drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in java-17-openjdk
| Name: |
Mehrere Probleme in java-17-openjdk |
|
| ID: |
SUSE-SU-2025:1490-1 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE Manager Proxy 4.3, SUSE Manager Server 4.3, SUSE Manager Retail Branch Server 4.3, SUSE Linux Enterprise High Performance Computing 15 SP4, SUSE Linux Enterprise Server 15 SP4, SUSE Linux Enterprise Server for SAP Applications 15 SP4, SUSE Linux Enterprise Server for SAP Applications 15 SP5, SUSE Linux Enterprise Server 15 SP5, SUSE Linux Enterprise High Performance Computing 15 SP5, SUSE openSUSE Leap 15.4, SUSE Linux Enterprise High Performance Computing LTSS 15 SP4, SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4, SUSE Linux Enterprise Desktop 15 SP6, SUSE Linux Enterprise Server for SAP Applications 15 SP6, SUSE Linux Enterprise Server 15 SP6, SUSE Linux Enterprise Real Time 15 SP6, SUSE openSUSE Leap 15.6, SUSE Basesystem Module 15-SP6, SUSE Legacy Module 15-SP6, SUSE Linux Enterprise Server 15 SP4 LTSS, SUSE Linux Enterprise High Performance Computing LTSS 15 SP5, SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5, SUSE Linux Enterprise Server 15 SP5 LTSS |
|
| Datum: |
Do, 8. Mai 2025, 06:26 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-30698
https://www.cve.org/CVERecord?id=CVE-2025-21587
https://www.cve.org/CVERecord?id=CVE-2025-30691 |
|
| Applikationen: |
OpenJDK |
|
Originalnachricht |
--===============7739932505455621795==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
# Security update for java-17-openjdk
Announcement ID: SUSE-SU-2025:1490-1
Release Date: 2025-05-06T11:49:02Z
Rating: important
References:
* bsc#1241274
* bsc#1241275
* bsc#1241276
Cross-References:
* CVE-2025-21587
* CVE-2025-30691
* CVE-2025-30698
CVSS scores:
* CVE-2025-21587 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-30691 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30698 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-30698 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
* Basesystem Module 15-SP6
* Legacy Module 15-SP6
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves three vulnerabilities can now be installed.
## Description:
This update for java-17-openjdk fixes the following issues:
Update to upstream tag jdk-17.0.15+6 (April 2025 CPU)
CVEs:
* CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of
critical data (bsc#1241274)
* CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access
(bsc#1241275)
* CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS
(bsc#1241276)
Changes:
+ JDK-6355567: AdobeMarkerSegment causes failure to read
valid JPEG
+ JDK-8065099: [macos] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java fails: no background shine
through
+ JDK-8179502: Enhance OCSP, CRL and Certificate Fetch
Timeouts
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac
+ JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java throws NPE
+ JDK-8226933: [TEST_BUG]GTK L&F: There is no swatches or
RGB tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&F: There is no Details
button in FileChooser Dialog
+ JDK-8266435: WBMPImageReader.read() should not truncate
the input stream
+ JDK-8267893: Improve jtreg test failure handler do get
native/mixed stack traces for cores and live processes
+ JDK-8270961: [TESTBUG] Move GotWrongOOMEException into
vm.share.gc package
+ JDK-8274893: Update java.desktop classes to use
try-with-resources
+ JDK-8276202: LogFileOutput.invalid_file_vm asserts when
being executed from a read only working directory
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8281234: The -protected option is not always checked
in keytool and jarsigner
+ JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may
leak memory
+ JDK-8283387: [macos] a11y : Screen magnifier does not
show selected Tab
+ JDK-8283404: [macos] a11y : Screen magnifier does not
show JMenu name
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent
always returns 'true'
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8290400: Must run exe installers in jpackage jtreg
tests without UI
+ JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/
/MultiScreenLocationTest.java: Robot.mouseMove test failed on
Screen #0
+ JDK-8292704: sun/security/tools/jarsigner/compatibility/
/Compatibility.java use wrong key size for EC
+ JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8
with hard-coded isOel7
+ JDK-8293345: SunPKCS11 provider checks on PKCS11
Mechanism are problematic
+ JDK-8293412: Remove unnecessary java.security.egd
overrides
+ JDK-8294067: [macOS] javax/swing/JComboBox/6559152/
/bug6559152.java Cannot select an item from popup with the
ENTER key.
