Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in java-11-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-11-openjdk
ID: SUSE-SU-2024:1452-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Server 12 SP5, SUSE Linux Enterprise High Performance Computing 12 SP5, SUSE Linux Enterprise Server for SAP Applications 12 SP5
Datum: Fr, 26. April 2024, 18:42
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085
Applikationen: OpenJDK

Originalnachricht

--===============9172094984190401367==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit



# Security update for java-11-openjdk

Announcement ID: SUSE-SU-2024:1452-1
Rating: low
References:

* bsc#1213470
* bsc#1222979
* bsc#1222983
* bsc#1222984
* bsc#1222986
* bsc#1222987


Cross-References:

* CVE-2024-21011
* CVE-2024-21012
* CVE-2024-21068
* CVE-2024-21085
* CVE-2024-21094


CVSS scores:

* CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N


Affected Products:

* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server for SAP Applications 12 SP5



An update that solves five vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-11-openjdk fixes the following issues:

* CVE-2024-21011: Fixed denial of service due to long Exception message
logging (JDK-8319851,bsc#1222979)
* CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client
improper reverse DNS lookup (JDK-8315708,bsc#1222987)
* CVE-2024-21068: Fixed integer overflow in C1 compiler address generation
(JDK-8322122,bsc#1222983)
* CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory
allocation (JDK-8322114,bsc#1222984)
* CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation
failure with "Exceeded _node_regs array"
(JDK-8317507,JDK-8325348,bsc#1222986)

