openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:0339-1)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.857033

Kategorie: openSUSE Local Security Checks

Titel: openSUSE Security Advisory (SUSE-SU-2025:0339-1)

Zusammenfassung: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.

Vulnerability Insight:
- CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

- JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color
- JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect
- JDK-8071693: Introspector ignores default interface methods
- JDK-8195675: Call to insertText with single character from custom Input Method ignored
- JDK-8202926: Test java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html fails
- JDK-8207908: JMXStatusTest.java fails assertion intermittently
- JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly.
- JDK-8240343: JDI stopListening/stoplis001 'FAILED: listening is successfully stopped without starting listening'
- JDK-8254759: [TEST_BUG] [macosx] javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails
- JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with 'RuntimeException: Could not find class leak'
- JDK-8268364: jmethod clearing should be done during unloading
- JDK-8269770: nsk tests should start IOPipe channel before launch debuggee - Debugee.prepareDebugee
- JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than O_BUFLEN
- JDK-8271456: Avoid looking up standard charsets in 'java.desktop' module
- JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM flags
- JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM flags
- JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release VMs
- JDK-8272746: ZipFile can't open big file (NegativeArraySizeException)
- JDK-8273914: Indy string concat changes order of operations
- JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution
- JDK-8274505: Too weak variable type leads to unnecessary cast in java.desktop
- JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with 'SocketTimeoutException: Read timed out'
- JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime test
- JDK-8280131: jcmd reports 'Module jdk.jfr not found.' when 'jdk.management.jfr' is missing
- JDK-8281379: Assign package declarations to all jtreg test cases under gc
- JDK-8282578: AIOOBE in javax.sound.sampled.Clip
- JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox
- JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java timeouts
- JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11
- JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie problem
- JDK-8286160: (fs) Files.exists returns unexpected results with C:\pagefile.sys because it's not readable
- JDK-8287003: InputStreamReader::read() can return zero despite writing a char in the buffer
- JDK-8288976: classfile parser 'wrong name' error message has the names the wrong way around
- ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-17-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2025-21502

Copyright Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.857033
Kategorie:	openSUSE Local Security Checks
Titel:	openSUSE Security Advisory (SUSE-SU-2025:0339-1)
Zusammenfassung:	The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'java-17-openjdk' package(s) announced via the SUSE-SU-2025:0339-1 advisory. Vulnerability Insight: - CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: - JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color - JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect - JDK-8071693: Introspector ignores default interface methods - JDK-8195675: Call to insertText with single character from custom Input Method ignored - JDK-8202926: Test java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html fails - JDK-8207908: JMXStatusTest.java fails assertion intermittently - JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. - JDK-8240343: JDI stopListening/stoplis001 'FAILED: listening is successfully stopped without starting listening' - JDK-8254759: [TEST_BUG] [macosx] javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails - JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with 'RuntimeException: Could not find class leak' - JDK-8268364: jmethod clearing should be done during unloading - JDK-8269770: nsk tests should start IOPipe channel before launch debuggee - Debugee.prepareDebugee - JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than O_BUFLEN - JDK-8271456: Avoid looking up standard charsets in 'java.desktop' module - JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM flags - JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM flags - JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release VMs - JDK-8272746: ZipFile can't open big file (NegativeArraySizeException) - JDK-8273914: Indy string concat changes order of operations - JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution - JDK-8274505: Too weak variable type leads to unnecessary cast in java.desktop - JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with 'SocketTimeoutException: Read timed out' - JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime test - JDK-8280131: jcmd reports 'Module jdk.jfr not found.' when 'jdk.management.jfr' is missing - JDK-8281379: Assign package declarations to all jtreg test cases under gc - JDK-8282578: AIOOBE in javax.sound.sampled.Clip - JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox - JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java timeouts - JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11 - JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie problem - JDK-8286160: (fs) Files.exists returns unexpected results with C:\pagefile.sys because it's not readable - JDK-8287003: InputStreamReader::read() can return zero despite writing a char in the buffer - JDK-8288976: classfile parser 'wrong name' error message has the names the wrong way around - ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-17-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2025-21502
Copyright	Copyright (C) 2025 Greenbone AG