suse-su-2025:1429-1
Vulnerability from csaf_suse
Published
2025-05-02 08:10
Modified
2025-05-02 08:10
Summary
Security update for java-21-openjdk
Notes
Title of the patch
Security update for java-21-openjdk
Description of the patch
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.7+6 (April 2025 CPU)
CVEs fixed:
+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)
Changes:
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/
/StressLoopback.java times out (aix)
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB
tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in
FileChooser Dialog
+ JDK-8227529: With malformed --app-image the error messages
are awful
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism
are problematic
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295159: DSO created with -ffast-math breaks Java
floating-point arithmetic
+ JDK-8302111: Serialization considerations
+ JDK-8304701: Request with timeout aborts later in-flight
request on HTTP/1.1 cxn
+ JDK-8309841: Jarsigner should print a warning if an entry is
removed
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/
/TestDependencyOffsets.java fails on 512-bit SVE
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with java.lang.RuntimeException:
wrong next drop action!
+ JDK-8313905: Checked_cast assert in CDS compare_by_loader
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails
with java.lang.AssertionError: Expected [0]. Actual [1618]:
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd does not
inform about missing aggregate
+ JDK-8317283: jpackage tests run osx-specific checks on
windows and linux
+ JDK-8317636: Improve heap walking API tests to verify
correctness of field indexes
+ JDK-8317808: HTTP/2 stream cancelImpl may leave subscriber
registered
+ JDK-8317919: pthread_attr_init handle return value and
destroy pthread_attr_t object
+ JDK-8319233: AArch64: Build failure with clang due to
-Wformat-nonliteral warning
+ JDK-8320372: test/jdk/sun/security/x509/DNSName/
/LeadingPeriod.java validity check failed
+ JDK-8320676: Manual printer tests have no Pass/Fail buttons,
instructions close set 1
+ JDK-8320691: Timeout handler on Windows takes 2 hours to
complete
+ JDK-8320706: RuntimePackageTest.testUsrInstallDir test fails
on Linux
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with 'OutOfMemoryError: GC overhead limit exceeded'
+ JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java
failed with 'Cannot read the array length because '<local4>'
is null'
+ JDK-8322983: Virtual Threads: exclude 2 tests
+ JDK-8324672: Update jdk/java/time/tck/java/time/
/TCKInstant.java now() to be more robust
+ JDK-8324807: Manual printer tests have no Pass/Fail buttons,
instructions close set 2
+ JDK-8324838: test_nmt_locationprinting.cpp broken in the gcc
windows build
+ JDK-8325042: Remove unused JVMDITools test files
+ JDK-8325529: Remove unused imports from `ModuleGenerator`
test file
+ JDK-8325659: Normalize Random usage by incubator vector tests
+ JDK-8325937: runtime/handshake/HandshakeDirectTest.java
causes 'monitor end should be strictly below the frame
pointer' assertion failure on AArch64
+ JDK-8326421: Add jtreg test for large arrayCopy disjoint case.
+ JDK-8326525: com/sun/tools/attach/BasicTests.java does not
verify AgentLoadException case
+ JDK-8327098: GTest needs larger combination limit
+ JDK-8327390: JitTester: Implement temporary folder
functionality
+ JDK-8327460: Compile tests with the same visibility rules as
product code
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8327505: Test com/sun/jmx/remote/
/NotificationMarshalVersions/TestSerializationMismatch.java
fails
+ JDK-8327857: Remove applet usage from JColorChooser tests
Test4222508
+ JDK-8327859: Remove applet usage from JColorChooser tests
Test4319113
+ JDK-8327986: ASAN reports use-after-free in
DirectivesParserTest.empty_object_vm
+ JDK-8327994: Update code gen in CallGeneratorHelper
+ JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet
test to main
+ JDK-8328085: C2: Use after free in
PhaseChaitin::Register_Allocate()
+ JDK-8328121: Remove applet usage from JColorChooser tests
Test4759306
+ JDK-8328130: Remove applet usage from JColorChooser tests
Test4759934
+ JDK-8328185: Convert java/awt/image/MemoryLeakTest/
/MemoryLeakTest.java applet test to main
+ JDK-8328227: Remove applet usage from JColorChooser tests
Test4887836
+ JDK-8328368: Convert java/awt/image/multiresolution/
/MultiDisplayTest/MultiDisplayTest.java applet test to main
+ JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java
applet test to main
+ JDK-8328380: Remove applet usage from JColorChooser tests
Test6348456
+ JDK-8328387: Convert java/awt/Frame/FrameStateTest/
/FrameStateTest.html applet test to main
+ JDK-8328403: Remove applet usage from JColorChooser tests
Test6977726
+ JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/
/SwingSet2/src/DemoModule.java
+ JDK-8328558: Convert javax/swing/JCheckBox/8032667/
/bug8032667.java applet test to main
+ JDK-8328717: Convert javax/swing/JColorChooser/8065098/
/bug8065098.java applet test to main
+ JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html
applet test to main
+ JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html
applet test to main
+ JDK-8328753: Open source few Undecorated Frame tests
+ JDK-8328819: Remove applet usage from JFileChooser tests
bug6698013
+ JDK-8328827: Convert java/awt/print/PrinterJob/