Other fixes: \- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU) *
Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes
\+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796:
[macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS
\+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup
does not appear. \+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking \+ JDK-8054572: [macosx] JComboBox paints the
border incorrectly \+ JDK-8058176: [mlvm] tests should not allow code cache
exhaustion \+ JDK-8067651: LevelTransitionTest.java, fix trivial methods levels
logic \+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005 intermittently
times out \+ JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments \+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting \+ JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java \+ JDK-8169475: WheelModifier.java fails by
timeout \+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh to
Java Jtreg Test \+ JDK-8186610: move ModuleUtils to top-level testlibrary \+
JDK-8192864: defmeth tests can hide failures \+ JDK-8193543: Regression
automated test '/open/test/jdk/java/
/awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java' fails \+
JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
/isexceeded001/TestDescription.java still failing \+ JDK-8202282: [TESTBUG]
appcds TestCommon .makeCommandLineForAppCDS() can be removed \+ JDK-8202790:
DnD
test DisposeFrameOnDragTest.java does not clean up \+ JDK-8202931: [macos]
java/awt/Choice/ChoicePopupLocation/ /ChoicePopupLocation.java fails \+
JDK-8207211: [TESTBUG] Remove excessive output from CDS/AppCDS tests \+
JDK-8207214: Broken links in JDK API serialized-form page \+ JDK-8207855: Make
applications/jcstress invoke tests in batches \+ JDK-8208243:
vmTestbase/gc/lock/jni/jnilock002/ /TestDescription.java fails in jdk/hs
nightly
\+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always detected \+
JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails in AUFS file system
\+ JDK-8208699: remove unneeded imports from runtime tests \+ JDK-8208704:
runtime/appcds/MultiReleaseJars.java timed out often in hs-tier7 testing \+
JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option is not always
required for appcds tests \+ JDK-8209549: remove VMPropsExt from TEST.ROOT \+
JDK-8209595: MonitorVmStartTerminate.java timed out \+ JDK-8209946: [TESTBUG]
CDS tests should use "@run driver" \+ JDK-8211438: [Testbug]
runtime/XCheckJniJsig/XCheckJSig.java looks for libjsig in wrong location \+
JDK-8211978: Move testlibrary/jdk/testlibrary/ /SimpleSSLContext.java and
testkeys to network testlibrary \+ JDK-8213622: Windows VS2013 build failure -
"'snprintf': identifier not found" \+ JDK-8213926:
WB_EnqueueInitializerForCompilation requests compilation for NULL \+
JDK-8213927: G1 ignores AlwaysPreTouch when UseTransparentHugePages is enabled
\+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr modules \+
JDK-8214915: CtwRunner misses export for jdk.internal.access \+ JDK-8216408:
XMLStreamWriter setDefaultNamespace(null) throws NullPointerException \+
JDK-8217475: Unexpected StackOverflowError in "process reaper" thread
\+
JDK-8218754: JDK-8068225 regression in JDIBreakpointTest \+ JDK-8219475: javap
man page needs to be updated \+ JDK-8219585: [TESTBUG]
sun/management/jmxremote/bootstrap/ /JMXInterfaceBindingTest.java passes
trivially when it shouldn't \+ JDK-8219612: [TESTBUG]
compiler.codecache.stress.Helper .TestCaseImpl can't be defined in
different
runtime package as its nest host \+ JDK-8225471: Test utility
jdk.test.lib.util.FileUtils .areAllMountPointsAccessible needs to tolerate
duplicates \+ JDK-8226706: (se) Reduce the number of outer loop iterations on
Windows in java/nio/channels/Selector/RacyDeregister.java \+ JDK-8226905:
unproblem list applications/ctw/modules/ _tests on windows \+ JDK-8226910: make
it possible to use jtreg 's -match via run-test framework \+ JDK-8227438:
[TESTLIB] Determine if file exists by Files.exists in function
FileUtils.deleteFileIfExistsWithRetry \+ JDK-8231585:
java/lang/management/ThreadMXBean/ /MaxDepthForThreadInfoTest.java fails with
java.lang.NullPointerException \+ JDK-8232839: JDI AfterThreadDeathTest.java
failed due to "FAILED: Did not get expected IllegalThreadStateException on
a
StepRequest.enable()" \+ JDK-8233453: MLVM deoptimize stress test timed out
\+
JDK-8234309: LFGarbageCollectedTest.java fails with parse Exception \+
JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails \+ JDK-8237777: "Dumping core ..." is
shown
despite claiming that "# No core dump will be written." \+ JDK-8237834:
com/sun/jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read
timeout \+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel \+
JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails \+ JDK-8244679: JVM/TI
GetCurrentContendedMonitor/contmon001 failed due to "(IsSameObject#3)
unexpected
monitor object: 0x000000562336DBA8" \+ JDK-8246222: Rename javac test
T6395981.java to be more informative \+ JDK-8247818: GCC 10 warning stringop-
overflow with symbol code \+ JDK-8249087: Always initialize _body[0..1] in
Symbol constructor \+ JDK-8251349: Add TestCaseImpl to
OverloadCompileQueueTest.java's build dependencies \+ JDK-8251904:
vmTestbase/nsk/sysdict/vm/stress/btree/btree010/ /btree010.java fails with
ClassNotFoundException: nsk.sysdict.share.BTree0LLRLRLRRLR \+ JDK-8253543:
sanity/client/SwingSet/src/ /ButtonDemoScreenshotTest.java failed with
"AssertionError: All pixels are not black" \+ JDK-8253739:
java/awt/image/MultiResolutionImage/ /MultiResolutionImageObserverTest.java
fails \+ JDK-8253820: Save test images and dumps with timestamps from client
sanity suite \+ JDK-8255277: randomDelay in DrainDeadlockT and LoggingDeadlock
do not randomly delay \+ JDK-8255546: Missing coverage for
javax.smartcardio.CardPermission and ResponseAPDU \+ JDK-8255743: Relax SIGFPE
match in in runtime/ErrorHandling/SecondaryErrorTest.java \+ JDK-8257505:
nsk/share/test/StressOptions stressTime is scaled in getter but not when
printed
\+ JDK-8259801: Enable XML Signature secure validation mode by default \+
JDK-8264135: UnsafeGetStableArrayElement should account for different JIT
implementation details \+ JDK-8265349:
vmTestbase/../stress/compiler/deoptimize/
/Test.java fails with OOME due to CodeCache exhaustion. \+ JDK-8269025:
jsig/Testjsig.java doesn't check exit code \+ JDK-8269077: TestSystemGC
uses
"require vm.gc.G1" for large pages subtest \+ JDK-8271094:
runtime/duplAttributes/DuplAttributesTest.java doesn't check exit code \+
JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java doesn't check
exit
code \+ JDK-8271828: mark hotspot runtime/classFileParserBug tests which ignore
external VM flags \+ JDK-8271829: mark hotspot runtime/Throwable tests which
ignore external VM flags \+ JDK-8271890: mark hotspot runtime/Dictionary tests
which ignore external VM flags \+ JDK-8272291: mark hotspot runtime/logging
tests which ignore external VM flags \+ JDK-8272335:
runtime/cds/appcds/MoveJDKTest.java doesn't check exit codes \+
JDK-8272551:
mark hotspot runtime/modules tests which ignore external VM flags \+
JDK-8272552: mark hotspot runtime/cds tests which ignore external VM flags \+
JDK-8273803: Zero: Handle "zero" variant in CommandLineOptionTest.java
\+
JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows
11 \+ JDK-8274621: NullPointerException because listenAddress[0] is null \+
JDK-8276796: gc/TestSystemGC.java large pages subtest fails with ZGC \+
JDK-8280007: Enable Neoverse N1 optimizations for Arm Neoverse V1 & N2 \+
JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails with
java.lang.RuntimeException: values differ by more than 1GB \+ JDK-8281377:
Remove vmTestbase/nsk/monitoring/ThreadMXBean/
/ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. \+
JDK-8281717: Cover logout method for several LoginModule \+ JDK-8282665: [REDO]
ByteBufferTest.java: replace endless recursion with RuntimeException in void
ck(double x, double y) \+ JDK-8284090:
com/sun/security/auth/module/AllPlatforms.java fails to compile \+ JDK-8285756:
clean up use of bad arguments for `@clean` in langtools tests \+ JDK-8285785:
CheckCleanerBound test fails with PasswordCallback object is not released \+
JDK-8285867: Convert applet manual tests SelectionVisible.java to Frame and
automate \+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java fails on mac aarch64 \+ JDK-8286969: Add a new
test library API to execute kinit in SecurityTools.java \+ JDK-8287113: JFR:
Periodic task thread uses period for method sampling events \+ JDK-8289511:
Improve test coverage for XPath Axes: child \+ JDK-8289764: gc/lock tests
failed
with "OutOfMemoryError: Java heap space: failed reallocation of scalar
replaced
objects" \+ JDK-8289948: Improve test coverage for XPath functions: Node
Set
Functions \+ JDK-8290399: [macos] Aqua LAF does not fire an action event if
combo box menu is displayed \+ JDK-8290909:
MemoryPoolMBean/isUsageThresholdExceeded tests failed with
"isUsageThresholdExceeded() returned false, and is still false, while
threshold
= MMMMMMM and used peak = NNNNNNN" \+ JDK-8292182: [TESTLIB] Enhance
JAXPPolicyManager to setup required permissions for jtreg version 7 jar \+
JDK-8292946: GC lock/jni/jnilock001 test failed "assert(gch->gc_cause()
==
GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed:
Twice
in a row" \+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed
with
"RuntimeException: Retrieved backing PlatformLogger level null is not the
expected CONFIG" \+ JDK-8294158: HTML formatting for PassFailJFrame
instructions
\+ JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java
failure \+ JDK-8294402: Add diagnostic logging to VMProps.checkDockerSupport \+
JDK-8294535: Add screen capture functionality to PassFailJFrame \+ JDK-8296083:
javax/swing/JTree/6263446/bug6263446.java fails intermittently on a VM \+
JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
/AbstractDrbg/SpecTest.java intermittently timeout \+ JDK-8299494: Test
vmTestbase/nsk/stress/except/except011.java failed:
ExceptionInInitializerError:
target class not found \+ JDK-8300269: The selected item in an editable
JComboBox with titled border is not visible in Aqua LAF \+ JDK-8300727:
java/awt/List/ListGarbageCollectionTest/ /AwtListGarbageCollectionTest.java
failed with "List wasn't garbage collected" \+ JDK-8301310: The
SendRawSysexMessage test may cause a JVM crash \+ JDK-8301377: adjust timeout
for JLI GetObjectSizeIntrinsicsTest.java subtest again \+ JDK-8301846: Invalid
TargetDataLine after screen lock when using JFileChooser or COM library \+
JDK-8302017: Allocate BadPaddingException only if it will be thrown \+
JDK-8302109: Trivial fixes to btree tests \+ JDK-8302149: Speed up
compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java \+ JDK-8302607:
increase timeout for ContinuousCallSiteTargetChange.java \+ JDK-8304074: [JMX]
Add an approximation of total bytes allocated on the Java heap by the JVM \+
JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373 \+ JDK-8304725:
AsyncGetCallTrace can cause SIGBUS on M1 \+ JDK-8305502: adjust timeouts in
three more M&M tests \+ JDK-8305505: NPE in javazic compiler \+
JDK-8305972:
Update XML Security for Java to 3.0.2 \+ JDK-8306072: Open source several AWT
MouseInfo related tests \+ JDK-8306076: Open source AWT misc tests \+
JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related
tests \+ JDK-8306640: Open source several AWT TextArea related tests \+
JDK-8306652: Open source AWT MenuItem related tests \+ JDK-8306681: Open source
more AWT DnD related tests \+ JDK-8306683: Open source several clipboard and
color AWT tests \+ JDK-8306752: Open source several container and component AWT
tests \+ JDK-8306753: Open source several container AWT tests \+ JDK-8306755:
Open source few Swing JComponent and AbstractButton tests \+ JDK-8306812: Open
source several AWT Miscellaneous tests \+ JDK-8306871: Open source more AWT
Drag
& Drop tests \+ JDK-8306996: Open source Swing MenuItem related tests \+
JDK-8307123: Fix deprecation warnings in DPrinter \+ JDK-8307130: Open source
few Swing JMenu tests \+ JDK-8307299: Move more DnD tests to open \+
JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing JTableHeader tests
\+ JDK-8307381: Open Source JFrame, JIF related Swing Tests \+ JDK-8307683:
Loop
Predication should not hoist range checks with trap on success projection by
negating their condition \+ JDK-8308043: Deadlock in TestCSLocker.java due to
blocking GC while allocating \+ JDK-8308116:
jdk.test.lib.compiler.InMemoryJavaCompiler .compile does not close files \+
JDK-8308223: failure handler missed jcmd.vm.info command \+ JDK-8308232:
nsk/jdb
tests don't pass -verbose flag to the debuggee \+ JDK-8308245: Add
-proc:full to
describe current default annotation processing policy \+ JDK-8308336: Test
java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use \+ JDK-8309104: [JVMCI]
compiler/unsafe/ /UnsafeGetStableArrayElement test asserts wrong values with
Graal \+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton
predicates
for all If nodes in loop predication \+ JDK-8309462: [AIX]
vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing
due to empty while loop \+ JDK-8309778: java/nio/file/Files/CopyAndMove.java
fails when using second test directory \+ JDK-8309870: Using -proc:full should
be considered requesting explicit annotation processing \+ JDK-8310106:
sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks
handshakeConsumers \+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails \+ JDK-8310551:
vmTestbase/nsk/jdb/interrupt/interrupt001/ /interrupt001.java timed out due to
missing prompt \+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
timed out \+ JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows
platform \+ JDK-8311511: Improve description of NativeLibrary JFR event \+
JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java \+ JDK-8313081:
MonitoringSupport_lock should be unconditionally initialized after 8304074 \+
JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles \+
JDK-8313164: src/java.desktop/windows/native/libawt/windows/ /awt_Robot.cpp
GetRGBPixels adjust releasing of resources \+ JDK-8313252:
Java_sun_awt_windows_ThemeReader_paintBackground release resources in early
returns \+ JDK-8313643: Update HarfBuzz to 8.2.2 \+ JDK-8313816: Accessing
jmethodID might lead to spurious crashes \+ JDK-8314144:
gc/g1/ihop/TestIHOPStatic.java fails due to extra concurrent mark with -Xcomp
\+
JDK-8314164: java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fails intermittently in timeout \+
JDK-8314883: Java_java_util_prefs_FileSystemPreferences_lockFile0 write result
errno in missing case \+ JDK-8315034: File.mkdirs() occasionally fails to
create
folders on Windows shared folder \+ JDK-8315042: NPE in
PKCS7.parseOldSignedData
\+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some cases \+
JDK-8315499: build using devkit on Linux ppc64le RHEL puts path to devkit into
libsplashscreen \+ JDK-8315594: Open source few headless Swing misc tests \+
JDK-8315600: Open source few more headless Swing misc tests \+ JDK-8315602:
Open
source swing security manager test \+ JDK-8315606: Open source few swing
text/html tests \+ JDK-8315611: Open source swing text/html and tree test \+
JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch
\+
JDK-8315731: Open source several Swing Text related tests \+ JDK-8315761: Open
source few swing JList and JMenuBar tests \+ JDK-8315986: [macos14]
javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on
the screen to determine its location \+ JDK-8316001: GC: Make
TestArrayAllocatorMallocLimit use createTestJvm \+ JDK-8316028: Update FreeType
to 2.13.2 \+ JDK-8316030: Update Libpng to 1.6.40 \+ JDK-8316106: Open source
few swing JInternalFrame and JMenuBar tests \+ JDK-8316461: Fix: make test
outputs TEST SUCCESS after unsuccessful exit \+ JDK-8316947: Write a test to
check textArea triggers MouseEntered/MouseExited events properly \+
JDK-8317307:
test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with
ConnectException: Connection timed out: no further information \+ JDK-8317327:
Remove JT_JAVA dead code in jib-profiles.js \+ JDK-8318154: Improve stability
of
WheelModifier.java test \+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/
/BootClassPathTest.sh fails on Japanese Windows \+ JDK-8318468:
compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100
-XX:TieredStopAtLevel=1 \+ JDK-8318603: Parallelize
sun/java2d/marlin/ClipShapeTest.java \+ JDK-8318607: Enable parallelism in
vmTestbase/nsk/stress/jni tests \+ JDK-8318608: Enable parallelism in
vmTestbase/nsk/stress/threads tests \+ JDK-8318736:
com/sun/jdi/JdwpOnThrowTest.java failed with "transport error 202: bind
failed:
Address already in use" \+ JDK-8318889: C2: add bailout after assert Bad
graph
detected in build_loop_late \+ JDK-8318951: Additional negative value check in
JPEG decoding \+ JDK-8318955: Add ReleaseIntArrayElements in
Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return \+
JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent
Files \+ JDK-8318983: Fix comment typo in PKCS12Passwd.java \+ JDK-8319124:
Update XML Security for Java to 3.0.3 \+ JDK-8319456:
jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause
'GCLocker Initiated GC' not in the valid causes \+ JDK-8319668: Fixup
of jar
filename typo in BadFactoryTest.sh \+ JDK-8320001: javac crashes while adding
type annotations to the return type of a constructor \+ JDK-8320208: Update
Public Suffix List to b5bf572 \+ JDK-8320363: ppc64 TypeEntries::type_unknown
logic looks wrong, missed optimization opportunity \+ JDK-8320597: RSA
signature
verification fails on signed data that does not encode params correctly \+
JDK-8320798: Console read line with zero out should zero out underlying buffer
\+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23 \+ JDK-8320937:
support latest VS2022 MSC_VER in abstract_vm_version.cpp \+ JDK-8321151:
JDK-8294427 breaks Windows L&F on all older Windows versions \+
JDK-8321215:
Incorrect x86 instruction encoding for VSIB addressing mode \+ JDK-8321408: Add
Certainly roots R1 and E1 \+ JDK-8321480: ISO 4217 Amendment 176 Update \+
JDK-8322178: Error. can't find jdk.testlibrary .SimpleSSLContext in test
directory or libraries \+ JDK-8322417: Console read line with zero out should
zero out when throwing exception \+ JDK-8322725: (tz) Update Timezone Data to
2023d \+ JDK-8322750: Test "api/java_awt/interactive/
/SystemTrayTests.html"
failed because A blue ball icon is added outside of the system tray \+
JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is failing assert \+
JDK-8322772: Clean up code after JDK-8322417 \+ JDK-8323008: filter out harmful
-std_ flags added by autoconf from CXX \+ JDK-8323243: JNI invocation of an
abstract instance method corrupts the stack \+ JDK-8323515: Create test alias
"all" for all test roots \+ JDK-8323640: [TESTBUG]testMemoryFailCount
in
jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because
OOM killed \+ JDK-8324184: Windows VS2010 build failed with "error C2275:
'int64_t'" \+ JDK-8324307: [11u] hotspot fails to build with GCC 12
and newer
(non-static data member initializers) \+ JDK-8324347: Enable "maybe-
uninitialized" warning for FreeType 2.13.1 \+ JDK-8324659: GHA: Generic
jtreg
errors are not reported \+ JDK-8325096: Test
java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing \+
JDK-8325150: (tz) Update Timezone Data to 2024a \+ JDK-8326109: GCC 13 reports
maybe-uninitialized warnings for jni.cpp with dtrace enabled \+ JDK-8326503:
[11u] java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java
fail
because of package org.junit.jupiter.api does not exist \+ JDK-8327391: Add
SipHash attribution file \+ JDK-8329837: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23

