openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:3954-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.18.2.2024.3954.1

Category: openSUSE Local Security Checks

Title: openSUSE Security Advisory (SUSE-SU-2024:3954-1)

Summary: The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2024:3954-1 advisory.

Description: Summary:
The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2024:3954-1 advisory.

Vulnerability Insight:
This update for java-21-openjdk fixes the following issues:

- Update to upstream tag jdk-21.0.5+13 (October 2024 CPU)
* Security fixes
+ JDK-8307383: Enhance DTLS connections
+ JDK-8311208: Improve CDS Support
+ JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client
+ JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization
+ JDK-8328726: Better Kerberos support
+ JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support
+ JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations
+ JDK-8335713: Enhance vectorization analysis
* Other changes
+ JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG
+ JDK-6967482: TAB-key does not work in JTables after selecting
details-view in JFileChooser
+ JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/
/ReadLongZipFileName.java leaks files if it fails
+ JDK-8051959: Add thread and timestamp options to
java.security.debug system property
+ JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING)
deletes bar even if foo is not readable
+ JDK-8166352: FilePane.createDetailsView() removes JTable TAB,
SHIFT-TAB functionality
+ JDK-8170817: G1: Returning MinTLABSize from
unsafe_max_tlab_alloc causes TLAB flapping
+ JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java
fails: 'reported cputime less than expected'
+ JDK-8211854: [aix] java/net/ServerSocket/
/AcceptInheritHandle.java fails: read times out
+ JDK-8222884: ConcurrentClassDescLookup.java times out intermittently
+ JDK-8238169: BasicDirectoryModel getDirectories and
DoChangeContents.run can deadlock
+ JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due
to 'BindException: Address already in use'
+ JDK-8242564: javadoc crashes:: class cast exception
com.sun.tools.javac.code.Symtab$6
+ JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/
/MouseEventAfterStartDragTest.html test failed
+ JDK-8261433: Better pkcs11 performance for
libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit
+ JDK-8269428: java/util/concurrent/ConcurrentHashMap/
/ToArray.java timed out
+ JDK-8269657: Test java/nio/channels/DatagramChannel/
/Loopback.java failed: Unexpected message
+ JDK-8280120: [IR Framework] Add attribute to @IR to
enable/disable IR matching based on the architecture
+ JDK-8280392: java/awt/Focus/NonFocusableWindowTest/
/NonfocusableOwnerTest.java failed with 'RuntimeException: Test failed.'
+ JDK-8280988: [XWayland] Click on title to request focus test failures
+ JDK-8280990: [XWayland] XTest emulated mouse click does not
bring window to front
+ JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java
#Parallel failed with 'RuntimeException: String verification failed'
+ JDK-8287325: AArch64: fix virtual threads with
-XX:UseBranchProtection=pac-ret
+ JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java
to IR verification test
+ ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'java-21-openjdk' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2024-21208
Common Vulnerability Exposure (CVE) ID: CVE-2024-21210
Common Vulnerability Exposure (CVE) ID: CVE-2024-21217
Common Vulnerability Exposure (CVE) ID: CVE-2024-21235

Copyright Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.18.2.2024.3954.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2024:3954-1)
Summary:	The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2024:3954-1 advisory.
Description:	Summary: The remote host is missing an update for the 'java-21-openjdk' package(s) announced via the SUSE-SU-2024:3954-1 advisory. Vulnerability Insight: This update for java-21-openjdk fixes the following issues: - Update to upstream tag jdk-21.0.5+13 (October 2024 CPU) * Security fixes + JDK-8307383: Enhance DTLS connections + JDK-8311208: Improve CDS Support + JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client + JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization + JDK-8328726: Better Kerberos support + JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support + JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations + JDK-8335713: Enhance vectorization analysis * Other changes + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG + JDK-6967482: TAB-key does not work in JTables after selecting details-view in JFileChooser + JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails + JDK-8051959: Add thread and timestamp options to java.security.debug system property + JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING) deletes bar even if foo is not readable + JDK-8166352: FilePane.createDetailsView() removes JTable TAB, SHIFT-TAB functionality + JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping + JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java fails: 'reported cputime less than expected' + JDK-8211854: [aix] java/net/ServerSocket/ /AcceptInheritHandle.java fails: read times out + JDK-8222884: ConcurrentClassDescLookup.java times out intermittently + JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock + JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to 'BindException: Address already in use' + JDK-8242564: javadoc crashes:: class cast exception com.sun.tools.javac.code.Symtab$6 + JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed + JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit + JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out + JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message + JDK-8280120: [IR Framework] Add attribute to @IR to enable/disable IR matching based on the architecture + JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with 'RuntimeException: Test failed.' + JDK-8280988: [XWayland] Click on title to request focus test failures + JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front + JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java #Parallel failed with 'RuntimeException: String verification failed' + JDK-8287325: AArch64: fix virtual threads with -XX:UseBranchProtection=pac-ret + JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java to IR verification test + ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'java-21-openjdk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-21208 Common Vulnerability Exposure (CVE) ID: CVE-2024-21210 Common Vulnerability Exposure (CVE) ID: CVE-2024-21217 Common Vulnerability Exposure (CVE) ID: CVE-2024-21235
Copyright	Copyright (C) 2025 Greenbone AG