/PrinterDialogsModalityTest/PrinterDialogsModalityTest.html
applet test to main
+ JDK-8329210: Delete Redundant Printer Dialog Modality Test
+ JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test
+ JDK-8329322: Convert PageFormat/Orient.java to use
PassFailJFrame
+ JDK-8329692: Add more details to FrameStateTest.java test
instructions
+ JDK-8330647: Two CDS tests fail with -UseCompressedOops and
UseSerialGC/UseParallelGC
+ JDK-8330702: Update failure handler to don't generate Error
message if cores actions are empty
+ JDK-8331735: UpcallLinker::on_exit races with GC when copying
frame anchor
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface to
v3.1
+ JDK-8331977: Crash: SIGSEGV in dlerror()
+ JDK-8331993: Add counting leading/trailing zero tests for
Integer
+ JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/
/EnterExitEvents/ResizingFrameTest.java
+ JDK-8332494: java/util/zip/EntryCount64k.java failing with
java.lang.RuntimeException: '\\A\\Z' missing from stderr
+ JDK-8332917: failure_handler should execute gdb 'info
threads' command on linux
+ JDK-8333116: test/jdk/tools/jpackage/share/ServiceTest.java
test fails
+ JDK-8333360: PrintNullString.java doesn't use float arguments
+ JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed:
Thread was never interrupted during sleep
+ JDK-8333403: Write a test to check various components events
are triggered properly
+ JDK-8333647: C2 SuperWord: some additional PopulateIndex tests
+ JDK-8334305: Remove all code for nsk.share.Log verbose mode
+ JDK-8334371: [AIX] Beginning with AIX 7.3 TL1 mmap() supports
64K memory pages
+ JDK-8334490: Normalize string with locale invariant
`toLowerCase()`
+ JDK-8334777: Test javax/management/remote/mandatory/notif/
/NotifReconnectDeadlockTest.java failed with
NullPointerException
+ JDK-8335288: SunPKCS11 initialization will call
C_GetMechanismInfo on unsupported mechanisms
+ JDK-8335468: [XWayland] JavaFX hangs when calling
java.awt.Robot.getPixelColor
+ JDK-8335789: [TESTBUG] XparColor.java test fails with Error.
Parse Exception: Invalid or unrecognized bugid: @
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8336498: [macos] [build]: install-file macro may run into
permission denied error
+ JDK-8336692: Redo fix for JDK-8284620
+ JDK-8336942: Improve test coverage for class loading elements
with annotations of different retentions
+ JDK-8337222: gc/TestDisableExplicitGC.java fails due to
unexpected CodeCache GC
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337660: C2: basic blocks with only BoxLock nodes are
wrongly treated as empty
+ JDK-8337692: Better TLS connection support
+ JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java
fails in OEL due to a slight color difference
+ JDK-8337951: Test sun/security/validator/samedn.sh
CertificateNotYetValidException: NotBefore validation
+ JDK-8337994: [REDO] Native memory leak when not recording any
events
+ JDK-8338100: C2: assert(!n_loop->is_member(get_loop(lca)))
failed: control must not be back in the loop
+ JDK-8338303: Linux ppc64le with toolchain clang - detection
failure in early JVM startup
+ JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java
failed
+ JDK-8338430: Improve compiler transformations
+ JDK-8338571: [TestBug] DefaultCloseOperation.java test not
working as expected wrt instruction after JDK-8325851 fix
+ JDK-8338595: Add more linesize for MIME decoder in macro
bench test Base64Decode
+ JDK-8338668: Test javax/swing/JFileChooser/8080628/
/bug8080628.java doesn't test for GTK L&F
+ JDK-8339154: Cleanups and JUnit conversion of
test/jdk/java/util/zip/Available.java
+ JDK-8339261: Logs truncated in test
javax/net/ssl/DTLS/DTLSRehandshakeTest.java
+ JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java
failed with java.net.SocketException: An established
connection was aborted by the software in your host machine
+ JDK-8339475: Clean up return code handling for pthread calls
in library coding
+ JDK-8339524: Clean up a few ExtendedRobot tests
+ JDK-8339542: compiler/codecache/CheckSegmentedCodeCache.java
fails
+ JDK-8339687: Rearrange reachabilityFence()s in
jdk.test.lib.util.ForceGC
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339834: Replace usages of -mx and -ms in some tests
+ JDK-8339883: Open source several AWT/2D related tests
+ JDK-8339902: Open source couple TextField related tests
+ JDK-8339943: Frame not disposed in
java/awt/dnd/DropActionChangeTest.java
+ JDK-8340078: Open source several 2D tests
+ JDK-8340116: test/jdk/sun/security/tools/jarsigner/
/PreserveRawManifestEntryAndDigest.java can fail due to regex
+ JDK-8340313: Crash due to invalid oop in nmethod after C1
patching
+ JDK-8340411: open source several 2D imaging tests
+ JDK-8340480: Bad copyright notices in changes from JDK-8339902
+ JDK-8340687: Open source closed frame tests #1
+ JDK-8340719: Open source AWT List tests
+ JDK-8340824: C2: Memory for TypeInterfaces not reclaimed by
hashcons()
+ JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java
should be marked as flagless
+ JDK-8341037: Use standard layouts in
DefaultFrameIconTest.java and MenuCrash.java
+ JDK-8341111: open source several AWT tests including menu
shortcut tests
+ JDK-8341135: Incorrect format string after JDK-8339475
+ JDK-8341194: [REDO] Implement C2 VectorizedHashCode on AArch64
+ JDK-8341316: [macos] javax/swing/ProgressMonitor/
/ProgressMonitorEscapeKeyPress.java fails sometimes in macos
+ JDK-8341412: Various test failures after JDK-8334305