* Removed the possibility to use the system timezone-java (bsc#1213470).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1

* SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1

* SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1

## Package List:

* SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
* java-11-openjdk-debuginfo-11.0.23.0-3.75.1
* java-11-openjdk-devel-11.0.23.0-3.75.1
* java-11-openjdk-debugsource-11.0.23.0-3.75.1
* java-11-openjdk-demo-11.0.23.0-3.75.1
* java-11-openjdk-11.0.23.0-3.75.1
* java-11-openjdk-headless-11.0.23.0-3.75.1
* SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-debuginfo-11.0.23.0-3.75.1
* java-11-openjdk-devel-11.0.23.0-3.75.1
* java-11-openjdk-debugsource-11.0.23.0-3.75.1
* java-11-openjdk-demo-11.0.23.0-3.75.1
* java-11-openjdk-11.0.23.0-3.75.1
* java-11-openjdk-headless-11.0.23.0-3.75.1
* SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
* java-11-openjdk-debuginfo-11.0.23.0-3.75.1
* java-11-openjdk-devel-11.0.23.0-3.75.1
* java-11-openjdk-debugsource-11.0.23.0-3.75.1
* java-11-openjdk-demo-11.0.23.0-3.75.1
* java-11-openjdk-11.0.23.0-3.75.1
* java-11-openjdk-headless-11.0.23.0-3.75.1

## References:

* https://www.suse.com/security/cve/CVE-2024-21011.html
* https://www.suse.com/security/cve/CVE-2024-21012.html
* https://www.suse.com/security/cve/CVE-2024-21068.html
* https://www.suse.com/security/cve/CVE-2024-21085.html
* https://www.suse.com/security/cve/CVE-2024-21094.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213470
* https://bugzilla.suse.com/show_bug.cgi?id=1222979
* https://bugzilla.suse.com/show_bug.cgi?id=1222983
* https://bugzilla.suse.com/show_bug.cgi?id=1222984
* https://bugzilla.suse.com/show_bug.cgi?id=1222986
* https://bugzilla.suse.com/show_bug.cgi?id=1222987


--===============9172094984190401367==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit




<div class="container">
<h1>Security update for java-11-openjdk</h1>

<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2024:1452-1</td>
</tr>

<tr>
<th>Rating:</th>
<td>low</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213470">bsc#1213470</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222979">bsc#1222979</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222983">bsc#1222983</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222984">bsc#1222984</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222986">bsc#1222986</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222987">bsc#1222987</a>
</li>