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295087: Manual Test to Automated Test Conversion
+ JDK-8295176: some langtools test pollutes source tree
+ JDK-8296591: Signature benchmark
+ JDK-8296818: Enhance JMH tests
java/security/Signatures.java
+ JDK-8299077: [REDO] JDK-4512626 Non-editable JTextArea
provides no visual indication of keyboard focus
+ JDK-8299127: [REDO] JDK-8194048 Regression automated test
'/open/test/jdk/javax/swing/text/DefaultCaret/HidingSelection/
/HidingSelectionTest.java' fails
+ JDK-8299128: [REDO] JDK-8213562 Test javax/swing/text/
/DefaultCaret/HidingSelection/MultiSelectionTest.java fails
+ JDK-8299739: HashedPasswordFileTest.java and ExceptionTest.java
can fail with java.lang.NullPointerException
+ JDK-8299994: java/security/Policy/Root/Root.java fails
when home directory is read-only
+ JDK-8301989: new
javax.swing.text.DefaultCaret().setBlinkRate(N) results in NPE
+ JDK-8302111: Serialization considerations
+ JDK-8305853: java/text/Format/DateFormat/
/DateFormatRegression.java fails with "Uncaught exception
thrown in test method Test4089106"
+ JDK-8306711: Improve diagnosis of `IntlTest` framework
+ JDK-8308341: JNI_GetCreatedJavaVMs returns a partially
initialized JVM
+ JDK-8309171: Test vmTestbase/nsk/jvmti/scenarios/
/jni_interception/JI05/ji05t001/TestDescription.java fails
after JDK-8308341
+ JDK-8309231: ProblemList vmTestbase/nsk/jvmti/scenarios/
/jni_interception/JI05/ji05t001/TestDescription.java
+ JDK-8309740: Expand timeout windows for tests in
JDK-8179502
+ JDK-8309841: Jarsigner should print a warning if an entry
is removed
+ JDK-8310234: Refactor Locale tests to use JUnit
+ JDK-8310629: java/security/cert/CertPathValidator/OCSP/
/OCSPTimeout.java fails with RuntimeException: Server not ready
+ JDK-8311306: Test com/sun/management/ThreadMXBean/
/ThreadCpuTimeArray.java failed: out of expected range
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8311663: Additional refactoring of Locale tests to
JUnit
+ JDK-8312416: Tests in Locale should have more descriptive
names
+ JDK-8312518: [macos13] setFullScreenWindow() shows black
screen on macOS 13 & above
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with
java.lang.RuntimeException: wrong next drop action!
+ JDK-8313710: jcmd: typo in the documentation of JFR.start
and JFR.dump
+ JDK-8314225: SIGSEGV in JavaThread::is_lock_owned
+ JDK-8314610: hotspot can't compile with the latest of
gtest because of <iomanip>
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java
fails with java.lang.AssertionError: Expected [0]. Actual
[1618]:
+ JDK-8314975: JavadocTester should set source path if not
specified
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316559: Refactor some util/Calendar tests to JUnit
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316696: Remove the testing base classes: IntlTest
and CollatorTest
+ JDK-8317631: Refactor ChoiceFormat tests to use JUnit
+ JDK-8317636: Improve heap walking API tests to verify
correctness of field indexes
+ JDK-8318442: java/net/httpclient/ManyRequests2.java fails
intermittently on Linux
+ JDK-8319567: Update java/lang/invoke tests to support vm
flags
+ JDK-8319568: Update java/lang/reflect/exeCallerAccessTest/
/CallerAccessTest.java to accept vm flags
+ JDK-8319569: Several java/util tests should be updated to
accept VM flags
+ JDK-8319647: Few java/lang/System/LoggerFinder/modules
tests ignore vm flags
+ JDK-8319648: java/lang/SecurityManager tests ignore vm
flags
+ JDK-8319672: Several classloader tests ignore VM flags
+ JDK-8319673: Few security tests ignore VM flags
+ JDK-8319676: A couple of jdk/modules/incubator/ tests
ignore VM flags
+ JDK-8319677: Test jdk/internal/misc/VM/RuntimeArguments.java
should be marked as flagless
+ JDK-8319818: Address GCC 13.2.0 warnings
(stringop-overflow and dangling-pointer)
+ JDK-8320372: test/jdk/sun/security/x509/DNSName/
/LeadingPeriod.java validity check failed
+ JDK-8320676: Manual printer tests have no Pass/Fail
buttons, instructions close set 1
+ JDK-8320691: Timeout handler on Windows takes 2 hours to
complete
+ JDK-8320714: java/util/Locale/LocaleProvidersRun.java and
java/util/ResourceBundle/modules/visibility/
/VisibilityTest.java timeout after passing
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with "OutOfMemoryError: GC overhead limit exceeded"
+ JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java
failed with 'Cannot read the array length because
"<local4>"
is null'
+ JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java
failed with "Events are not ordered! Reuse = false"
+ JDK-8324672: Update jdk/java/time/tck/java/time/TCKInstant.java
now() to be more robust
+ JDK-8324807: Manual printer tests have no Pass/Fail
buttons, instructions close set 2
+ JDK-8325024: java/security/cert/CertPathValidator/OCSP(
/OCSPTimeout.java incorrect comment information
+ JDK-8325042: Remove unused JVMDITools test files
+ JDK-8325529: Remove unused imports from `ModuleGenerator`
test file
+ JDK-8325659: Normalize Random usage by incubator vector
tests
+ JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/
/compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed
+ JDK-8325908: Finish removal of IntlTest and CollatorTest
+ JDK-8325937: runtime/handshake/HandshakeDirectTest.java
causes "monitor end should be strictly below the frame
pointer"
assertion failure on AArch64
+ JDK-8326421: Add jtreg test for large arrayCopy disjoint
case.