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in
some cases where the test tables are not visible
+ JDK-8341715: PPC64: ObjectMonitor::_owner should be reset
unconditionally in nmethod unlocking
+ JDK-8341820: Check return value of hcreate_r
+ JDK-8341862: PPC64: C1 unwind_handler fails to unlock
synchronized methods with LM_MONITOR
+ JDK-8341881: [REDO] java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java#tmp fails on alinux3
+ JDK-8341978: Improve JButton/bug4490179.java
+ JDK-8341982: Simplify JButton/bug4323121.java
+ JDK-8342098: Write a test to compare the images
+ JDK-8342145: File libCreationTimeHelper.c compile fails on
Alpine
+ JDK-8342270: Test sun/security/pkcs11/Provider/
/RequiredMechCheck.java needs write access to src tree
+ JDK-8342498: Add test for Allocation elimination after use as
alignment reference by SuperWord
+ JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead
of delay
+ JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java
from running on macOS
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342602: Remove JButton/PressedButtonRightClickTest test
+ JDK-8342609: jpackage test helper function incorrectly
removes a directory instead of its contents only
+ JDK-8342634: javax/imageio/plugins/wbmp/
/WBMPStreamTruncateTest.java creates temp file in src dir
+ JDK-8342635: javax/swing/JFileChooser/FileSystemView/
/WindowsDefaultIconSizeTest.java creates tmp file in src dir
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java
failed: Unexpected connection count: 5
+ JDK-8342858: Make target mac-jdk-bundle fails on chmod command
+ JDK-8342988: GHA: Build JTReg in single step
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343100: Consolidate EmptyFolderTest and
EmptyFolderPackageTest jpackage tests into single java file
+ JDK-8343101: Rework BasicTest.testTemp test cases
+ JDK-8343102: Remove `--compress` from jlink command lines
from jpackage tests
+ JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/
/PrintCheckboxManualTest.java fails with Error. Can't find
HTML file PrintCheckboxManualTest.html
+ JDK-8343128: PassFailJFrame.java test result: Error. Bad
action for script: build}
+ JDK-8343129: Disable unstable check of
ThreadsListHandle.sanity_vm ThreadList values
+ JDK-8343144: UpcallLinker::on_entry racingly clears pending
exception with GC safepoints
+ JDK-8343149: Cleanup os::print_tos_pc on AIX
+ JDK-8343178: Test BasicTest.java javac compile fails cannot
find symbol
+ JDK-8343205: CompileBroker::possibly_add_compiler_threads
excessively polls available memory
+ JDK-8343314: Move common properties from jpackage jtreg test
declarations to TEST.properties file
+ JDK-8343343: Misc crash dump improvements on more platforms
after JDK-8294160
+ JDK-8343378: Exceptions in javax/management DeadLockTest.java
do not cause test failure
+ JDK-8343396: Use OperatingSystem, Architecture, and OSVersion
in jpackage tests
+ JDK-8343491: javax/management/remote/mandatory/connection/
/DeadLockTest.java failing with NoSuchObjectException: no such
object in table
+ JDK-8343599: Kmem limit and max values swapped when printing
container information
+ JDK-8343882: BasicAnnoTests doesn't handle multiple
annotations at the same position
+ JDK-8344275: tools/jpackage/windows/Win8301247Test.java fails
on localized Windows platform
+ JDK-8344326: Move jpackage tests from 'jdk.jpackage.tests'
package to the default package
+ JDK-8344581: [TESTBUG] java/awt/Robot/
/ScreenCaptureRobotTest.java failing on macOS
+ JDK-8344589: Update IANA Language Subtag Registry to Version
2024-11-19
+ JDK-8344646: The libjsig deprecation warning should go to
stderr not stdout
+ JDK-8345296: AArch64: VM crashes with SIGILL when prctl is
disallowed
+ JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java
fails on Windows Server 2025
+ JDK-8345370: Bump update version for OpenJDK: jdk-21.0.7
+ JDK-8345375: Improve debuggability of
test/jdk/java/net/Socket/CloseAvailable.java
+ JDK-8345414: Google CAInterop test failures
+ JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/
/bug4865918.java fails in ubuntu22.04
+ JDK-8345569: [ubsan] adjustments to filemap.cpp and
virtualspace.cpp for macOS aarch64
+ JDK-8345614: Improve AnnotationFormatError message for
duplicate annotation interfaces
+ JDK-8345676: [ubsan] ProcessImpl_md.c:561:40: runtime error:
applying zero offset to null pointer on macOS aarch64
+ JDK-8345684: OperatingSystemMXBean.getSystemCpuLoad() throws
NPE
+ JDK-8345750: Shenandoah: Test TestJcmdHeapDump.java#aggressive
intermittent assert(gc_cause() == GCCause::_no_gc) failed:
Over-writing cause
+ JDK-8346055: javax/swing/text/StyledEditorKit/4506788/
/bug4506788.java fails in ubuntu22.04
+ JDK-8346108: [21u][BACKOUT] 8337994: [REDO] Native memory
leak when not recording any events
+ JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java
fails in CI
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8346671: java/nio/file/Files/probeContentType/Basic.java
fails on Windows 2025
+ JDK-8346713: [testsuite] NeverActAsServerClassMachine breaks
TestPLABAdaptToMinTLABSize.java
TestPinnedHumongousFragmentation.java
TestPinnedObjectContents.java
+ JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java
still fails in CI
+ JDK-8346847: [s390x] minimal build failure
+ JDK-8346880: [aix] java/lang/ProcessHandle/InfoTest.java
still fails: 'reported cputime less than expected'
+ JDK-8346881: [ubsan] logSelection.cpp:154:24 /