</ul>
</td>
</tr>

<tr>
<th>
Cross-References:
</th>
<td>
<ul>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-21011.html">CVE-2024-21011</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-21012.html">CVE-2024-21012</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-21068.html">CVE-2024-21068</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-21085.html">CVE-2024-21085</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-21094.html">CVE-2024-21094</a>
</li>

</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">

<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-21011</span>
<span class="cvss-source">
(

SUSE

):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>

<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-21012</span>
<span class="cvss-source">
(

SUSE

):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
</li>

<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-21068</span>
<span class="cvss-source">
(

SUSE

):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
</li>

<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-21085</span>
<span class="cvss-source">
(

SUSE

):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>

<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-21094</span>
<span class="cvss-source">
(

SUSE

):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
</li>

</ul>
</td>
</tr>

<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">

<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing 12 SP5</li>

<li class="list-group-item">SUSE Linux
Enterprise Server 12 SP5</li>

<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 12 SP5</li>

</ul>
</td>
</tr>
</tbody>
</table>

<p>An update that solves five vulnerabilities and has one security
fix can now be installed.</p>





<h2>Description:</h2>

<p>This update for java-11-openjdk fixes the following
issues:</p>
<ul>
<li>CVE-2024-21011: Fixed denial of service due to long Exception message
logging (JDK-8319851,bsc#1222979)</li>
<li>CVE-2024-21012: Fixed unauthorized data modification due HTTP/2
client improper reverse DNS lookup (JDK-8315708,bsc#1222987)</li>
<li>CVE-2024-21068: Fixed integer overflow in C1 compiler address
generation (JDK-8322122,bsc#1222983) </li>
<li>CVE-2024-21085: Fixed denial of service due to Pack200 excessive
memory allocation (JDK-8322114,bsc#1222984) </li>
<li>CVE-2024-21094: Fixed unauthorized data modification due to C2
compilation failure with &quot;Exceeded _node_regs array&quot; (JDK-8317507,JDK-8325348,bsc#1222986)</li>
</ul>
<p>Other fixes:
- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU)
* Security fixes
+ JDK-8318340: Improve RSA key implementations
* Other changes
+ JDK-6928542: Chinese characters in RTF are not decoded
+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/
/bug4517214.java fails on MacOS
+ JDK-7148092: [macosx] When Alt+down arrow key is pressed,
the combobox popup does not appear.
+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking
+ JDK-8054572: [macosx] JComboBox paints the border incorrectly
+ JDK-8058176: [mlvm] tests should not allow code cache
exhaustion
+ JDK-8067651: LevelTransitionTest.java, fix trivial methods
levels logic
+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005
intermittently times out
+ JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments
+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting
+ JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java
+ JDK-8169475: WheelModifier.java fails by timeout
+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh
to Java Jtreg Test
+ JDK-8186610: move ModuleUtils to top-level testlibrary
+ JDK-8192864: defmeth tests can hide failures
+ JDK-8193543: Regression automated test &#x27;/open/test/jdk/java/
/awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java&#x27;
fails
+ JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
/isexceeded001/TestDescription.java still failing
+ JDK-8202282: [TESTBUG] appcds TestCommon
.makeCommandLineForAppCDS() can be removed
+ JDK-8202790: DnD test DisposeFrameOnDragTest.java does not
clean up
+ JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/
/ChoicePopupLocation.java fails
+ JDK-8207211: [TESTBUG] Remove excessive output from
CDS/AppCDS tests
+ JDK-8207214: Broken links in JDK API serialized-form page
+ JDK-8207855: Make applications/jcstress invoke tests in
batches
+ JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/
/TestDescription.java fails in jdk/hs nightly
+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always
detected
+ JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails
in AUFS file system
+ JDK-8208699: remove unneeded imports from runtime tests
+ JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out
often in hs-tier7 testing
+ JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option
is not always required for appcds tests
+ JDK-8209549: remove VMPropsExt from TEST.ROOT
+ JDK-8209595: MonitorVmStartTerminate.java timed out
+ JDK-8209946: [TESTBUG] CDS tests should use &quot;@run
driver&quot;
+ JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java
looks for libjsig in wrong location
+ JDK-8211978: Move testlibrary/jdk/testlibrary/
/SimpleSSLContext.java and testkeys to network testlibrary
+ JDK-8213622: Windows VS2013 build failure -
&quot;&#x27;snprintf&#x27;:
identifier not found&quot;
+ JDK-8213926: WB_EnqueueInitializerForCompilation requests
compilation for NULL
+ JDK-8213927: G1 ignores AlwaysPreTouch when
UseTransparentHugePages is enabled
+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr
modules
+ JDK-8214915: CtwRunner misses export for jdk.internal.access
+ JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws
NullPointerException
+ JDK-8217475: Unexpected StackOverflowError in &quot;process
reaper&quot; thread
+ JDK-8218754: JDK-8068225 regression in JDIBreakpointTest
+ JDK-8219475: javap man page needs to be updated
+ JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/
/JMXInterfaceBindingTest.java passes trivially when it
shouldn&#x27;t
+ JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper
.TestCaseImpl can&#x27;t be defined in different runtime package as
its nest host
+ JDK-8225471: Test utility jdk.test.lib.util.FileUtils
.areAllMountPointsAccessible needs to tolerate duplicates
+ JDK-8226706: (se) Reduce the number of outer loop iterations
on Windows in java/nio/channels/Selector/RacyDeregister.java
+ JDK-8226905: unproblem list applications/ctw/modules/<em> tests
on windows
+ JDK-8226910: make it possible to use jtreg&#x27;s -match via
run-test framework
+ JDK-8227438: [TESTLIB] Determine if file exists by
Files.exists in function FileUtils.deleteFileIfExistsWithRetry
+ JDK-8231585: java/lang/management/ThreadMXBean/
/MaxDepthForThreadInfoTest.java fails with
java.lang.NullPointerException
+ JDK-8232839: JDI AfterThreadDeathTest.java failed due to
&quot;FAILED: Did not get expected IllegalThreadStateException on a
StepRequest.enable()&quot;
+ JDK-8233453: MLVM deoptimize stress test timed out
+ JDK-8234309: LFGarbageCollectedTest.java fails with parse
Exception
+ JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails
+ JDK-8237777: &quot;Dumping core ...&quot; is shown despite
claiming
that &quot;# No core dump will be written.&quot;
+ JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java
failing with LDAP response read timeout
+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
+ JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails
+ JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001
failed due to &quot;(IsSameObject#3) unexpected monitor object:
0x000000562336DBA8&quot;
