drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in java-21-openjdk
| Name: |
Mehrere Probleme in java-21-openjdk |
|
| ID: |
SUSE-SU-2025:1429-1 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE Linux Enterprise Desktop 15 SP6, SUSE Linux Enterprise Server for SAP Applications 15 SP6, SUSE Linux Enterprise Server 15 SP6, SUSE Linux Enterprise Real Time 15 SP6, SUSE openSUSE Leap 15.6, SUSE Basesystem Module 15-SP6 |
|
| Datum: |
Fr, 2. Mai 2025, 23:51 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-21587
https://www.cve.org/CVERecord?id=CVE-2025-30698
https://www.cve.org/CVERecord?id=CVE-2025-30691 |
|
| Applikationen: |
OpenJDK |
|
Originalnachricht |
--===============2864443523191762467==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
# Security update for java-21-openjdk
Announcement ID: SUSE-SU-2025:1429-1
Release Date: 2025-05-02T08:10:12Z
Rating: important
References:
* bsc#1241274
* bsc#1241275
* bsc#1241276
Cross-References:
* CVE-2025-21587
* CVE-2025-30691
* CVE-2025-30698
CVSS scores:
* CVE-2025-21587 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-30691 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30698 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.7+6 (April 2025 CPU)
CVEs fixed:
* CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of
critical data (bsc#1241274)
* CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access
(bsc#1241275)
* CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS
(bsc#1241276)
Changes:
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/
/StressLoopback.java times out (aix)
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or RGB
tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details button in
FileChooser Dialog
+ JDK-8227529: With malformed --app-image the error messages
are awful
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism
are problematic
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295159: DSO created with -ffast-math breaks Java
floating-point arithmetic
+ JDK-8302111: Serialization considerations
+ JDK-8304701: Request with timeout aborts later in-flight
request on HTTP/1.1 cxn
+ JDK-8309841: Jarsigner should print a warning if an entry is
removed
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/
/TestDependencyOffsets.java fails on 512-bit SVE
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with java.lang.RuntimeException:
wrong next drop action!
+ JDK-8313905: Checked_cast assert in CDS compare_by_loader
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails
with java.lang.AssertionError: Expected [0]. Actual [1618]:
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd does not
inform about missing aggregate
+ JDK-8317283: jpackage tests run osx-specific checks on
windows and linux
+ JDK-8317636: Improve heap walking API tests to verify
correctness of field indexes
+ JDK-8317808: HTTP/2 stream cancelImpl may leave subscriber
registered
+ JDK-8317919: pthread_attr_init handle return value and
destroy pthread_attr_t object
+ JDK-8319233: AArch64: Build failure with clang due to
-Wformat-nonliteral warning
+ JDK-8320372: test/jdk/sun/security/x509/DNSName/
/LeadingPeriod.java validity check failed
+ JDK-8320676: Manual printer tests have no Pass/Fail buttons,
instructions close set 1
+ JDK-8320691: Timeout handler on Windows takes 2 hours to
complete
+ JDK-8320706: RuntimePackageTest.testUsrInstallDir test fails
on Linux
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with "OutOfMemoryError: GC overhead limit exceeded"
+ JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java
failed with 'Cannot read the array length because
"<local4>"
is null'
+ JDK-8322983: Virtual Threads: exclude 2 tests
+ JDK-8324672: Update jdk/java/time/tck/java/time/
/TCKInstant.java now() to be more robust
+ JDK-8324807: Manual printer tests have no Pass/Fail buttons,
instructions close set 2
+ JDK-8324838: test_nmt_locationprinting.cpp broken in the gcc
windows build
+ JDK-8325042: Remove unused JVMDITools test files
+ JDK-8325529: Remove unused imports from `ModuleGenerator`
test file
+ JDK-8325659: Normalize Random usage by incubator vector tests
+ JDK-8325937: runtime/handshake/HandshakeDirectTest.java
causes "monitor end should be strictly below the frame
pointer" assertion failure on AArch64
+ JDK-8326421: Add jtreg test for large arrayCopy disjoint case.