logSelectionList.cpp:72:94 : runtime error: applying non-zero
offset 1 to null pointer
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8346972: Test java/nio/channels/FileChannel/
/LoopingTruncate.java fails sometimes with IOException: There
is not enough space on the disk
+ JDK-8347038: [JMH] jdk.incubator.vector.SpiltReplicate fails
NoClassDefFoundError
+ JDK-8347129: cpuset cgroups controller is required for no
good reason
+ JDK-8347171: (dc) java/nio/channels/DatagramChannel/
/InterruptibleOrNot.java fails with virtual thread factory
+ JDK-8347256: Epsilon: Demote heap size and AlwaysPreTouch
warnings to info level
+ JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime
error: division by zero
+ JDK-8347268: [ubsan] logOutput.cpp:357:21: runtime error:
applying non-zero offset 1 to null pointer
+ JDK-8347424: Fix and rewrite
sun/security/x509/DNSName/LeadingPeriod.java test
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347576: Error output in libjsound has non matching
format strings
+ JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java
failing
+ JDK-8347847: Enhance jar file support
+ JDK-8347911: Limit the length of inflated text chunks
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8348562: ZGC: segmentation fault due to missing node type
check in barrier elision analysis
+ JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old
java.awt.headless behavior on Windows
+ JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland
+ JDK-8349039: Adjust exception No type named <ThreadType> in
database
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8349729: [21u] AIX jtreg tests fail to compile with
qvisibility=hidden
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8353904: [21u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.7
- Update to upstream tag jdk-21.0.6+7 (January 2025 CPU)
Patchnames
SUSE-2025-1429,SUSE-SLE-Module-Basesystem-15-SP6-2025-1429,openSUSE-SLE-15.6-2025-1429
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-21-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-21-openjdk fixes the following issues:\n\nUpdate to upstream tag jdk-21.0.7+6 (April 2025 CPU)\n\nCVEs fixed:\n\n+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)\n+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)\n+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)\n\nChanges:\n\n + JDK-8198237: [macos] Test java/awt/Frame/\n /ExceptionOnSetExtendedStateTest/\n /ExceptionOnSetExtendedStateTest.java fails\n + JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/\n /StressLoopback.java times out (aix)\n + JDK-8226933: [TEST_BUG]GTK L\u0026F: There is no swatches or RGB\n tab in JColorChooser\n + JDK-8226938: [TEST_BUG]GTK L\u0026F: There is no Details button in\n FileChooser Dialog\n + JDK-8227529: With malformed --app-image the error messages\n are awful\n + JDK-8277240: java/awt/Graphics2D/ScaledTransform/\n /ScaledTransform.java dialog does not get disposed\n + JDK-8283664: Remove jtreg tag manual=yesno for\n java/awt/print/PrinterJob/PrintTextTest.java\n + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit\n access thread fields from native\n + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism\n are problematic\n + JDK-8294316: SA core file support is broken on macosx-x64\n starting with macOS 12.x\n + JDK-8295159: DSO created with -ffast-math breaks Java\n floating-point arithmetic\n + JDK-8302111: Serialization considerations\n + JDK-8304701: Request with timeout aborts later in-flight\n request on HTTP/1.1 cxn\n + JDK-8309841: Jarsigner should print a warning if an entry is\n removed\n + JDK-8311546: Certificate name constraints improperly\n validated with leading period\n + JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/\n /TestDependencyOffsets.java fails on 512-bit SVE\n + JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/\n /NextDropActionTest.java fails with java.lang.RuntimeException:\n wrong next drop action!\n + JDK-8313905: Checked_cast assert in CDS compare_by_loader\n + JDK-8314752: Use google test string comparison macros\n + JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails\n with java.lang.AssertionError: Expected [0]. Actual [1618]:\n + JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/\n /ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java\n timed out\n + JDK-8315825: Open some swing tests\n + JDK-8315882: Open some swing tests 2\n + JDK-8315883: Open source several Swing JToolbar tests\n + JDK-8315952: Open source several Swing JToolbar JTooltip\n JTree tests\n + JDK-8316056: Open source several Swing JTree tests\n + JDK-8316146: Open some swing tests 4\n + JDK-8316149: Open source several Swing JTree JViewport\n KeyboardManager tests\n + JDK-8316218: Open some swing tests 5\n + JDK-8316371: Open some swing tests 6\n + JDK-8316627: JViewport Test headless failure\n + JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd does not\n inform about missing aggregate\n + JDK-8317283: jpackage tests run osx-specific checks on\n windows and linux\n + JDK-8317636: Improve heap walking API tests to verify\n correctness of field indexes\n + JDK-8317808: HTTP/2 stream cancelImpl may leave subscriber\n registered\n + JDK-8317919: pthread_attr_init handle return value and\n destroy pthread_attr_t object\n + JDK-8319233: AArch64: Build failure with clang due to\n -Wformat-nonliteral warning\n + JDK-8320372: test/jdk/sun/security/x509/DNSName/\n /LeadingPeriod.java validity check