+ JDK-8326525: com/sun/tools/attach/BasicTests.java does
not verify AgentLoadException case
+ JDK-8327098: GTest needs larger combination limit
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8327505: Test com/sun/jmx/remote/
/NotificationMarshalVersions/TestSerializationMismatch.java
fails
+ JDK-8327857: Remove applet usage from JColorChooser tests
Test4222508
+ JDK-8327859: Remove applet usage from JColorChooser tests
Test4319113
+ JDK-8327986: ASAN reports use-after-free in
DirectivesParserTest.empty_object_vm
+ JDK-8328005: Convert java/awt/im/JTextFieldTest.java
applet test to main
+ JDK-8328085: C2: Use after free in
PhaseChaitin::Register_Allocate()
+ JDK-8328121: Remove applet usage from JColorChooser tests
Test4759306
+ JDK-8328130: Remove applet usage from JColorChooser tests
Test4759934
+ JDK-8328185: Convert java/awt/image/MemoryLeakTest/
/MemoryLeakTest.java applet test to main
+ JDK-8328227: Remove applet usage from JColorChooser tests
Test4887836
+ JDK-8328368: Convert java/awt/image/multiresolution/
/MultiDisplayTest/MultiDisplayTest.java applet test to main
+ JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java
applet test to main
+ JDK-8328380: Remove applet usage from JColorChooser tests
Test6348456
+ JDK-8328387: Convert java/awt/Frame/FrameStateTest/
/FrameStateTest.html applet test to main
+ JDK-8328403: Remove applet usage from JColorChooser tests
Test6977726
+ JDK-8328553: Get rid of JApplet in
test/jdk/sanity/client/lib/SwingSet2/src/DemoModule.java
+ JDK-8328558: Convert javax/swing/JCheckBox/8032667/
/bug8032667.java applet test to main
+ JDK-8328717: Convert javax/swing/JColorChooser/8065098/
/bug8065098.java applet test to main
+ JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html
applet test to main
+ JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html
applet test to main
+ JDK-8328753: Open source few Undecorated Frame tests
+ JDK-8328819: Remove applet usage from JFileChooser tests
bug6698013
+ JDK-8328827: Convert java/awt/print/PrinterJob/
/PrinterDialogsModalityTest/PrinterDialogsModalityTest.html
applet test to main
+ JDK-8329210: Delete Redundant Printer Dialog Modality Test
+ JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java
test
+ JDK-8329322: Convert PageFormat/Orient.java to use
PassFailJFrame
+ JDK-8329692: Add more details to FrameStateTest.java test
instructions
+ JDK-8330702: Update failure handler to don't generate
Error message if cores actions are empty
+ JDK-8331153: JFR: Improve logging of
jdk/jfr/api/consumer/filestream/TestOrdered.java
+ JDK-8331735: UpcallLinker::on_exit races with GC when
copying frame anchor
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface
to v3.1
+ JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/
/EnterExitEvents/ResizingFrameTest.java
+ JDK-8332917: failure_handler should execute gdb "info
threads" command on linux
+ JDK-8333360: PrintNullString.java doesn't use float
arguments
+ JDK-8333391: Test com/sun/jdi/InterruptHangTest.java
failed: Thread was never interrupted during sleep
+ JDK-8333403: Write a test to check various components
events are triggered properly
+ JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java
is failing on Japanese Windows
+ JDK-8334305: Remove all code for nsk.share.Log verbose
mode
+ JDK-8334490: Normalize string with locale invariant
`toLowerCase()`
+ JDK-8334777: Test javax/management/remote/mandatory/notif/
/NotifReconnectDeadlockTest.java failed with
NullPointerException
+ JDK-8335150: Test LogGeneratedClassesTest.java fails on
rpmbuild mock enviroment
+ JDK-8335172: Add manual steps to run security/auth/callback/
/TextCallbackHandler/Password.java test
+ JDK-8335789: [TESTBUG] XparColor.java test fails with
Error. Parse Exception: Invalid or unrecognized bugid: @
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8336498: [macos] [build]: install-file macro may run
into permission denied error
+ JDK-8336692: Redo fix for JDK-8284620
+ JDK-8336942: Improve test coverage for class loading
elements with annotations of different retentions
+ JDK-8337222: gc/TestDisableExplicitGC.java fails due to
unexpected CodeCache GC
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337692: Better TLS connection support
+ JDK-8337826: Improve logging in OCSPTimeout and
SimpleOCSPResponder to help diagnose JDK-8309754
+ JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java
fails in OEL due to a slight color difference
+ JDK-8337951: Test sun/security/validator/samedn.sh
CertificateNotYetValidException: NotBefore validation
+ JDK-8338100: C2: assert(!n_loop->is_member(get_loop(lca)))