+ JDK-8246222: Rename javac test T6395981.java to be more
informative
+ JDK-8247818: GCC 10 warning stringop-overflow with symbol code
+ JDK-8249087: Always initialize _body[0..1] in Symbol
constructor
+ JDK-8251349: Add TestCaseImpl to
OverloadCompileQueueTest.java&#x27;s build dependencies
+ JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/
/btree010.java fails with ClassNotFoundException:
nsk.sysdict.share.BTree0LLRLRLRRLR
+ JDK-8253543: sanity/client/SwingSet/src/
/ButtonDemoScreenshotTest.java failed with &quot;AssertionError:
All pixels are not black&quot;
+ JDK-8253739: java/awt/image/MultiResolutionImage/
/MultiResolutionImageObserverTest.java fails
+ JDK-8253820: Save test images and dumps with timestamps from
client sanity suite
+ JDK-8255277: randomDelay in DrainDeadlockT and
LoggingDeadlock do not randomly delay
+ JDK-8255546: Missing coverage for
javax.smartcardio.CardPermission and ResponseAPDU
+ JDK-8255743: Relax SIGFPE match in in
runtime/ErrorHandling/SecondaryErrorTest.java
+ JDK-8257505: nsk/share/test/StressOptions stressTime is
scaled in getter but not when printed
+ JDK-8259801: Enable XML Signature secure validation mode by
default
+ JDK-8264135: UnsafeGetStableArrayElement should account for
different JIT implementation details
+ JDK-8265349: vmTestbase/../stress/compiler/deoptimize/
/Test.java fails with OOME due to CodeCache exhaustion.
+ JDK-8269025: jsig/Testjsig.java doesn&#x27;t check exit code
+ JDK-8269077: TestSystemGC uses &quot;require vm.gc.G1&quot; for
large
pages subtest
+ JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java
doesn&#x27;t check exit code
+ JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java
doesn&#x27;t check exit code
+ JDK-8271828: mark hotspot runtime/classFileParserBug tests
which ignore external VM flags
+ JDK-8271829: mark hotspot runtime/Throwable tests which
ignore external VM flags
+ JDK-8271890: mark hotspot runtime/Dictionary tests which
ignore external VM flags
+ JDK-8272291: mark hotspot runtime/logging tests which ignore
external VM flags
+ JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn&#x27;t
check exit codes
+ JDK-8272551: mark hotspot runtime/modules tests which ignore
external VM flags
+ JDK-8272552: mark hotspot runtime/cds tests which ignore
external VM flags
+ JDK-8273803: Zero: Handle &quot;zero&quot; variant in
CommandLineOptionTest.java
+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java
fails in Windows 11
+ JDK-8274621: NullPointerException because listenAddress[0] is
null
+ JDK-8276796: gc/TestSystemGC.java large pages subtest fails
with ZGC
+ JDK-8280007: Enable Neoverse N1 optimizations for Arm
Neoverse V1 &amp; N2
+ JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails
with java.lang.RuntimeException: values differ by more than
1GB
+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/
/ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java
from problemlist.
+ JDK-8281717: Cover logout method for several LoginModule
+ JDK-8282665: [REDO] ByteBufferTest.java: replace endless
recursion with RuntimeException in void ck(double x, double y)
+ JDK-8284090: com/sun/security/auth/module/AllPlatforms.java
fails to compile
+ JDK-8285756: clean up use of bad arguments for
<code>@clean</code> in
langtools tests
+ JDK-8285785: CheckCleanerBound test fails with
PasswordCallback object is not released
+ JDK-8285867: Convert applet manual tests
SelectionVisible.java to Frame and automate
+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java fails on mac aarch64
+ JDK-8286969: Add a new test library API to execute kinit in
SecurityTools.java
+ JDK-8287113: JFR: Periodic task thread uses period for method
sampling events
+ JDK-8289511: Improve test coverage for XPath Axes: child
+ JDK-8289764: gc/lock tests failed with &quot;OutOfMemoryError:
Java heap space: failed reallocation of scalar replaced
objects&quot;
+ JDK-8289948: Improve test coverage for XPath functions: Node
Set Functions
+ JDK-8290399: [macos] Aqua LAF does not fire an action event
if combo box menu is displayed
+ JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests
failed with &quot;isUsageThresholdExceeded() returned false, and is
still false, while threshold = MMMMMMM and used peak = NNNNNNN&quot;
+ JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup
required permissions for jtreg version 7 jar
+ JDK-8292946: GC lock/jni/jnilock001 test failed
&quot;assert(gch-&gt;gc_cause() == GCCause::_scavenge_alot ||
!gch-&gt;incremental_collection_failed()) failed: Twice in a
row&quot;
+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed
with &quot;RuntimeException: Retrieved backing PlatformLogger level
null is not the expected CONFIG&quot;
+ JDK-8294158: HTML formatting for PassFailJFrame instructions
+ JDK-8294254: [macOS] javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java failure
+ JDK-8294402: Add diagnostic logging to
VMProps.checkDockerSupport
+ JDK-8294535: Add screen capture functionality to
PassFailJFrame
+ JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails
intermittently on a VM
+ JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
/AbstractDrbg/SpecTest.java intermittently timeout
+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java
failed: ExceptionInInitializerError: target class not found
+ JDK-8300269: The selected item in an editable JComboBox with
titled border is not visible in Aqua LAF
+ JDK-8300727: java/awt/List/ListGarbageCollectionTest/
/AwtListGarbageCollectionTest.java failed with &quot;List
wasn&#x27;t
garbage collected&quot;
+ JDK-8301310: The SendRawSysexMessage test may cause a JVM
crash
+ JDK-8301377: adjust timeout for JLI
GetObjectSizeIntrinsicsTest.java subtest again
+ JDK-8301846: Invalid TargetDataLine after screen lock when
using JFileChooser or COM library
+ JDK-8302017: Allocate BadPaddingException only if it will be
thrown
+ JDK-8302109: Trivial fixes to btree tests
+ JDK-8302149: Speed up
compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java
+ JDK-8302607: increase timeout for
ContinuousCallSiteTargetChange.java
+ JDK-8304074: [JMX] Add an approximation of total bytes
allocated on the Java heap by the JVM
+ JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373
+ JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1
+ JDK-8305502: adjust timeouts in three more M&amp;M tests
+ JDK-8305505: NPE in javazic compiler
+ JDK-8305972: Update XML Security for Java to 3.0.2
+ JDK-8306072: Open source several AWT MouseInfo related tests
+ JDK-8306076: Open source AWT misc tests
+ JDK-8306409: Open source AWT KeyBoardFocusManger,
LightWeightComponent related tests
+ JDK-8306640: Open source several AWT TextArea related tests
+ JDK-8306652: Open source AWT MenuItem related tests
+ JDK-8306681: Open source more AWT DnD related tests
+ JDK-8306683: Open source several clipboard and color AWT tests
+ JDK-8306752: Open source several container and component AWT
tests
+ JDK-8306753: Open source several container AWT tests
+ JDK-8306755: Open source few Swing JComponent and
AbstractButton tests
+ JDK-8306812: Open source several AWT Miscellaneous tests
+ JDK-8306871: Open source more AWT Drag &amp; Drop tests
+ JDK-8306996: Open source Swing MenuItem related tests
+ JDK-8307123: Fix deprecation warnings in DPrinter
+ JDK-8307130: Open source few Swing JMenu tests
+ JDK-8307299: Move more DnD tests to open
+ JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing
JTableHeader tests
+ JDK-8307381: Open Source JFrame, JIF related Swing Tests
+ JDK-8307683: Loop Predication should not hoist range checks
with trap on success projection by negating their condition