failed\n + JDK-8320676: Manual printer tests have no Pass/Fail buttons,\n instructions close set 1\n + JDK-8320691: Timeout handler on Windows takes 2 hours to\n complete\n + JDK-8320706: RuntimePackageTest.testUsrInstallDir test fails\n on Linux\n + JDK-8320916: jdk/jfr/event/gc/stacktrace/\n /TestParallelMarkSweepAllocationPendingStackTrace.java failed\n with \u0027OutOfMemoryError: GC overhead limit exceeded\u0027\n + JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java\n failed with \u0027Cannot read the array length because \u0027\u003clocal4\u003e\u0027\n is null\u0027\n + JDK-8322983: Virtual Threads: exclude 2 tests\n + JDK-8324672: Update jdk/java/time/tck/java/time/\n /TCKInstant.java now() to be more robust\n + JDK-8324807: Manual printer tests have no Pass/Fail buttons,\n instructions close set 2\n + JDK-8324838: test_nmt_locationprinting.cpp broken in the gcc\n windows build\n + JDK-8325042: Remove unused JVMDITools test files\n + JDK-8325529: Remove unused imports from `ModuleGenerator`\n test file\n + JDK-8325659: Normalize Random usage by incubator vector tests\n + JDK-8325937: runtime/handshake/HandshakeDirectTest.java\n causes \u0027monitor end should be strictly below the frame\n pointer\u0027 assertion failure on AArch64\n + JDK-8326421: Add jtreg test for large arrayCopy disjoint case.\n + JDK-8326525: com/sun/tools/attach/BasicTests.java does not\n verify AgentLoadException case\n + JDK-8327098: GTest needs larger combination limit\n + JDK-8327390: JitTester: Implement temporary folder\n functionality\n + JDK-8327460: Compile tests with the same visibility rules as\n product code\n + JDK-8327476: Upgrade JLine to 3.26.1\n + JDK-8327505: Test com/sun/jmx/remote/\n /NotificationMarshalVersions/TestSerializationMismatch.java\n fails\n + JDK-8327857: Remove applet usage from JColorChooser tests\n Test4222508\n + JDK-8327859: Remove applet usage from JColorChooser tests\n Test4319113\n + JDK-8327986: ASAN reports use-after-free in\n DirectivesParserTest.empty_object_vm\n + JDK-8327994: Update code gen in CallGeneratorHelper\n + JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet\n test to main\n + JDK-8328085: C2: Use after free in\n PhaseChaitin::Register_Allocate()\n + JDK-8328121: Remove applet usage from JColorChooser tests\n Test4759306\n + JDK-8328130: Remove applet usage from JColorChooser tests\n Test4759934\n + JDK-8328185: Convert java/awt/image/MemoryLeakTest/\n /MemoryLeakTest.java applet test to main\n + JDK-8328227: Remove applet usage from JColorChooser tests\n Test4887836\n + JDK-8328368: Convert java/awt/image/multiresolution/\n /MultiDisplayTest/MultiDisplayTest.java applet test to main\n + JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java\n applet test to main\n + JDK-8328380: Remove applet usage from JColorChooser tests\n Test6348456\n + JDK-8328387: Convert java/awt/Frame/FrameStateTest/\n /FrameStateTest.html applet test to main\n + JDK-8328403: Remove applet usage from JColorChooser tests\n Test6977726\n + JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/\n /SwingSet2/src/DemoModule.java\n + JDK-8328558: Convert javax/swing/JCheckBox/8032667/\n /bug8032667.java applet test to main\n + JDK-8328717: Convert javax/swing/JColorChooser/8065098/\n /bug8065098.java applet test to main\n + JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html\n applet test to main\n + JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html\n applet test to main\n + JDK-8328753: Open source few Undecorated Frame tests\n + JDK-8328819: Remove applet usage from JFileChooser tests\n bug6698013\n + JDK-8328827: Convert java/awt/print/PrinterJob/\n /PrinterDialogsModalityTest/PrinterDialogsModalityTest.html\n applet test to main\n + JDK-8329210: Delete Redundant Printer Dialog Modality Test\n + JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test\n + JDK-8329322: Convert PageFormat/Orient.java to use\n PassFailJFrame\n + JDK-8329692: Add more details to FrameStateTest.java test\n instructions\n + JDK-8330647: Two CDS tests fail with -UseCompressedOops and\n UseSerialGC/UseParallelGC\n + JDK-8330702: Update failure handler to don\u0027t generate Error\n message if cores actions are empty\n + JDK-8331735: UpcallLinker::on_exit races with GC when copying\n frame anchor\n + JDK-8331959: Update PKCS#11 Cryptographic Token Interface to\n v3.1\n + JDK-8331977: Crash: SIGSEGV in dlerror()\n + JDK-8331993: Add counting leading/trailing zero tests for\n Integer\n + JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/\n /EnterExitEvents/ResizingFrameTest.java\n + JDK-8332494: java/util/zip/EntryCount64k.java failing with\n java.lang.RuntimeException: \u0027\\\\A\\\\Z\u0027 missing from stderr\n + JDK-8332917: failure_handler should execute gdb \u0027info\n threads\u0027 command on linux\n + JDK-8333116: test/jdk/tools/jpackage/share/ServiceTest.java\n test fails\n + JDK-8333360: PrintNullString.java doesn\u0027t use float arguments\n + JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed:\n Thread was never interrupted during sleep\n + JDK-8333403: Write a test to check various components events\n are triggered properly\n + JDK-8333647: C2 SuperWord: some additional PopulateIndex tests\n + JDK-8334305: Remove all code for nsk.share.Log verbose mode\n + JDK-8334371: [AIX] Beginning with AIX 7.3 TL1 mmap() supports\n 64K memory pages\n + JDK-8334490: Normalize string with locale invariant\n `toLowerCase()`\n + JDK-8334777: Test javax/management/remote/mandatory/notif/\n /NotifReconnectDeadlockTest.java failed with\n NullPointerException\n + JDK-8335288: SunPKCS11 initialization will call\n C_GetMechanismInfo on unsupported mechanisms\n + JDK-8335468: [XWayland] JavaFX hangs when calling\n java.awt.Robot.getPixelColor\n + JDK-8335789: [TESTBUG] XparColor.java test fails with Error.