+ JDK-8326525: com/sun/tools/attach/BasicTests.java does not
verify AgentLoadException case
+ JDK-8327098: GTest needs larger combination limit
+ JDK-8327390: JitTester: Implement temporary folder
functionality
+ JDK-8327460: Compile tests with the same visibility rules as
product code
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8327505: Test com/sun/jmx/remote/
/NotificationMarshalVersions/TestSerializationMismatch.java
fails
+ JDK-8327857: Remove applet usage from JColorChooser tests
Test4222508
+ JDK-8327859: Remove applet usage from JColorChooser tests
Test4319113
+ JDK-8327986: ASAN reports use-after-free in
DirectivesParserTest.empty_object_vm
+ JDK-8327994: Update code gen in CallGeneratorHelper
+ JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet
test to main
+ JDK-8328085: C2: Use after free in
PhaseChaitin::Register_Allocate()
+ JDK-8328121: Remove applet usage from JColorChooser tests
Test4759306
+ JDK-8328130: Remove applet usage from JColorChooser tests
Test4759934
+ JDK-8328185: Convert java/awt/image/MemoryLeakTest/
/MemoryLeakTest.java applet test to main
+ JDK-8328227: Remove applet usage from JColorChooser tests
Test4887836
+ JDK-8328368: Convert java/awt/image/multiresolution/
/MultiDisplayTest/MultiDisplayTest.java applet test to main
+ JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java
applet test to main
+ JDK-8328380: Remove applet usage from JColorChooser tests
Test6348456
+ JDK-8328387: Convert java/awt/Frame/FrameStateTest/
/FrameStateTest.html applet test to main
+ JDK-8328403: Remove applet usage from JColorChooser tests
Test6977726
+ JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/
/SwingSet2/src/DemoModule.java
+ JDK-8328558: Convert javax/swing/JCheckBox/8032667/
/bug8032667.java applet test to main
+ JDK-8328717: Convert javax/swing/JColorChooser/8065098/
/bug8065098.java applet test to main
+ JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html
applet test to main
+ JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html
applet test to main
+ JDK-8328753: Open source few Undecorated Frame tests
+ JDK-8328819: Remove applet usage from JFileChooser tests
bug6698013
+ JDK-8328827: Convert java/awt/print/PrinterJob/
/PrinterDialogsModalityTest/PrinterDialogsModalityTest.html
applet test to main
+ JDK-8329210: Delete Redundant Printer Dialog Modality Test
+ JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test
+ JDK-8329322: Convert PageFormat/Orient.java to use
PassFailJFrame
+ JDK-8329692: Add more details to FrameStateTest.java test
instructions
+ JDK-8330647: Two CDS tests fail with -UseCompressedOops and
UseSerialGC/UseParallelGC
+ JDK-8330702: Update failure handler to don't generate Error
message if cores actions are empty
+ JDK-8331735: UpcallLinker::on_exit races with GC when copying
frame anchor
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface to
v3.1
+ JDK-8331977: Crash: SIGSEGV in dlerror()
+ JDK-8331993: Add counting leading/trailing zero tests for
Integer
+ JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/
/EnterExitEvents/ResizingFrameTest.java
+ JDK-8332494: java/util/zip/EntryCount64k.java failing with
java.lang.RuntimeException: '\\A\\Z' missing from
stderr
+ JDK-8332917: failure_handler should execute gdb "info
threads" command on linux
+ JDK-8333116: test/jdk/tools/jpackage/share/ServiceTest.java
test fails
+ JDK-8333360: PrintNullString.java doesn't use float arguments
+ JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed:
Thread was never interrupted during sleep
+ JDK-8333403: Write a test to check various components events
are triggered properly
+ JDK-8333647: C2 SuperWord: some additional PopulateIndex tests
+ JDK-8334305: Remove all code for nsk.share.Log verbose mode
+ JDK-8334371: [AIX] Beginning with AIX 7.3 TL1 mmap() supports
64K memory pages
+ JDK-8334490: Normalize string with locale invariant
`toLowerCase()`
+ JDK-8334777: Test javax/management/remote/mandatory/notif/
/NotifReconnectDeadlockTest.java failed with
NullPointerException
+ JDK-8335288: SunPKCS11 initialization will call
C_GetMechanismInfo on unsupported mechanisms
+ JDK-8335468: [XWayland] JavaFX hangs when calling
java.awt.Robot.getPixelColor
+ JDK-8335789: [TESTBUG] XparColor.java test fails with Error.
Parse Exception: Invalid or unrecognized bugid: @
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8336498: [macos] [build]: install-file macro may run into
permission denied error
+ JDK-8336692: Redo fix for JDK-8284620
+ JDK-8336942: Improve test coverage for class loading elements
with annotations of different retentions
+ JDK-8337222: gc/TestDisableExplicitGC.java fails due to
unexpected CodeCache GC
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337660: C2: basic blocks with only BoxLock nodes are
wrongly treated as empty
+ JDK-8337692: Better TLS connection support
+ JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java
fails in OEL due to a slight color difference
+ JDK-8337951: Test sun/security/validator/samedn.sh
CertificateNotYetValidException: NotBefore validation
+ JDK-8337994: [REDO] Native memory leak when not recording any
events
+ JDK-8338100: C2: assert(!n_loop->is_member(get_loop(lca)))
failed: control must not be back in the loop
+ JDK-8338303: Linux ppc64le with toolchain clang - detection
failure in early JVM startup
+ JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java
failed