+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC
while allocating
+ JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler
.compile does not close files
+ JDK-8308223: failure handler missed jcmd.vm.info command
+ JDK-8308232: nsk/jdb tests don&#x27;t pass -verbose flag to the
debuggee
+ JDK-8308245: Add -proc:full to describe current default
annotation processing policy
+ JDK-8308336: Test java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use
+ JDK-8309104: [JVMCI] compiler/unsafe/
/UnsafeGetStableArrayElement test asserts wrong values with
Graal
+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton
predicates for all If nodes in loop predication
+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/
/agentthr001/TestDescription.java crashing due to empty while
loop
+ JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when
using second test directory
+ JDK-8309870: Using -proc:full should be considered requesting
explicit annotation processing
+ JDK-8310106: sun.security.ssl.SSLHandshake
.getHandshakeProducer() incorrectly checks handshakeConsumers
+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails
+ JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/
/interrupt001.java timed out due to missing prompt
+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
timed out
+ JDK-8311081: KeytoolReaderP12Test.java fail on localized
Windows platform
+ JDK-8311511: Improve description of NativeLibrary JFR event
+ JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java
+ JDK-8313081: MonitoringSupport_lock should be unconditionally
initialized after 8304074
+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in
makefiles
+ JDK-8313164: src/java.desktop/windows/native/libawt/windows/
/awt_Robot.cpp GetRGBPixels adjust releasing of resources
+ JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground
release resources in early returns
+ JDK-8313643: Update HarfBuzz to 8.2.2
+ JDK-8313816: Accessing jmethodID might lead to spurious
crashes
+ JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to
extra concurrent mark with -Xcomp
+ JDK-8314164: java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fails intermittently
in timeout
+ JDK-8314883:
Java_java_util_prefs_FileSystemPreferences_lockFile0 write
result errno in missing case
+ JDK-8315034: File.mkdirs() occasionally fails to create
folders on Windows shared folder
+ JDK-8315042: NPE in PKCS7.parseOldSignedData
+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some
cases
+ JDK-8315499: build using devkit on Linux ppc64le RHEL puts
path to devkit into libsplashscreen
+ JDK-8315594: Open source few headless Swing misc tests
+ JDK-8315600: Open source few more headless Swing misc tests
+ JDK-8315602: Open source swing security manager test
+ JDK-8315606: Open source few swing text/html tests
+ JDK-8315611: Open source swing text/html and tree test
+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should
run with -Xbatch
+ JDK-8315731: Open source several Swing Text related tests
+ JDK-8315761: Open source few swing JList and JMenuBar tests
+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/
/bug4654927.java: component must be showing on the screen to
determine its location
+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use
createTestJvm
+ JDK-8316028: Update FreeType to 2.13.2
+ JDK-8316030: Update Libpng to 1.6.40
+ JDK-8316106: Open source few swing JInternalFrame and
JMenuBar tests
+ JDK-8316461: Fix: make test outputs TEST SUCCESS after
unsuccessful exit
+ JDK-8316947: Write a test to check textArea triggers
MouseEntered/MouseExited events properly
+ JDK-8317307: test/jdk/com/sun/jndi/ldap/
/LdapPoolTimeoutTest.java fails with ConnectException:
Connection timed out: no further information
+ JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js
+ JDK-8318154: Improve stability of WheelModifier.java test
+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/
/BootClassPathTest.sh fails on Japanese Windows
+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails
with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1
+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java
+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni
tests
+ JDK-8318608: Enable parallelism in
vmTestbase/nsk/stress/threads tests
+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with
&quot;transport error 202: bind failed: Address already in
use&quot;
+ JDK-8318889: C2: add bailout after assert Bad graph detected
in build_loop_late
+ JDK-8318951: Additional negative value check in JPEG decoding
+ JDK-8318955: Add ReleaseIntArrayElements in
Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to
early return
+ JDK-8318971: Better Error Handling for Jar Tool When
Processing Non-existent Files
+ JDK-8318983: Fix comment typo in PKCS12Passwd.java
+ JDK-8319124: Update XML Security for Java to 3.0.3
+ JDK-8319456: jdk/jfr/event/gc/collection/
/TestGCCauseWith[Serial|Parallel].java : GC cause &#x27;GCLocker
Initiated GC&#x27; not in the valid causes
+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh
+ JDK-8320001: javac crashes while adding type annotations to
the return type of a constructor
+ JDK-8320208: Update Public Suffix List to b5bf572
+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks
wrong, missed optimization opportunity
+ JDK-8320597: RSA signature verification fails on signed data
that does not encode params correctly
+ JDK-8320798: Console read line with zero out should zero out
underlying buffer
+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23
+ JDK-8320937: support latest VS2022 MSC_VER in
abstract_vm_version.cpp
+ JDK-8321151: JDK-8294427 breaks Windows L&amp;F on all older
Windows versions
+ JDK-8321215: Incorrect x86 instruction encoding for VSIB
addressing mode
+ JDK-8321408: Add Certainly roots R1 and E1
+ JDK-8321480: ISO 4217 Amendment 176 Update
+ JDK-8322178: Error. can&#x27;t find jdk.testlibrary
.SimpleSSLContext in test directory or libraries
+ JDK-8322417: Console read line with zero out should zero out
when throwing exception
+ JDK-8322725: (tz) Update Timezone Data to 2023d
+ JDK-8322750: Test &quot;api/java_awt/interactive/
/SystemTrayTests.html&quot; failed because A blue ball icon is
added outside of the system tray
+ JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is
failing assert
+ JDK-8322772: Clean up code after JDK-8322417
+ JDK-8323008: filter out harmful -std</em> flags added by autoconf
from CXX
+ JDK-8323243: JNI invocation of an abstract instance method
corrupts the stack
+ JDK-8323515: Create test alias &quot;all&quot; for all test roots
+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/
/platform/docker/TestDockerMemoryMetrics.java always fail
because OOM killed
+ JDK-8324184: Windows VS2010 build failed with &quot;error C2275:
&#x27;int64_t&#x27;&quot;
+ JDK-8324307: [11u] hotspot fails to build with GCC 12 and
newer (non-static data member initializers)
+ JDK-8324347: Enable &quot;maybe-uninitialized&quot; warning for
FreeType 2.13.1
+ JDK-8324659: GHA: Generic jtreg errors are not reported
+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/
/AKISerialNumber.java is failing
+ JDK-8325150: (tz) Update Timezone Data to 2024a
+ JDK-8326109: GCC 13 reports maybe-uninitialized warnings for
jni.cpp with dtrace enabled
+ JDK-8326503: [11u] java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fail because of
package org.junit.jupiter.api does not exist
+ JDK-8327391: Add SipHash attribution file
+ JDK-8329837: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23</p>
<ul>
<li>Removed the possibility to use the system timezone-java
(bsc#1213470).</li>
</ul>