\n Parse Exception: Invalid or unrecognized bugid: @\n + JDK-8336012: Fix usages of jtreg-reserved properties\n + JDK-8336498: [macos] [build]: install-file macro may run into\n permission denied error\n + JDK-8336692: Redo fix for JDK-8284620\n + JDK-8336942: Improve test coverage for class loading elements\n with annotations of different retentions\n + JDK-8337222: gc/TestDisableExplicitGC.java fails due to\n unexpected CodeCache GC\n + JDK-8337494: Clarify JarInputStream behavior\n + JDK-8337660: C2: basic blocks with only BoxLock nodes are\n wrongly treated as empty\n + JDK-8337692: Better TLS connection support\n + JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java\n fails in OEL due to a slight color difference\n + JDK-8337951: Test sun/security/validator/samedn.sh\n CertificateNotYetValidException: NotBefore validation\n + JDK-8337994: [REDO] Native memory leak when not recording any\n events\n + JDK-8338100: C2: assert(!n_loop-\u003eis_member(get_loop(lca)))\n failed: control must not be back in the loop\n + JDK-8338303: Linux ppc64le with toolchain clang - detection\n failure in early JVM startup\n + JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java\n failed\n + JDK-8338430: Improve compiler transformations\n + JDK-8338571: [TestBug] DefaultCloseOperation.java test not\n working as expected wrt instruction after JDK-8325851 fix\n + JDK-8338595: Add more linesize for MIME decoder in macro\n bench test Base64Decode\n + JDK-8338668: Test javax/swing/JFileChooser/8080628/\n /bug8080628.java doesn\u0027t test for GTK L\u0026F\n + JDK-8339154: Cleanups and JUnit conversion of\n test/jdk/java/util/zip/Available.java\n + JDK-8339261: Logs truncated in test\n javax/net/ssl/DTLS/DTLSRehandshakeTest.java\n + JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java\n failed with java.net.SocketException: An established\n connection was aborted by the software in your host machine\n + JDK-8339475: Clean up return code handling for pthread calls\n in library coding\n + JDK-8339524: Clean up a few ExtendedRobot tests\n + JDK-8339542: compiler/codecache/CheckSegmentedCodeCache.java\n fails\n + JDK-8339687: Rearrange reachabilityFence()s in\n jdk.test.lib.util.ForceGC\n + JDK-8339728: [Accessibility,Windows,JAWS] Bug in the\n getKeyChar method of the AccessBridge class\n + JDK-8339810: Clean up the code in sun.tools.jar.Main to\n properly close resources and use ZipFile during extract\n + JDK-8339834: Replace usages of -mx and -ms in some tests\n + JDK-8339883: Open source several AWT/2D related tests\n + JDK-8339902: Open source couple TextField related tests\n + JDK-8339943: Frame not disposed in\n java/awt/dnd/DropActionChangeTest.java\n + JDK-8340078: Open source several 2D tests\n + JDK-8340116: test/jdk/sun/security/tools/jarsigner/\n /PreserveRawManifestEntryAndDigest.java can fail due to regex\n + JDK-8340313: Crash due to invalid oop in nmethod after C1\n patching\n + JDK-8340411: open source several 2D imaging tests\n + JDK-8340480: Bad copyright notices in changes from JDK-8339902\n + JDK-8340687: Open source closed frame tests #1\n + JDK-8340719: Open source AWT List tests\n + JDK-8340824: C2: Memory for TypeInterfaces not reclaimed by\n hashcons()\n + JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java\n should be marked as flagless\n + JDK-8341037: Use standard layouts in\n DefaultFrameIconTest.java and MenuCrash.java\n + JDK-8341111: open source several AWT tests including menu\n shortcut tests\n + JDK-8341135: Incorrect format string after JDK-8339475\n + JDK-8341194: [REDO] Implement C2 VectorizedHashCode on AArch64\n + JDK-8341316: [macos] javax/swing/ProgressMonitor/\n /ProgressMonitorEscapeKeyPress.java fails sometimes in macos\n + JDK-8341412: Various test failures after JDK-8334305\n + JDK-8341424: GHA: Collect hs_errs from build time failures\n + JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in\n some cases where the test tables are not visible\n + JDK-8341715: PPC64: ObjectMonitor::_owner should be reset\n unconditionally in nmethod unlocking\n + JDK-8341820: Check return value of hcreate_r\n + JDK-8341862: PPC64: C1 unwind_handler fails to unlock\n synchronized methods with LM_MONITOR\n + JDK-8341881: [REDO] java/nio/file/attribute/\n /BasicFileAttributeView/CreationTime.java#tmp fails on alinux3\n + JDK-8341978: Improve JButton/bug4490179.java\n + JDK-8341982: Simplify JButton/bug4323121.java\n + JDK-8342098: Write a test to compare the images\n + JDK-8342145: File libCreationTimeHelper.c compile fails on\n Alpine\n + JDK-8342270: Test sun/security/pkcs11/Provider/\n /RequiredMechCheck.java needs write access to src tree\n + JDK-8342498: Add test for Allocation elimination after use as\n alignment reference by SuperWord\n + JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead\n of delay\n + JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java\n from running on macOS\n + JDK-8342562: Enhance Deflater operations\n + JDK-8342602: Remove JButton/PressedButtonRightClickTest test\n + JDK-8342609: jpackage test helper function incorrectly\n removes a directory