failed: control must not be back in the loop
+ JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java
failed
+ JDK-8338430: Improve compiler transformations
+ JDK-8338571: [TestBug] DefaultCloseOperation.java test
not working as expected wrt instruction after JDK-8325851 fix
+ JDK-8338595: Add more linesize for MIME decoder in macro
bench test Base64Decode
+ JDK-8338668: Test javax/swing/JFileChooser/8080628/
/bug8080628.java doesn't test for GTK L&F
+ JDK-8339154: Cleanups and JUnit conversion of
test/jdk/java/util/zip/Available.java
+ JDK-8339261: Logs truncated in test
javax/net/ssl/DTLS/DTLSRehandshakeTest.java
+ JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java
failed with java.net.SocketException: An established
connection was aborted by the software in your host machine
+ JDK-8339524: Clean up a few ExtendedRobot tests
+ JDK-8339687: Rearrange reachabilityFence()s in
jdk.test.lib.util.ForceGC
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339883: Open source several AWT/2D related tests
+ JDK-8339902: Open source couple TextField related tests
+ JDK-8339943: Frame not disposed in
java/awt/dnd/DropActionChangeTest.java
+ JDK-8340078: Open source several 2D tests
+ JDK-8340116: test/jdk/sun/security/tools/jarsigner/
/PreserveRawManifestEntryAndDigest.java can fail due to regex
+ JDK-8340411: open source several 2D imaging tests
+ JDK-8340480: Bad copyright notices in changes from
JDK-8339902
+ JDK-8340687: Open source closed frame tests #1
+ JDK-8340719: Open source AWT List tests
+ JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java
should be marked as flagless
+ JDK-8341037: Use standard layouts in
DefaultFrameIconTest.java and MenuCrash.java
+ JDK-8341111: open source several AWT tests including menu
shortcut tests
+ JDK-8341316: [macos] javax/swing/ProgressMonitor/
/ProgressMonitorEscapeKeyPress.java fails sometimes in macos
+ JDK-8341412: Various test failures after JDK-8334305
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8341453: java/awt/a11y/AccessibleJTableTest.java
fails in some cases where the test tables are not visible
+ JDK-8341722: Fix some warnings as errors when building on
Linux with toolchain clang
+ JDK-8341881: [REDO] java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java#tmp fails on alinux3
+ JDK-8341978: Improve JButton/bug4490179.java
+ JDK-8341982: Simplify JButton/bug4323121.java
+ JDK-8342098: Write a test to compare the images
+ JDK-8342145: File libCreationTimeHelper.c compile fails
on Alpine
+ JDK-8342270: Test sun/security/pkcs11/Provider/
/RequiredMechCheck.java needs write access to src tree
+ JDK-8342498: Add test for Allocation elimination after
use as alignment reference by SuperWord
+ JDK-8342508: Use latch in BasicMenuUI/bug4983388.java
instead of delay
+ JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java
from running on macOS
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342602: Remove JButton/PressedButtonRightClickTest
test
+ JDK-8342607: Enhance register printing on x86_64 platforms
+ JDK-8342609: jpackage test helper function incorrectly
removes a directory instead of its contents only
+ JDK-8342634: javax/imageio/plugins/wbmp/
/WBMPStreamTruncateTest.java creates temp file in src dir
+ JDK-8342635: javax/swing/JFileChooser/FileSystemView/
/WindowsDefaultIconSizeTest.java creates tmp file in src dir
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java
failed: Unexpected connection count: 5
+ JDK-8342858: Make target mac-jdk-bundle fails on chmod
command
+ JDK-8342988: GHA: Build JTReg in single step
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343100: Consolidate EmptyFolderTest and
EmptyFolderPackageTest jpackage tests into single java file
+ JDK-8343101: Rework BasicTest.testTemp test cases
+ JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/
/PrintCheckboxManualTest.java fails with Error. Can't find
HTML file PrintCheckboxManualTest.html
+ JDK-8343128: PassFailJFrame.java test result: Error. Bad
action for script: build}
+ JDK-8343129: Disable unstable check of
ThreadsListHandle.sanity_vm ThreadList values
+ JDK-8343178: Test BasicTest.java javac compile fails
cannot find symbol
+ JDK-8343378: Exceptions in javax/management
DeadLockTest.java do not cause test failure
+ JDK-8343491: javax/management/remote/mandatory/connection/
/DeadLockTest.java failing with NoSuchObjectException: no such
object in table
+ JDK-8343599: Kmem limit and max values swapped when
printing container information
+ JDK-8343724: [PPC64] Disallow OptoScheduling
+ JDK-8343882: BasicAnnoTests doesn't handle multiple
annotations at the same position