+ JDK-8338430: Improve compiler transformations
+ JDK-8338571: [TestBug] DefaultCloseOperation.java test not
working as expected wrt instruction after JDK-8325851 fix
+ JDK-8338595: Add more linesize for MIME decoder in macro
bench test Base64Decode
+ JDK-8338668: Test javax/swing/JFileChooser/8080628/
/bug8080628.java doesn't test for GTK L&F
+ JDK-8339154: Cleanups and JUnit conversion of
test/jdk/java/util/zip/Available.java
+ JDK-8339261: Logs truncated in test
javax/net/ssl/DTLS/DTLSRehandshakeTest.java
+ JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java
failed with java.net.SocketException: An established
connection was aborted by the software in your host machine
+ JDK-8339475: Clean up return code handling for pthread calls
in library coding
+ JDK-8339524: Clean up a few ExtendedRobot tests
+ JDK-8339542: compiler/codecache/CheckSegmentedCodeCache.java
fails
+ JDK-8339687: Rearrange reachabilityFence()s in
jdk.test.lib.util.ForceGC
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339834: Replace usages of -mx and -ms in some tests
+ JDK-8339883: Open source several AWT/2D related tests
+ JDK-8339902: Open source couple TextField related tests
+ JDK-8339943: Frame not disposed in
java/awt/dnd/DropActionChangeTest.java
+ JDK-8340078: Open source several 2D tests
+ JDK-8340116: test/jdk/sun/security/tools/jarsigner/
/PreserveRawManifestEntryAndDigest.java can fail due to regex
+ JDK-8340313: Crash due to invalid oop in nmethod after C1
patching
+ JDK-8340411: open source several 2D imaging tests
+ JDK-8340480: Bad copyright notices in changes from JDK-8339902
+ JDK-8340687: Open source closed frame tests #1
+ JDK-8340719: Open source AWT List tests
+ JDK-8340824: C2: Memory for TypeInterfaces not reclaimed by
hashcons()
+ JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java
should be marked as flagless
+ JDK-8341037: Use standard layouts in
DefaultFrameIconTest.java and MenuCrash.java
+ JDK-8341111: open source several AWT tests including menu
shortcut tests
+ JDK-8341135: Incorrect format string after JDK-8339475
+ JDK-8341194: [REDO] Implement C2 VectorizedHashCode on AArch64
+ JDK-8341316: [macos] javax/swing/ProgressMonitor/
/ProgressMonitorEscapeKeyPress.java fails sometimes in macos
+ JDK-8341412: Various test failures after JDK-8334305
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in
some cases where the test tables are not visible
+ JDK-8341715: PPC64: ObjectMonitor::_owner should be reset
unconditionally in nmethod unlocking
+ JDK-8341820: Check return value of hcreate_r
+ JDK-8341862: PPC64: C1 unwind_handler fails to unlock
synchronized methods with LM_MONITOR
+ JDK-8341881: [REDO] java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java#tmp fails on alinux3
+ JDK-8341978: Improve JButton/bug4490179.java
+ JDK-8341982: Simplify JButton/bug4323121.java
+ JDK-8342098: Write a test to compare the images
+ JDK-8342145: File libCreationTimeHelper.c compile fails on
Alpine
+ JDK-8342270: Test sun/security/pkcs11/Provider/
/RequiredMechCheck.java needs write access to src tree
+ JDK-8342498: Add test for Allocation elimination after use as
alignment reference by SuperWord
+ JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead
of delay
+ JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java
from running on macOS
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342602: Remove JButton/PressedButtonRightClickTest test
+ JDK-8342609: jpackage test helper function incorrectly
removes a directory instead of its contents only
+ JDK-8342634: javax/imageio/plugins/wbmp/
/WBMPStreamTruncateTest.java creates temp file in src dir
+ JDK-8342635: javax/swing/JFileChooser/FileSystemView/
/WindowsDefaultIconSizeTest.java creates tmp file in src dir
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java
failed: Unexpected connection count: 5
+ JDK-8342858: Make target mac-jdk-bundle fails on chmod command
+ JDK-8342988: GHA: Build JTReg in single step
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343100: Consolidate EmptyFolderTest and
EmptyFolderPackageTest jpackage tests into single java file
+ JDK-8343101: Rework BasicTest.testTemp test cases
+ JDK-8343102: Remove `--compress` from jlink command lines
from jpackage tests
+ JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/
/PrintCheckboxManualTest.java fails with Error. Can't find
HTML file PrintCheckboxManualTest.html
+ JDK-8343128: PassFailJFrame.java test result: Error. Bad
action for script: build}
+ JDK-8343129: Disable unstable check of
ThreadsListHandle.sanity_vm ThreadList values
+ JDK-8343144: UpcallLinker::on_entry racingly clears pending
exception with GC safepoints
+ JDK-8343149: Cleanup os::print_tos_pc on AIX
+ JDK-8343178: Test BasicTest.java javac compile fails cannot
find symbol
+ JDK-8343205: CompileBroker::possibly_add_compiler_threads
excessively polls available memory
+ JDK-8343314: Move common properties from jpackage jtreg test
declarations to TEST.properties file
+ JDK-8343343: Misc crash dump improvements on more platforms
after JDK-8294160
+ JDK-8343378: Exceptions in javax/management DeadLockTest.java
do not cause test failure
+ JDK-8343396: Use OperatingSystem, Architecture, and OSVersion
in jpackage tests
+ JDK-8343491: javax/management/remote/mandatory/connection/
/DeadLockTest.java failing with NoSuchObjectException: no such
object in table