instead of its contents only\n + JDK-8342634: javax/imageio/plugins/wbmp/\n /WBMPStreamTruncateTest.java creates temp file in src dir\n + JDK-8342635: javax/swing/JFileChooser/FileSystemView/\n /WindowsDefaultIconSizeTest.java creates tmp file in src dir\n + JDK-8342704: GHA: Report truncation is broken after\n JDK-8341424\n + JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java\n failed: Unexpected connection count: 5\n + JDK-8342858: Make target mac-jdk-bundle fails on chmod command\n + JDK-8342988: GHA: Build JTReg in single step\n + JDK-8343007: Enhance Buffered Image handling\n + JDK-8343100: Consolidate EmptyFolderTest and\n EmptyFolderPackageTest jpackage tests into single java file\n + JDK-8343101: Rework BasicTest.testTemp test cases\n + JDK-8343102: Remove `--compress` from jlink command lines\n from jpackage tests\n + JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/\n /PrintCheckboxManualTest.java fails with Error. Can\u0027t find\n HTML file PrintCheckboxManualTest.html\n + JDK-8343128: PassFailJFrame.java test result: Error. Bad\n action for script: build}\n + JDK-8343129: Disable unstable check of\n ThreadsListHandle.sanity_vm ThreadList values\n + JDK-8343144: UpcallLinker::on_entry racingly clears pending\n exception with GC safepoints\n + JDK-8343149: Cleanup os::print_tos_pc on AIX\n + JDK-8343178: Test BasicTest.java javac compile fails cannot\n find symbol\n + JDK-8343205: CompileBroker::possibly_add_compiler_threads\n excessively polls available memory\n + JDK-8343314: Move common properties from jpackage jtreg test\n declarations to TEST.properties file\n + JDK-8343343: Misc crash dump improvements on more platforms\n after JDK-8294160\n + JDK-8343378: Exceptions in javax/management DeadLockTest.java\n do not cause test failure\n + JDK-8343396: Use OperatingSystem, Architecture, and OSVersion\n in jpackage tests\n + JDK-8343491: javax/management/remote/mandatory/connection/\n /DeadLockTest.java failing with NoSuchObjectException: no such\n object in table\n + JDK-8343599: Kmem limit and max values swapped when printing\n container information\n + JDK-8343882: BasicAnnoTests doesn\u0027t handle multiple\n annotations at the same position\n + JDK-8344275: tools/jpackage/windows/Win8301247Test.java fails\n on localized Windows platform\n + JDK-8344326: Move jpackage tests from \u0027jdk.jpackage.tests\u0027\n package to the default package\n + JDK-8344581: [TESTBUG] java/awt/Robot/\n /ScreenCaptureRobotTest.java failing on macOS\n + JDK-8344589: Update IANA Language Subtag Registry to Version\n 2024-11-19\n + JDK-8344646: The libjsig deprecation warning should go to\n stderr not stdout\n + JDK-8345296: AArch64: VM crashes with SIGILL when prctl is\n disallowed\n + JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java\n fails on Windows Server 2025\n + JDK-8345370: Bump update version for OpenJDK: jdk-21.0.7\n + JDK-8345375: Improve debuggability of\n test/jdk/java/net/Socket/CloseAvailable.java\n + JDK-8345414: Google CAInterop test failures\n + JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/\n /bug4865918.java fails in ubuntu22.04\n + JDK-8345569: [ubsan] adjustments to filemap.cpp and\n virtualspace.cpp for macOS aarch64\n + JDK-8345614: Improve AnnotationFormatError message for\n duplicate annotation interfaces\n + JDK-8345676: [ubsan] ProcessImpl_md.c:561:40: runtime error:\n applying zero offset to null pointer on macOS aarch64\n + JDK-8345684: OperatingSystemMXBean.getSystemCpuLoad() throws\n NPE\n + JDK-8345750: Shenandoah: Test TestJcmdHeapDump.java#aggressive\n intermittent assert(gc_cause() == GCCause::_no_gc) failed:\n Over-writing cause\n + JDK-8346055: javax/swing/text/StyledEditorKit/4506788/\n /bug4506788.java fails in ubuntu22.04\n + JDK-8346108: [21u][BACKOUT] 8337994: [REDO] Native memory\n leak when not recording any events\n + JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java\n fails in CI\n + JDK-8346587: Distrust TLS server certificates anchored by\n Camerfirma Root CAs\n + JDK-8346671: java/nio/file/Files/probeContentType/Basic.java\n fails on Windows 2025\n + JDK-8346713: [testsuite] NeverActAsServerClassMachine breaks\n TestPLABAdaptToMinTLABSize.java\n TestPinnedHumongousFragmentation.java\n TestPinnedObjectContents.java\n + JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java\n still fails in CI\n + JDK-8346847: [s390x] minimal build failure\n + JDK-8346880: [aix] java/lang/ProcessHandle/InfoTest.java\n still fails: \u0027reported cputime less than expected\u0027\n + JDK-8346881: [ubsan] logSelection.cpp:154:24 /\n logSelectionList.cpp:72:94 : runtime error: applying non-zero\n offset 1 to null pointer\n + JDK-8346887: DrawFocusRect() may cause an assertion failure\n + JDK-8346972: Test java/nio/channels/FileChannel/\n /LoopingTruncate.java fails sometimes with IOException: There\n is not enough space on the disk\n + JDK-8347038: [JMH] jdk.incubator.vector.SpiltReplicate fails\n NoClassDefFoundError\n + JDK-8347129: cpuset cgroups controller is required for no\n good reason\n + JDK-8347171: (dc) java/nio/channels/DatagramChannel/\n /InterruptibleOrNot.java fails with virtual thread factory\n + JDK-8347256: Epsilon: Demote heap size and AlwaysPreTouch\n warnings to info level\n + JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime\n error: division by zero\n + JDK-8347268: [ubsan] logOutput.cpp:357:21: runtime error:\n applying non-zero offset 1 to null pointer\n + JDK-8347424: Fix