leading to non-fixpoint assertion failure\n + JDK-8333398: Uncomment the commented test in test/jdk/java/\n /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java\n + JDK-8333462: Performance regression of new DecimalFormat()\n when compare to jdk11\n + JDK-8333477: Delete extra empty spaces in Makefiles\n + JDK-8333542: Breakpoint in parallel code does not work\n + JDK-8333622: ubsan: relocInfo_x86.cpp:101:56: runtime error:\n pointer index expression with base (-1) overflowed\n + JDK-8333639: ubsan: cppVtables.cpp:81:55: runtime error:\n index 14 out of bounds for type \u0027long int [1]\u0027\n + JDK-8333652: RISC-V: compiler/vectorapi/\n /VectorGatherMaskFoldingTest.java fails when using RVV\n + JDK-8333716: Shenandoah: Check for disarmed method before\n taking the nmethod lock\n + JDK-8333724: Problem list security/infra/java/security/cert/\n /CertPathValidator/certification/CAInterop.java\n #teliasonerarootcav1\n + JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw\n an exception with 0 failures\n + JDK-8333887: ubsan: unsafe.cpp:247:13: runtime error: store\n to null pointer of type \u0027volatile int\u0027\n + JDK-8334078: RISC-V: TestIntVect.java fails after JDK-8332153\n when running without RVV\n + JDK-8334123: log the opening of Type 1 fonts\n + JDK-8334166: Enable binary check\n + JDK-8334239: Introduce macro for ubsan method/function exclusions\n + JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java\n should not depend on SecurityManager\n + JDK-8334332: TestIOException.java fails if run by root\n + JDK-8334333: MissingResourceCauseTestRun.java fails if run by root\n + JDK-8334339: Test java/nio/file/attribute/\n /BasicFileAttributeView/CreationTime.java fails on alinux3\n + JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14\n + JDK-8334421: assert(!oldbox-\u003eis_unbalanced()) failed: this\n should not be called for unbalanced region\n + JDK-8334482: Shenandoah: Deadlock when safepoint is pending\n during nmethods iteration\n + JDK-8334592: ProblemList serviceability/jvmti/stress/\n /StackTrace/NotSuspended/\n /GetStackTraceNotSuspendedStressTest.java in jdk21 on all platforms\n + JDK-8334594: Generational ZGC: Deadlock after OopMap rewrites in 8331572\n + JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java\n fails on linux-aarch64\n + JDK-8334618: ubsan: support setting additional ubsan check options\n + JDK-8334653: ISO 4217 Amendment 177 Update\n + JDK-8334769: Shenandoah: Move CodeCache_lock close to its use\n in ShenandoahConcurrentNMethodIterator\n + JDK-8334867: Add back assertion from JDK-8325494\n + JDK-8335007: Inline OopMapCache table\n + JDK-8335134: Test com/sun/jdi/BreakpointOnClassPrepare.java timeout\n + JDK-8335150: Test LogGeneratedClassesTest.java fails on\n rpmbuild mock enviroment\n + JDK-8335237: ubsan: vtableStubs.hpp is_vtable_stub exclude\n from ubsan checks\n + JDK-8335283: Build failure due to \u0027no_sanitize\u0027 attribute directive ignored\n + JDK-8335409: Can\u0027t allocate and retain memory from resource\n area in frame::oops_interpreted_do oop closure after 8329665\n + JDK-8335493: check_gc_overhead_limit should reset\n SoftRefPolicy::_should_clear_all_soft_refs\n + JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true\n + JDK-8335743: jhsdb jstack cannot print some information on\n the waiting thread\n + JDK-8335775: Remove extraneous \u0027s\u0027 in comment of\n rawmonitor.cpp test file\n + JDK-8335904: Fix invalid comment in ShenandoahLock\n + JDK-8335967: \u0027text-decoration: none\u0027 does not work with \u0027A\u0027 HTML tags\n + JDK-8336284: Test TestClhsdbJstackLock.java/\n TestJhsdbJstackLock.java fails with -Xcomp after JDK-8335743\n + JDK-8336301: test/jdk/java/nio/channels/\n /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion\n + JDK-8336342: Fix known X11 library locations in sysroot\n + JDK-8336343: Add more known sysroot library locations for ALSA\n + JDK-8336926: jdk/internal/util/ReferencedKeyTest.java can\n fail with ConcurrentModificationException\n + JDK-8336928: GHA: Bundle artifacts removal broken\n + JDK-8337038: Test java/nio/file/attribute/\n /BasicFileAttributeView/CreationTime.java shoud set as /native\n + JDK-8337283: configure.log is truncated when build dir is on\n different filesystem\n + JDK-8337622: IllegalArgumentException in java.lang.reflect.Field.get\n + JDK-8337664: Distrust TLS server certificates issued after\n Oct 2024 and anchored by Entrust Root CAs\n + JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods\n are inconsistent with their setVerbose methods\n + JDK-8338286: GHA: Demote x86_32 to hotspot build only\n + JDK-8338696: (fs) BasicFileAttributes.creationTime() falls\n back to epoch if birth time is unavailable (Linux)\n + JDK-8339869: [21u] Test CreationTime.java fails with\n UnsatisfiedLinkError after 8334339\n + JDK-8341057: Add 2 SSL.com TLS roots\n + JDK-8341059: Change Entrust TLS distrust date to November 12, 2024\n + JDK-8341674: [21u] Remove designator\n DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.5\n + JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3954,SUSE-SLE-Module-Basesystem-15-SP6-2024-3954,openSUSE-SLE-15.6-2024-3954",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3954-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3954-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243954-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3954-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019802.html"
},
{
"category": "self",
"summary": "SUSE Bug 1231702",
"url": "https://bugzilla.suse.com/1231702"
},
{
"category": "self",
"summary": "SUSE Bug 1231711",
"url": "https://bugzilla.suse.com/1231711"
},
{
"category": "self",
"summary": "SUSE Bug 1231716",
"url": "https://bugzilla.suse.com/1231716"
},
{
"category": "self",
"summary": "SUSE Bug 1231719",
"url": "https://bugzilla.suse.com/1231719"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21208 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21217 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21235 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21235/"
}
],
"title": "Security update for java-21-openjdk",
"tracking": {
"current_release_date": "2024-11-08T13:10:02Z",
"generator": {
"date": "2024-11-08T13:10:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3954-1",
"initial_release_date": "2024-11-08T13:10:02Z",
"revision_history": [
{
"date": "2024-11-08T13:10:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"product": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"product_id": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-21.0.5.0-150600.3.6.3.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.i586",
"product": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.i586",
"product_id": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"product": {
"name": "java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"product_id": "java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"product": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"product_id": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"product": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"product_id": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64",
"product": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64",
"product_id": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch"
},
"product_reference": "java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64"
},
"product_reference": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le"
},
"product_reference": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x"
},
"product_reference": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
},
"product_reference": "java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21208"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21208",
"url": "https://www.suse.com/security/cve/CVE-2024-21208"
},
{
"category": "external",
"summary": "SUSE Bug 1231702 for CVE-2024-21208",
"url": "https://bugzilla.suse.com/1231702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-08T13:10:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-21208"
},
{
"cve": "CVE-2024-21210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21210"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21210",
"url": "https://www.suse.com/security/cve/CVE-2024-21210"
},
{
"category": "external",
"summary": "SUSE Bug 1231711 for CVE-2024-21210",
"url": "https://bugzilla.suse.com/1231711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-08T13:10:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-21210"
},
{
"cve": "CVE-2024-21217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21217"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21217",
"url": "https://www.suse.com/security/cve/CVE-2024-21217"
},
{
"category": "external",
"summary": "SUSE Bug 1231716 for CVE-2024-21217",
"url": "https://bugzilla.suse.com/1231716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-08T13:10:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-21217"
},
{
"cve": "CVE-2024-21235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21235"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21235",
"url": "https://www.suse.com/security/cve/CVE-2024-21235"
},
{
"category": "external",
"summary": "SUSE Bug 1231719 for CVE-2024-21235",
"url": "https://bugzilla.suse.com/1231719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.5.0-150600.3.6.3.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.5.0-150600.3.6.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-08T13:10:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-21235"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…