+ JDK-8344581: [TESTBUG] java/awt/Robot/
/ScreenCaptureRobotTest.java failing on macOS
+ JDK-8344589: Update IANA Language Subtag Registry to
Version 2024-11-19
+ JDK-8344646: The libjsig deprecation warning should go to
stderr not stdout
+ JDK-8345296: AArch64: VM crashes with SIGILL when prctl
is disallowed
+ JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java
fails on Windows Server 2025
+ JDK-8345371: Bump update version for OpenJDK: jdk-17.0.15
+ JDK-8345375: Improve debuggability of
test/jdk/java/net/Socket/CloseAvailable.java
+ JDK-8345414: Google CAInterop test failures
+ JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/
/bug4865918.java fails in ubuntu22.04
+ JDK-8346055: javax/swing/text/StyledEditorKit/4506788/
/bug4506788.java fails in ubuntu22.04
+ JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java
fails in CI
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8346671: java/nio/file/Files/probeContentType/Basic.java
fails on Windows 2025
+ JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java
still fails in CI
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8346908: Update JDK 17 javadoc man page
+ JDK-8346972: Test java/nio/channels/FileChannel/
/LoopingTruncate.java fails sometimes with IOException: There
is not enough space on the disk
+ JDK-8347424: Fix and rewrite
sun/security/x509/DNSName/LeadingPeriod.java test
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java
failing
+ JDK-8347847: Enhance jar file support
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old
java.awt.headless behavior on Windows
+ JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8353905: [17u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.15
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-1490=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1490=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-1490=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-1490=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1490=1
* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1490=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1490=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1490=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1490=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1490=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1490=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1490=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1490=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1490=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1490=1
## Package List:
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-jmods-17.0.15.0-150400.3.54.1
* java-17-openjdk-src-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* openSUSE Leap 15.4 (noarch)
* java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-jmods-17.0.15.0-150400.3.54.1
* java-17-openjdk-src-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* openSUSE Leap 15.6 (noarch)
* java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
* SUSE Manager Proxy 4.3 (x86_64)
* java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1
* java-17-openjdk-demo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1
* java-17-openjdk-headless-17.0.15.0-150400.3.54.1
* java-17-openjdk-17.0.15.0-150400.3.54.1
* java-17-openjdk-devel-17.0.15.0-150400.3.54.1
## References:
* https://www.suse.com/security/cve/CVE-2025-21587.html
* https://www.suse.com/security/cve/CVE-2025-30691.html
* https://www.suse.com/security/cve/CVE-2025-30698.html
* https://bugzilla.suse.com/show_bug.cgi?id=1241274
* https://bugzilla.suse.com/show_bug.cgi?id=1241275
* https://bugzilla.suse.com/show_bug.cgi?id=1241276
--===============7739932505455621795==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
<div class="container">
<h1>Security update for java-17-openjdk</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:1490-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-05-06T11:49:02Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241274">bsc#1241274</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241275">bsc#1241275</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241276">bsc#1241276</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-21587.html">CVE-2025-21587</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-30691.html">CVE-2025-30691</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-30698.html">CVE-2025-30698</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">9.1</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">7.4</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-21587</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">7.4</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">4.8</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30691</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">4.8</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">5.6</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-30698</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">5.6</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem
Module 15-SP6</li>
<li class="list-group-item">Legacy Module
15-SP6</li>
<li class="list-group-item">openSUSE Leap
15.4</li>
<li class="list-group-item">openSUSE Leap
15.6</li>
<li class="list-group-item">SUSE Linux
Enterprise Desktop 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing 15 SP5</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing ESPOS 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing ESPOS 15 SP5</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing LTSS 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing LTSS 15 SP5</li>
<li class="list-group-item">SUSE Linux
Enterprise Real Time 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP4 LTSS</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP5</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP5 LTSS</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP5</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP6</li>
<li class="list-group-item">SUSE Manager
Proxy 4.3</li>
<li class="list-group-item">SUSE Manager
Retail Branch Server 4.3</li>
<li class="list-group-item">SUSE Manager
Server 4.3</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities can now be
installed.</p>
<h2>Description:</h2>
<p>This update for java-17-openjdk fixes the following
issues:</p>
<p>Update to upstream tag jdk-17.0.15+6 (April 2025 CPU)</p>
<p>CVEs:</p>
<ul>
<li>CVE-2025-21587: Fixed JSSE unauthorized access, deletion or
modification of critical data (bsc#1241274)</li>
<li>CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data
Access (bsc#1241275)</li>
<li>CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS
(bsc#1241276)</li>
</ul>
<p>Changes:</p>
<pre><code>+ JDK-6355567: AdobeMarkerSegment causes failure to read
valid JPEG
+ JDK-8065099: [macos] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java fails: no background shine
through
+ JDK-8179502: Enhance OCSP, CRL and Certificate Fetch
Timeouts
+ JDK-8198237: [macos] Test java/awt/Frame/
/ExceptionOnSetExtendedStateTest/
/ExceptionOnSetExtendedStateTest.java fails
+ JDK-8198666: Many java/awt/Modal/OnTop/ test fails on mac
+ JDK-8208565: [TEST_BUG] javax/swing/PopupFactory/6276087/
/NonOpaquePopupMenuTest.java throws NPE
+ JDK-8226933: [TEST_BUG]GTK L&amp;F: There is no swatches or
RGB tab in JColorChooser
+ JDK-8226938: [TEST_BUG]GTK L&amp;F: There is no Details
button in FileChooser Dialog
+ JDK-8266435: WBMPImageReader.read() should not truncate
the input stream
+ JDK-8267893: Improve jtreg test failure handler do get
native/mixed stack traces for cores and live processes
+ JDK-8270961: [TESTBUG] Move GotWrongOOMEException into
vm.share.gc package
+ JDK-8274893: Update java.desktop classes to use
try-with-resources
+ JDK-8276202: LogFileOutput.invalid_file_vm asserts when
being executed from a read only working directory
+ JDK-8277240: java/awt/Graphics2D/ScaledTransform/
/ScaledTransform.java dialog does not get disposed
+ JDK-8281234: The -protected option is not always checked
in keytool and jarsigner
+ JDK-8282314: nsk/jvmti/SuspendThread/suspendthrd003 may
leak memory
+ JDK-8283387: [macos] a11y : Screen magnifier does not
show selected Tab
+ JDK-8283404: [macos] a11y : Screen magnifier does not
show JMenu name
+ JDK-8283664: Remove jtreg tag manual=yesno for
java/awt/print/PrinterJob/PrintTextTest.java
+ JDK-8286779: javax.crypto.CryptoPolicyParser#isConsistent
always returns &#x27;true&#x27;
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8290400: Must run exe installers in jpackage jtreg
tests without UI
+ JDK-8292588: [macos] Multiscreen/MultiScreenLocationTest/
/MultiScreenLocationTest.java: Robot.mouseMove test failed on
Screen #0
+ JDK-8292704: sun/security/tools/jarsigner/compatibility/
/Compatibility.java use wrong key size for EC
+ JDK-8292848: AWT_Mixing and TrayIcon tests fail on el8
with hard-coded isOel7
+ JDK-8293345: SunPKCS11 provider checks on PKCS11
Mechanism are problematic
+ JDK-8293412: Remove unnecessary java.security.egd
overrides
+ JDK-8294067: [macOS] javax/swing/JComboBox/6559152/
/bug6559152.java Cannot select an item from popup with the
ENTER key.