and rewrite\n sun/security/x509/DNSName/LeadingPeriod.java test\n + JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no\n license header\n + JDK-8347576: Error output in libjsound has non matching\n format strings\n + JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java\n failing\n + JDK-8347847: Enhance jar file support\n + JDK-8347911: Limit the length of inflated text chunks\n + JDK-8347965: (tz) Update Timezone Data to 2025a\n + JDK-8348562: ZGC: segmentation fault due to missing node type\n check in barrier elision analysis\n + JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old\n java.awt.headless behavior on Windows\n + JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland\n + JDK-8349039: Adjust exception No type named \u003cThreadType\u003e in\n database\n + JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25\n updates\n + JDK-8349729: [21u] AIX jtreg tests fail to compile with\n qvisibility=hidden\n + JDK-8352097: (tz) zone.tab update missed in 2025a backport\n + JDK-8353904: [21u] Remove designator\n DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.7\n\n- Update to upstream tag jdk-21.0.6+7 (January 2025 CPU)",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1429,SUSE-SLE-Module-Basesystem-15-SP6-2025-1429,openSUSE-SLE-15.6-2025-1429",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1429-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1429-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251429-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1429-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039130.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241274",
"url": "https://bugzilla.suse.com/1241274"
},
{
"category": "self",
"summary": "SUSE Bug 1241275",
"url": "https://bugzilla.suse.com/1241275"
},
{
"category": "self",
"summary": "SUSE Bug 1241276",
"url": "https://bugzilla.suse.com/1241276"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30698/"
}
],
"title": "Security update for java-21-openjdk",
"tracking": {
"current_release_date": "2025-05-02T08:10:04Z",
"generator": {
"date": "2025-05-02T08:10:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1429-1",
"initial_release_date": "2025-05-02T08:10:04Z",
"revision_history": [
{
"date": "2025-05-02T08:10:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"product": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"product_id": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-21.0.7.0-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.i586",
"product": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.i586",
"product_id": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"product": {
"name": "java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"product_id": "java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"product": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"product_id": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"product": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"product_id": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64",
"product": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64",
"product_id": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch"
},
"product_reference": "java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64"
},
"product_reference": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le"
},
"product_reference": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x"
},
"product_reference": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
},
"product_reference": "java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21587"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21587",
"url": "https://www.suse.com/security/cve/CVE-2025-21587"
},
{
"category": "external",
"summary": "SUSE Bug 1241274 for CVE-2025-21587",
"url": "https://bugzilla.suse.com/1241274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T08:10:04Z",
"details": "important"
}
],
"title": "CVE-2025-21587"
},
{
"cve": "CVE-2025-30691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30691"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30691",
"url": "https://www.suse.com/security/cve/CVE-2025-30691"
},
{
"category": "external",
"summary": "SUSE Bug 1241275 for CVE-2025-30691",
"url": "https://bugzilla.suse.com/1241275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T08:10:04Z",
"details": "moderate"
}
],
"title": "CVE-2025-30691"
},
{
"cve": "CVE-2025-30698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30698"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30698",
"url": "https://www.suse.com/security/cve/CVE-2025-30698"
},
{
"category": "external",
"summary": "SUSE Bug 1241274 for CVE-2025-30698",
"url": "https://bugzilla.suse.com/1241274"
},
{
"category": "external",
"summary": "SUSE Bug 1241276 for CVE-2025-30698",
"url": "https://bugzilla.suse.com/1241276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-demo-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-devel-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-headless-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1.noarch",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.7.0-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.s390x",
"openSUSE Leap 15.6:java-21-openjdk-src-21.0.7.0-150600.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T08:10:04Z",
"details": "important"
}
],
"title": "CVE-2025-30698"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…