+ JDK-8343599: Kmem limit and max values swapped when printing
container information
+ JDK-8343882: BasicAnnoTests doesn't handle multiple
annotations at the same position
+ JDK-8344275: tools/jpackage/windows/Win8301247Test.java fails
on localized Windows platform
+ JDK-8344326: Move jpackage tests from
"jdk.jpackage.tests"
package to the default package
+ JDK-8344581: [TESTBUG] java/awt/Robot/
/ScreenCaptureRobotTest.java failing on macOS
+ JDK-8344589: Update IANA Language Subtag Registry to Version
2024-11-19
+ JDK-8344646: The libjsig deprecation warning should go to
stderr not stdout
+ JDK-8345296: AArch64: VM crashes with SIGILL when prctl is
disallowed
+ JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java
fails on Windows Server 2025
+ JDK-8345370: Bump update version for OpenJDK: jdk-21.0.7
+ JDK-8345375: Improve debuggability of
test/jdk/java/net/Socket/CloseAvailable.java
+ JDK-8345414: Google CAInterop test failures
+ JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/
/bug4865918.java fails in ubuntu22.04
+ JDK-8345569: [ubsan] adjustments to filemap.cpp and
virtualspace.cpp for macOS aarch64
+ JDK-8345614: Improve AnnotationFormatError message for
duplicate annotation interfaces
+ JDK-8345676: [ubsan] ProcessImpl_md.c:561:40: runtime error:
applying zero offset to null pointer on macOS aarch64
+ JDK-8345684: OperatingSystemMXBean.getSystemCpuLoad() throws
NPE
+ JDK-8345750: Shenandoah: Test TestJcmdHeapDump.java#aggressive
intermittent assert(gc_cause() == GCCause::_no_gc) failed:
Over-writing cause
+ JDK-8346055: javax/swing/text/StyledEditorKit/4506788/
/bug4506788.java fails in ubuntu22.04
+ JDK-8346108: [21u][BACKOUT] 8337994: [REDO] Native memory
leak when not recording any events
+ JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java
fails in CI
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8346671: java/nio/file/Files/probeContentType/Basic.java
fails on Windows 2025
+ JDK-8346713: [testsuite] NeverActAsServerClassMachine breaks
TestPLABAdaptToMinTLABSize.java
TestPinnedHumongousFragmentation.java
TestPinnedObjectContents.java
+ JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java
still fails in CI
+ JDK-8346847: [s390x] minimal build failure
+ JDK-8346880: [aix] java/lang/ProcessHandle/InfoTest.java
still fails: "reported cputime less than expected"
+ JDK-8346881: [ubsan] logSelection.cpp:154:24 /
logSelectionList.cpp:72:94 : runtime error: applying non-zero
offset 1 to null pointer
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8346972: Test java/nio/channels/FileChannel/
/LoopingTruncate.java fails sometimes with IOException: There
is not enough space on the disk
+ JDK-8347038: [JMH] jdk.incubator.vector.SpiltReplicate fails
NoClassDefFoundError
+ JDK-8347129: cpuset cgroups controller is required for no
good reason
+ JDK-8347171: (dc) java/nio/channels/DatagramChannel/
/InterruptibleOrNot.java fails with virtual thread factory
+ JDK-8347256: Epsilon: Demote heap size and AlwaysPreTouch
warnings to info level
+ JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime
error: division by zero
+ JDK-8347268: [ubsan] logOutput.cpp:357:21: runtime error:
applying non-zero offset 1 to null pointer
+ JDK-8347424: Fix and rewrite
sun/security/x509/DNSName/LeadingPeriod.java test
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347576: Error output in libjsound has non matching
format strings
+ JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java
failing
+ JDK-8347847: Enhance jar file support
+ JDK-8347911: Limit the length of inflated text chunks
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8348562: ZGC: segmentation fault due to missing node type
check in barrier elision analysis
+ JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old
java.awt.headless behavior on Windows
+ JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland
+ JDK-8349039: Adjust exception No type named <ThreadType> in
database
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8349729: [21u] AIX jtreg tests fail to compile with
qvisibility=hidden
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8353904: [21u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.7
* Update to upstream tag jdk-21.0.6+7 (January 2025 CPU)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-1429=1 SUSE-2025-1429=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1429=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1
* java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1
* java-21-openjdk-demo-21.0.7.0-150600.3.12.1
* java-21-openjdk-21.0.7.0-150600.3.12.1
* java-21-openjdk-headless-21.0.7.0-150600.3.12.1
* java-21-openjdk-src-21.0.7.0-150600.3.12.1
* java-21-openjdk-devel-21.0.7.0-150600.3.12.1
* java-21-openjdk-jmods-21.0.7.0-150600.3.12.1
* java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1
* java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1
* openSUSE Leap 15.6 (noarch)
* java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1
* java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1
* java-21-openjdk-demo-21.0.7.0-150600.3.12.1
* java-21-openjdk-21.0.7.0-150600.3.12.1
* java-21-openjdk-headless-21.0.7.0-150600.3.12.1
* java-21-openjdk-devel-21.0.7.0-150600.3.12.1
* java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1
* java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1
## References:
* https://www.suse.com/security/cve/CVE-2025-21587.html