<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>

Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">

<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing 12 SP5


<br/>
<code>zypper in -t patch
SUSE-SLE-SERVER-12-SP5-2024-1452=1</code>



</li>

<li class="list-group-item">
SUSE Linux Enterprise Server 12 SP5


<br/>
<code>zypper in -t patch
SUSE-SLE-SERVER-12-SP5-2024-1452=1</code>



</li>

<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 12 SP5


<br/>
<code>zypper in -t patch
SUSE-SLE-SERVER-12-SP5-2024-1452=1</code>



</li>

</ul>

<h2>Package List:</h2>
<ul>


<li>
SUSE Linux Enterprise High Performance Computing 12 SP5
(aarch64 x86_64)
<ul>


<li>java-11-openjdk-debuginfo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-devel-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-debugsource-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-demo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-headless-11.0.23.0-3.75.1</li>

</ul>
</li>



<li>
SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x
x86_64)
<ul>


<li>java-11-openjdk-debuginfo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-devel-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-debugsource-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-demo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-headless-11.0.23.0-3.75.1</li>

</ul>
</li>



<li>
SUSE Linux Enterprise Server for SAP Applications 12 SP5
(ppc64le x86_64)
<ul>


<li>java-11-openjdk-debuginfo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-devel-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-debugsource-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-demo-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-11.0.23.0-3.75.1</li>


<li>java-11-openjdk-headless-11.0.23.0-3.75.1</li>

</ul>
</li>


</ul>


<h2>References:</h2>
<ul>


<li>
<a href="https://www.suse.com/security/cve/CVE-2024-21011.html">https://www.suse.com/security/cve/CVE-2024-21011.html</a>
</li>



<li>
<a href="https://www.suse.com/security/cve/CVE-2024-21012.html">https://www.suse.com/security/cve/CVE-2024-21012.html</a>
</li>



<li>
<a href="https://www.suse.com/security/cve/CVE-2024-21068.html">https://www.suse.com/security/cve/CVE-2024-21068.html</a>
</li>



<li>
<a href="https://www.suse.com/security/cve/CVE-2024-21085.html">https://www.suse.com/security/cve/CVE-2024-21085.html</a>
</li>



<li>
<a href="https://www.suse.com/security/cve/CVE-2024-21094.html">https://www.suse.com/security/cve/CVE-2024-21094.html</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213470">https://bugzilla.suse.com/show_bug.cgi?id=1213470</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222979">https://bugzilla.suse.com/show_bug.cgi?id=1222979</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222983">https://bugzilla.suse.com/show_bug.cgi?id=1222983</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222984">https://bugzilla.suse.com/show_bug.cgi?id=1222984</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222986">https://bugzilla.suse.com/show_bug.cgi?id=1222986</a>
</li>



<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222987">https://bugzilla.suse.com/show_bug.cgi?id=1222987</a>
</li>


</ul>

</div>

--===============9172094984190401367==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung