English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.18.2.2024.1498.1
Category:openSUSE Local Security Checks
Title:openSUSE Security Advisory (SUSE-SU-2024:1498-1)
Summary:The remote host is missing an update for the 'java-11-openjdk' package(s) announced via the SUSE-SU-2024:1498-1 advisory.
Description:Summary:
The remote host is missing an update for the 'java-11-openjdk' package(s) announced via the SUSE-SU-2024:1498-1 advisory.

Vulnerability Insight:
This update for java-11-openjdk fixes the following issues:

- CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979)
- CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987)
- CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983)
- CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984)
- CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with 'Exceeded _node_regs array' (JDK-8317507,JDK-8325348,bsc#1222986)

Other fixes:
- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU)
* Security fixes
+ JDK-8318340: Improve RSA key implementations
* Other changes
+ JDK-6928542: Chinese characters in RTF are not decoded
+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/
/bug4517214.java fails on MacOS
+ JDK-7148092: [macosx] When Alt+down arrow key is pressed,
the combobox popup does not appear.
+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking
+ JDK-8054572: [macosx] JComboBox paints the border incorrectly
+ JDK-8058176: [mlvm] tests should not allow code cache
exhaustion
+ JDK-8067651: LevelTransitionTest.java, fix trivial methods
levels logic
+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005
intermittently times out
+ JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments
+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting
+ JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java
+ JDK-8169475: WheelModifier.java fails by timeout
+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh
to Java Jtreg Test
+ JDK-8186610: move ModuleUtils to top-level testlibrary
+ JDK-8192864: defmeth tests can hide failures
+ JDK-8193543: Regression automated test '/open/test/jdk/java/
/awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java'
fails
+ JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
/isexceeded001/TestDescription.java still failing
+ JDK-8202282: [TESTBUG] appcds TestCommon
.makeCommandLineForAppCDS() can be removed
+ JDK-8202790: DnD test DisposeFrameOnDragTest.java does not
clean up
+ JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/
/ChoicePopupLocation.java fails
+ JDK-8207211: [TESTBUG] Remove excessive output from
CDS/AppCDS tests
+ JDK-8207214: Broken links in JDK API serialized-form page
+ JDK-8207855: Make applications/jcstress invoke tests in
batches
+ JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/
/TestDescription.java fails in jdk/hs nightly
+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always
detected
+ JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails
in AUFS file ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-11-openjdk' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2024-21011
Oracle Advisory
https://www.oracle.com/security-alerts/cpuapr2024.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html
Common Vulnerability Exposure (CVE) ID: CVE-2024-21012
Common Vulnerability Exposure (CVE) ID: CVE-2024-21068
Common Vulnerability Exposure (CVE) ID: CVE-2024-21085
Common Vulnerability Exposure (CVE) ID: CVE-2024-21094
CopyrightCopyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.