* https://www.suse.com/security/cve/CVE-2025-30691.html
* https://www.suse.com/security/cve/CVE-2025-30698.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241274
* https://bugzilla.suse.com/show_bug.cgi?id=1241275
* https://bugzilla.suse.com/show_bug.cgi?id=1241276
--===============2864443523191762467==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
<div class="container">
<h1>Security update for java-21-openjdk</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:1429-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-05-02T08:10:12Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241274">bsc#1241274</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241275">bsc#1241275</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241276">bsc#1241276</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-21587.html">CVE-2025-21587</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-30691.html">CVE-2025-30691</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-30698.html">CVE-2025-30698</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">9.1</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">7.4</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">7.4</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">4.8</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">4.8</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">5.6</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">5.6</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem
Module 15-SP6</li>
<li class="list-group-item">openSUSE Leap
15.6</li>
<li class="list-group-item">SUSE Linux
Enterprise Desktop 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Real Time 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP6</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities can now be
installed.</p>
<h2>Description:</h2>
<p>This update for java-21-openjdk fixes the following
issues:</p>
<p>Update to upstream tag jdk-21.0.7+6 (April 2025 CPU)</p>
<p>CVEs fixed:</p>
<ul>
<li>CVE-2025-21587: Fixed JSSE unauthorized access, deletion or
modification of critical data (bsc#1241274)</li>
<li>CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data
Access (bsc#1241275)</li>
<li>CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS
(bsc#1241276)</li>
</ul>
<p>Changes:</p>
<pre><code>+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8211851: (ch) java/nio/channels/AsynchronousSocketChannel/
/StressLoopback.java times out (aix)
+ JDK-8226933: [TEST_BUG]GTK L&amp;F: There is no swatches or RGB
tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&amp;F: There is no Details button in
FileChooser Dialog
+ JDK-8227529: With malformed --app-image the error messages
are awful
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism
are problematic
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295159: DSO created with -ffast-math breaks Java
floating-point arithmetic
+ JDK-8302111: Serialization considerations
+ JDK-8304701: Request with timeout aborts later in-flight
request on HTTP/1.1 cxn
+ JDK-8309841: Jarsigner should print a warning if an entry is
removed
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8312570: [TESTBUG] Jtreg compiler/loopopts/superword/
/TestDependencyOffsets.java fails on 512-bit SVE
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with java.lang.RuntimeException:
wrong next drop action!
+ JDK-8313905: Checked_cast assert in CDS compare_by_loader
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java fails
with java.lang.AssertionError: Expected [0]. Actual [1618]:
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316885: jcmd: Compiler.CodeHeap_Analytics cmd does not
inform about missing aggregate
+ JDK-8317283: jpackage tests run osx-specific checks on
windows and linux
+ JDK-8317636: Improve heap walking API tests to verify
correctness of field indexes
+ JDK-8317808: HTTP/2 stream cancelImpl may leave subscriber
registered
+ JDK-8317919: pthread_attr_init handle return value and
destroy pthread_attr_t object
+ JDK-8319233: AArch64: Build failure with clang due to
-Wformat-nonliteral warning
+ JDK-8320372: test/jdk/sun/security/x509/DNSName/
/LeadingPeriod.java validity check failed
+ JDK-8320676: Manual printer tests have no Pass/Fail buttons,
instructions close set 1
+ JDK-8320691: Timeout handler on Windows takes 2 hours to
complete
+ JDK-8320706: RuntimePackageTest.testUsrInstallDir test fails
on Linux
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with &quot;OutOfMemoryError: GC overhead limit exceeded&quot;
+ JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java
failed with &#x27;Cannot read the array length because
&quot;&lt;local4&gt;&quot;
is null&#x27;
+ JDK-8322983: Virtual Threads: exclude 2 tests
+ JDK-8324672: Update jdk/java/time/tck/java/time/
/TCKInstant.java now() to be more robust
+ JDK-8324807: Manual printer tests have no Pass/Fail buttons,
instructions close set 2
+ JDK-8324838: test_nmt_locationprinting.cpp broken in the gcc
windows build
+ JDK-8325042: Remove unused JVMDITools test files
+ JDK-8325529: Remove unused imports from `ModuleGenerator`
test file
+ JDK-8325659: Normalize Random usage by incubator vector tests
+ JDK-8325937: runtime/handshake/HandshakeDirectTest.java
causes &quot;monitor end should be strictly below the frame
pointer&quot; assertion failure on AArch64
+ JDK-8326421: Add jtreg test for large arrayCopy disjoint case.
+ JDK-8326525: com/sun/tools/attach/BasicTests.java does not
verify AgentLoadException case
+ JDK-8327098: GTest needs larger combination limit
+ JDK-8327390: JitTester: Implement temporary folder
functionality
+ JDK-8327460: Compile tests with the same visibility rules as
product code
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8327505: Test com/sun/jmx/remote/
/NotificationMarshalVersions/TestSerializationMismatch.java
fails
+ JDK-8327857: Remove applet usage from JColorChooser tests
Test4222508
+ JDK-8327859: Remove applet usage from JColorChooser tests
Test4319113
+ JDK-8327986: ASAN reports use-after-free in
DirectivesParserTest.empty_object_vm
+ JDK-8327994: Update code gen in CallGeneratorHelper
+ JDK-8328005: Convert java/awt/im/JTextFieldTest.java applet
test to main
+ JDK-8328085: C2: Use after free in
PhaseChaitin::Register_Allocate()
+ JDK-8328121: Remove applet usage from JColorChooser tests
Test4759306
+ JDK-8328130: Remove applet usage from JColorChooser tests
Test4759934
+ JDK-8328185: Convert java/awt/image/MemoryLeakTest/
/MemoryLeakTest.java applet test to main
+ JDK-8328227: Remove applet usage from JColorChooser tests
Test4887836
+ JDK-8328368: Convert java/awt/image/multiresolution/
/MultiDisplayTest/MultiDisplayTest.java applet test to main
+ JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java
applet test to main
+ JDK-8328380: Remove applet usage from JColorChooser tests
Test6348456
+ JDK-8328387: Convert java/awt/Frame/FrameStateTest/
/FrameStateTest.html applet test to main
+ JDK-8328403: Remove applet usage from JColorChooser tests
Test6977726
+ JDK-8328553: Get rid of JApplet in test/jdk/sanity/client/lib/
/SwingSet2/src/DemoModule.java
+ JDK-8328558: Convert javax/swing/JCheckBox/8032667/
/bug8032667.java applet test to main
+ JDK-8328717: Convert javax/swing/JColorChooser/8065098/
/bug8065098.java applet test to main
+ JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html
applet test to main
+ JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html
applet test to main
+ JDK-8328753: Open source few Undecorated Frame tests
+ JDK-8328819: Remove applet usage from JFileChooser tests
bug6698013
+ JDK-8328827: Convert java/awt/print/PrinterJob/
/PrinterDialogsModalityTest/PrinterDialogsModalityTest.html
applet test to main
+ JDK-8329210: Delete Redundant Printer Dialog Modality Test
+ JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java test
+ JDK-8329322: Convert PageFormat/Orient.java to use
PassFailJFrame
+ JDK-8329692: Add more details to FrameStateTest.java test
instructions
+ JDK-8330647: Two CDS tests fail with -UseCompressedOops and
UseSerialGC/UseParallelGC
+ JDK-8330702: Update failure handler to don&#x27;t generate Error
message if cores actions are empty
+ JDK-8331735: UpcallLinker::on_exit races with GC when copying
frame anchor
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface to
v3.1
+ JDK-8331977: Crash: SIGSEGV in dlerror()
+ JDK-8331993: Add counting leading/trailing zero tests for
Integer
+ JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/
/EnterExitEvents/ResizingFrameTest.java
+ JDK-8332494: java/util/zip/EntryCount64k.java failing with
java.lang.RuntimeException: &#x27;\\A\\Z&#x27; missing from
stderr
+ JDK-8332917: failure_handler should execute gdb &quot;info
threads&quot; command on linux
+ JDK-8333116: test/jdk/tools/jpackage/share/ServiceTest.java
test fails
+ JDK-8333360: PrintNullString.java doesn&#x27;t use float arguments
+ JDK-8333391: Test com/sun/jdi/InterruptHangTest.java failed:
Thread was never interrupted during sleep
+ JDK-8333403: Write a test to check various components events
are triggered properly
+ JDK-8333647: C2 SuperWord: some additional PopulateIndex tests
+ JDK-8334305: Remove all code for nsk.share.Log verbose mode
+ JDK-8334371: [AIX] Beginning with AIX 7.3 TL1 mmap() supports
64K memory pages
+ JDK-8334490: Normalize string with locale invariant
`toLowerCase()`
+ JDK-8334777: Test javax/management/remote/mandatory/notif/
/NotifReconnectDeadlockTest.java failed with
NullPointerException
+ JDK-8335288: SunPKCS11 initialization will call
C_GetMechanismInfo on unsupported mechanisms
+ JDK-8335468: [XWayland] JavaFX hangs when calling
java.awt.Robot.getPixelColor
+ JDK-8335789: [TESTBUG] XparColor.java test fails with Error.
Parse Exception: Invalid or unrecognized bugid: @
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8336498: [macos] [build]: install-file macro may run into
permission denied error
+ JDK-8336692: Redo fix for JDK-8284620
+ JDK-8336942: Improve test coverage for class loading elements
with annotations of different retentions
+ JDK-8337222: gc/TestDisableExplicitGC.java fails due to
unexpected CodeCache GC
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337660: C2: basic blocks with only BoxLock nodes are
wrongly treated as empty
+ JDK-8337692: Better TLS connection support
+ JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java
fails in OEL due to a slight color difference
+ JDK-8337951: Test sun/security/validator/samedn.sh
CertificateNotYetValidException: NotBefore validation
+ JDK-8337994: [REDO] Native memory leak when not recording any
events
+ JDK-8338100: C2: assert(!n_loop-&gt;is_member(get_loop(lca)))
failed: control must not be back in the loop
+ JDK-8338303: Linux ppc64le with toolchain clang - detection
failure in early JVM startup
+ JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java
failed
+ JDK-8338430: Improve compiler transformations
+ JDK-8338571: [TestBug] DefaultCloseOperation.java test not
working as expected wrt instruction after JDK-8325851 fix
+ JDK-8338595: Add more linesize for MIME decoder in macro
bench test Base64Decode
+ JDK-8338668: Test javax/swing/JFileChooser/8080628/
/bug8080628.java doesn&#x27;t test for GTK L&amp;F
+ JDK-8339154: Cleanups and JUnit conversion of
test/jdk/java/util/zip/Available.java
+ JDK-8339261: Logs truncated in test
javax/net/ssl/DTLS/DTLSRehandshakeTest.java
+ JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java
failed with java.net.SocketException: An established
connection was aborted by the software in your host machine
+ JDK-8339475: Clean up return code handling for pthread calls
in library coding
+ JDK-8339524: Clean up a few ExtendedRobot tests
+ JDK-8339542: compiler/codecache/CheckSegmentedCodeCache.java
fails
+ JDK-8339687: Rearrange reachabilityFence()s in
jdk.test.lib.util.ForceGC
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339834: Replace usages of -mx and -ms in some tests
+ JDK-8339883: Open source several AWT/2D related tests
+ JDK-8339902: Open source couple TextField related tests
+ JDK-8339943: Frame not disposed in
java/awt/dnd/DropActionChangeTest.java
+ JDK-8340078: Open source several 2D tests
+ JDK-8340116: test/jdk/sun/security/tools/jarsigner/
/PreserveRawManifestEntryAndDigest.java can fail due to regex
+ JDK-8340313: Crash due to invalid oop in nmethod after C1
patching
+ JDK-8340411: open source several 2D imaging tests
+ JDK-8340480: Bad copyright notices in changes from JDK-8339902
+ JDK-8340687: Open source closed frame tests #1
+ JDK-8340719: Open source AWT List tests
+ JDK-8340824: C2: Memory for TypeInterfaces not reclaimed by
hashcons()
+ JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java
should be marked as flagless
+ JDK-8341037: Use standard layouts in
DefaultFrameIconTest.java and MenuCrash.java
+ JDK-8341111: open source several AWT tests including menu
shortcut tests
+ JDK-8341135: Incorrect format string after JDK-8339475
+ JDK-8341194: [REDO] Implement C2 VectorizedHashCode on AArch64
+ JDK-8341316: [macos] javax/swing/ProgressMonitor/
/ProgressMonitorEscapeKeyPress.java fails sometimes in macos
+ JDK-8341412: Various test failures after JDK-8334305
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8341453: java/awt/a11y/AccessibleJTableTest.java fails in
some cases where the test tables are not visible
+ JDK-8341715: PPC64: ObjectMonitor::_owner should be reset
unconditionally in nmethod unlocking
+ JDK-8341820: Check return value of hcreate_r
+ JDK-8341862: PPC64: C1 unwind_handler fails to unlock
synchronized methods with LM_MONITOR
+ JDK-8341881: [REDO] java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java#tmp fails on alinux3
+ JDK-8341978: Improve JButton/bug4490179.java
+ JDK-8341982: Simplify JButton/bug4323121.java
+ JDK-8342098: Write a test to compare the images
+ JDK-8342145: File libCreationTimeHelper.c compile fails on
Alpine
+ JDK-8342270: Test sun/security/pkcs11/Provider/
/RequiredMechCheck.java needs write access to src tree
+ JDK-8342498: Add test for Allocation elimination after use as
alignment reference by SuperWord
+ JDK-8342508: Use latch in BasicMenuUI/bug4983388.java instead
of delay
+ JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java
from running on macOS
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342602: Remove JButton/PressedButtonRightClickTest test
+ JDK-8342609: jpackage test helper function incorrectly
removes a directory instead of its contents only
+ JDK-8342634: javax/imageio/plugins/wbmp/
/WBMPStreamTruncateTest.java creates temp file in src dir
+ JDK-8342635: javax/swing/JFileChooser/FileSystemView/
/WindowsDefaultIconSizeTest.java creates tmp file in src dir
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java
failed: Unexpected connection count: 5
+ JDK-8342858: Make target mac-jdk-bundle fails on chmod command
+ JDK-8342988: GHA: Build JTReg in single step
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343100: Consolidate EmptyFolderTest and
EmptyFolderPackageTest jpackage tests into single java file
+ JDK-8343101: Rework BasicTest.testTemp test cases
+ JDK-8343102: Remove `--compress` from jlink command lines
from jpackage tests
+ JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/
/PrintCheckboxManualTest.java fails with Error. Can&#x27;t find
HTML file PrintCheckboxManualTest.html
+ JDK-8343128: PassFailJFrame.java test result: Error. Bad
action for script: build}
+ JDK-8343129: Disable unstable check of
ThreadsListHandle.sanity_vm ThreadList values
+ JDK-8343144: UpcallLinker::on_entry racingly clears pending
exception with GC safepoints
+ JDK-8343149: Cleanup os::print_tos_pc on AIX
+ JDK-8343178: Test BasicTest.java javac compile fails cannot
find symbol
+ JDK-8343205: CompileBroker::possibly_add_compiler_threads
excessively polls available memory
+ JDK-8343314: Move common properties from jpackage jtreg test
declarations to TEST.properties file
+ JDK-8343343: Misc crash dump improvements on more platforms
after JDK-8294160
+ JDK-8343378: Exceptions in javax/management DeadLockTest.java
do not cause test failure
+ JDK-8343396: Use OperatingSystem, Architecture, and OSVersion
in jpackage tests
+ JDK-8343491: javax/management/remote/mandatory/connection/
/DeadLockTest.java failing with NoSuchObjectException: no such
object in table
+ JDK-8343599: Kmem limit and max values swapped when printing
container information
+ JDK-8343882: BasicAnnoTests doesn&#x27;t handle multiple
annotations at the same position
+ JDK-8344275: tools/jpackage/windows/Win8301247Test.java fails
on localized Windows platform
+ JDK-8344326: Move jpackage tests from
&quot;jdk.jpackage.tests&quot;
package to the default package
+ JDK-8344581: [TESTBUG] java/awt/Robot/
/ScreenCaptureRobotTest.java failing on macOS
+ JDK-8344589: Update IANA Language Subtag Registry to Version
2024-11-19
+ JDK-8344646: The libjsig deprecation warning should go to
stderr not stdout
+ JDK-8345296: AArch64: VM crashes with SIGILL when prctl is
disallowed
+ JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java
fails on Windows Server 2025
+ JDK-8345370: Bump update version for OpenJDK: jdk-21.0.7
+ JDK-8345375: Improve debuggability of
test/jdk/java/net/Socket/CloseAvailable.java
+ JDK-8345414: Google CAInterop test failures
+ JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/
/bug4865918.java fails in ubuntu22.04
+ JDK-8345569: [ubsan] adjustments to filemap.cpp and
virtualspace.cpp for macOS aarch64
+ JDK-8345614: Improve AnnotationFormatError message for
duplicate annotation interfaces
+ JDK-8345676: [ubsan] ProcessImpl_md.c:561:40: runtime error:
applying zero offset to null pointer on macOS aarch64
+ JDK-8345684: OperatingSystemMXBean.getSystemCpuLoad() throws
NPE
+ JDK-8345750: Shenandoah: Test TestJcmdHeapDump.java#aggressive
intermittent assert(gc_cause() == GCCause::_no_gc) failed:
Over-writing cause
+ JDK-8346055: javax/swing/text/StyledEditorKit/4506788/
/bug4506788.java fails in ubuntu22.04
+ JDK-8346108: [21u][BACKOUT] 8337994: [REDO] Native memory
leak when not recording any events
+ JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java
fails in CI
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8346671: java/nio/file/Files/probeContentType/Basic.java
fails on Windows 2025
+ JDK-8346713: [testsuite] NeverActAsServerClassMachine breaks
TestPLABAdaptToMinTLABSize.java
TestPinnedHumongousFragmentation.java
TestPinnedObjectContents.java
+ JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java
still fails in CI
+ JDK-8346847: [s390x] minimal build failure
+ JDK-8346880: [aix] java/lang/ProcessHandle/InfoTest.java
still fails: &quot;reported cputime less than expected&quot;
+ JDK-8346881: [ubsan] logSelection.cpp:154:24 /
logSelectionList.cpp:72:94 : runtime error: applying non-zero
offset 1 to null pointer
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8346972: Test java/nio/channels/FileChannel/
/LoopingTruncate.java fails sometimes with IOException: There
is not enough space on the disk
+ JDK-8347038: [JMH] jdk.incubator.vector.SpiltReplicate fails
NoClassDefFoundError
+ JDK-8347129: cpuset cgroups controller is required for no
good reason
+ JDK-8347171: (dc) java/nio/channels/DatagramChannel/
/InterruptibleOrNot.java fails with virtual thread factory
+ JDK-8347256: Epsilon: Demote heap size and AlwaysPreTouch
warnings to info level
+ JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime
error: division by zero
+ JDK-8347268: [ubsan] logOutput.cpp:357:21: runtime error:
applying non-zero offset 1 to null pointer
+ JDK-8347424: Fix and rewrite
sun/security/x509/DNSName/LeadingPeriod.java test
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347576: Error output in libjsound has non matching
format strings
+ JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java
failing
+ JDK-8347847: Enhance jar file support
+ JDK-8347911: Limit the length of inflated text chunks
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8348562: ZGC: segmentation fault due to missing node type
check in barrier elision analysis
+ JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old
java.awt.headless behavior on Windows
+ JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland
+ JDK-8349039: Adjust exception No type named
&lt;ThreadType&gt; in
database
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8349729: [21u] AIX jtreg tests fail to compile with
qvisibility=hidden
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8353904: [21u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.7
</code></pre>
<ul>
<li>Update to upstream tag jdk-21.0.6+7 (January 2025 CPU)</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.6
<br/>
<code>zypper in -t patch
openSUSE-SLE-15.6-2025-1429=1 SUSE-2025-1429=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP6
<br/>
<code>zypper in -t patch
SUSE-SLE-Module-Basesystem-15-SP6-2025-1429=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
<ul>
<li>java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-demo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-headless-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-src-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-devel-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-jmods-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.6 (noarch)
<ul>
<li>java-21-openjdk-javadoc-21.0.7.0-150600.3.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-21-openjdk-debugsource-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-headless-debuginfo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-demo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-headless-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-devel-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-debuginfo-21.0.7.0-150600.3.12.1</li>
<li>java-21-openjdk-devel-debuginfo-21.0.7.0-150600.3.12.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-21587.html">https://www.suse.com/security/cve/CVE-2025-21587.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-30691.html">https://www.suse.com/security/cve/CVE-2025-30691.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-30698.html">https://www.suse.com/security/cve/CVE-2025-30698.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241274">https://bugzilla.suse.com/show_bug.cgi?id=1241274</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241275">https://bugzilla.suse.com/show_bug.cgi?id=1241275</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241276">https://bugzilla.suse.com/show_bug.cgi?id=1241276</a>
</li>
</ul>
</div>
--===============2864443523191762467==--
|
|
|
|