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8295087: Manual Test to Automated Test Conversion
+ JDK-8295176: some langtools test pollutes source tree
+ JDK-8296591: Signature benchmark
+ JDK-8296818: Enhance JMH tests
java/security/Signatures.java
+ JDK-8299077: [REDO] JDK-4512626 Non-editable JTextArea
provides no visual indication of keyboard focus
+ JDK-8299127: [REDO] JDK-8194048 Regression automated test
&#x27;/open/test/jdk/javax/swing/text/DefaultCaret/HidingSelection/
/HidingSelectionTest.java&#x27; fails
+ JDK-8299128: [REDO] JDK-8213562 Test javax/swing/text/
/DefaultCaret/HidingSelection/MultiSelectionTest.java fails
+ JDK-8299739: HashedPasswordFileTest.java and ExceptionTest.java
can fail with java.lang.NullPointerException
+ JDK-8299994: java/security/Policy/Root/Root.java fails
when home directory is read-only
+ JDK-8301989: new
javax.swing.text.DefaultCaret().setBlinkRate(N) results in NPE
+ JDK-8302111: Serialization considerations
+ JDK-8305853: java/text/Format/DateFormat/
/DateFormatRegression.java fails with &quot;Uncaught exception
thrown in test method Test4089106&quot;
+ JDK-8306711: Improve diagnosis of `IntlTest` framework
+ JDK-8308341: JNI_GetCreatedJavaVMs returns a partially
initialized JVM
+ JDK-8309171: Test vmTestbase/nsk/jvmti/scenarios/
/jni_interception/JI05/ji05t001/TestDescription.java fails
after JDK-8308341
+ JDK-8309231: ProblemList vmTestbase/nsk/jvmti/scenarios/
/jni_interception/JI05/ji05t001/TestDescription.java
+ JDK-8309740: Expand timeout windows for tests in
JDK-8179502
+ JDK-8309841: Jarsigner should print a warning if an entry
is removed
+ JDK-8310234: Refactor Locale tests to use JUnit
+ JDK-8310629: java/security/cert/CertPathValidator/OCSP/
/OCSPTimeout.java fails with RuntimeException: Server not ready
+ JDK-8311306: Test com/sun/management/ThreadMXBean/
/ThreadCpuTimeArray.java failed: out of expected range
+ JDK-8311546: Certificate name constraints improperly
validated with leading period
+ JDK-8311663: Additional refactoring of Locale tests to
JUnit
+ JDK-8312416: Tests in Locale should have more descriptive
names
+ JDK-8312518: [macos13] setFullScreenWindow() shows black
screen on macOS 13 &amp; above
+ JDK-8313633: [macOS] java/awt/dnd/NextDropActionTest/
/NextDropActionTest.java fails with
java.lang.RuntimeException: wrong next drop action!
+ JDK-8313710: jcmd: typo in the documentation of JFR.start
and JFR.dump
+ JDK-8314225: SIGSEGV in JavaThread::is_lock_owned
+ JDK-8314610: hotspot can&#x27;t compile with the latest of
gtest because of &lt;iomanip&gt;
+ JDK-8314752: Use google test string comparison macros
+ JDK-8314909: tools/jpackage/windows/Win8282351Test.java
fails with java.lang.AssertionError: Expected [0]. Actual
[1618]:
+ JDK-8314975: JavadocTester should set source path if not
specified
+ JDK-8315486: vmTestbase/nsk/jdwp/ThreadReference/
/ForceEarlyReturn/forceEarlyReturn002/forceEarlyReturn002.java
timed out
+ JDK-8315825: Open some swing tests
+ JDK-8315882: Open some swing tests 2
+ JDK-8315883: Open source several Swing JToolbar tests
+ JDK-8315952: Open source several Swing JToolbar JTooltip
JTree tests
+ JDK-8316056: Open source several Swing JTree tests
+ JDK-8316146: Open some swing tests 4
+ JDK-8316149: Open source several Swing JTree JViewport
KeyboardManager tests
+ JDK-8316218: Open some swing tests 5
+ JDK-8316371: Open some swing tests 6
+ JDK-8316559: Refactor some util/Calendar tests to JUnit
+ JDK-8316627: JViewport Test headless failure
+ JDK-8316696: Remove the testing base classes: IntlTest
and CollatorTest
+ JDK-8317631: Refactor ChoiceFormat tests to use JUnit
+ JDK-8317636: Improve heap walking API tests to verify
correctness of field indexes
+ JDK-8318442: java/net/httpclient/ManyRequests2.java fails
intermittently on Linux
+ JDK-8319567: Update java/lang/invoke tests to support vm
flags
+ JDK-8319568: Update java/lang/reflect/exeCallerAccessTest/
/CallerAccessTest.java to accept vm flags
+ JDK-8319569: Several java/util tests should be updated to
accept VM flags
+ JDK-8319647: Few java/lang/System/LoggerFinder/modules
tests ignore vm flags
+ JDK-8319648: java/lang/SecurityManager tests ignore vm
flags
+ JDK-8319672: Several classloader tests ignore VM flags
+ JDK-8319673: Few security tests ignore VM flags
+ JDK-8319676: A couple of jdk/modules/incubator/ tests
ignore VM flags
+ JDK-8319677: Test jdk/internal/misc/VM/RuntimeArguments.java
should be marked as flagless
+ JDK-8319818: Address GCC 13.2.0 warnings
(stringop-overflow and dangling-pointer)
+ JDK-8320372: test/jdk/sun/security/x509/DNSName/
/LeadingPeriod.java validity check failed
+ JDK-8320676: Manual printer tests have no Pass/Fail
buttons, instructions close set 1
+ JDK-8320691: Timeout handler on Windows takes 2 hours to
complete
+ JDK-8320714: java/util/Locale/LocaleProvidersRun.java and
java/util/ResourceBundle/modules/visibility/
/VisibilityTest.java timeout after passing
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with &quot;OutOfMemoryError: GC overhead limit exceeded&quot;
+ JDK-8321818: vmTestbase/nsk/stress/strace/strace015.java
failed with &#x27;Cannot read the array length because
&quot;&lt;local4&gt;&quot;
is null&#x27;
+ JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java
failed with &quot;Events are not ordered! Reuse = false&quot;
+ JDK-8324672: Update jdk/java/time/tck/java/time/TCKInstant.java
now() to be more robust
+ JDK-8324807: Manual printer tests have no Pass/Fail
buttons, instructions close set 2
+ JDK-8325024: java/security/cert/CertPathValidator/OCSP(
/OCSPTimeout.java incorrect comment information
+ JDK-8325042: Remove unused JVMDITools test files
+ JDK-8325529: Remove unused imports from `ModuleGenerator`
test file
+ JDK-8325659: Normalize Random usage by incubator vector
tests
+ JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/
/compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed
+ JDK-8325908: Finish removal of IntlTest and CollatorTest
+ JDK-8325937: runtime/handshake/HandshakeDirectTest.java
causes &quot;monitor end should be strictly below the frame
pointer&quot;
assertion failure on AArch64
+ JDK-8326421: Add jtreg test for large arrayCopy disjoint
case.
+ JDK-8326525: com/sun/tools/attach/BasicTests.java does
not verify AgentLoadException case
+ JDK-8327098: GTest needs larger combination limit
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8327505: Test com/sun/jmx/remote/
/NotificationMarshalVersions/TestSerializationMismatch.java
fails
+ JDK-8327857: Remove applet usage from JColorChooser tests
Test4222508
+ JDK-8327859: Remove applet usage from JColorChooser tests
Test4319113
+ JDK-8327986: ASAN reports use-after-free in
DirectivesParserTest.empty_object_vm
+ JDK-8328005: Convert java/awt/im/JTextFieldTest.java
applet test to main
+ JDK-8328085: C2: Use after free in
PhaseChaitin::Register_Allocate()
+ JDK-8328121: Remove applet usage from JColorChooser tests
Test4759306
+ JDK-8328130: Remove applet usage from JColorChooser tests
Test4759934
+ JDK-8328185: Convert java/awt/image/MemoryLeakTest/
/MemoryLeakTest.java applet test to main
+ JDK-8328227: Remove applet usage from JColorChooser tests
Test4887836
+ JDK-8328368: Convert java/awt/image/multiresolution/
/MultiDisplayTest/MultiDisplayTest.java applet test to main
+ JDK-8328370: Convert java/awt/print/Dialog/PrintApplet.java
applet test to main
+ JDK-8328380: Remove applet usage from JColorChooser tests
Test6348456
+ JDK-8328387: Convert java/awt/Frame/FrameStateTest/
/FrameStateTest.html applet test to main
+ JDK-8328403: Remove applet usage from JColorChooser tests
Test6977726
+ JDK-8328553: Get rid of JApplet in
test/jdk/sanity/client/lib/SwingSet2/src/DemoModule.java
+ JDK-8328558: Convert javax/swing/JCheckBox/8032667/
/bug8032667.java applet test to main
+ JDK-8328717: Convert javax/swing/JColorChooser/8065098/
/bug8065098.java applet test to main
+ JDK-8328719: Convert java/awt/print/PageFormat/SetOrient.html
applet test to main
+ JDK-8328730: Convert java/awt/print/bug8023392/bug8023392.html
applet test to main
+ JDK-8328753: Open source few Undecorated Frame tests
+ JDK-8328819: Remove applet usage from JFileChooser tests
bug6698013
+ JDK-8328827: Convert java/awt/print/PrinterJob/
/PrinterDialogsModalityTest/PrinterDialogsModalityTest.html
applet test to main
+ JDK-8329210: Delete Redundant Printer Dialog Modality Test
+ JDK-8329320: Simplify awt/print/PageFormat/NullPaper.java
test
+ JDK-8329322: Convert PageFormat/Orient.java to use
PassFailJFrame
+ JDK-8329692: Add more details to FrameStateTest.java test
instructions
+ JDK-8330702: Update failure handler to don&#x27;t generate
Error message if cores actions are empty
+ JDK-8331153: JFR: Improve logging of
jdk/jfr/api/consumer/filestream/TestOrdered.java
+ JDK-8331735: UpcallLinker::on_exit races with GC when
copying frame anchor
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface
to v3.1
+ JDK-8332158: [XWayland] test/jdk/java/awt/Mouse/
/EnterExitEvents/ResizingFrameTest.java
+ JDK-8332917: failure_handler should execute gdb &quot;info
threads&quot; command on linux
+ JDK-8333360: PrintNullString.java doesn&#x27;t use float
arguments
+ JDK-8333391: Test com/sun/jdi/InterruptHangTest.java
failed: Thread was never interrupted during sleep
+ JDK-8333403: Write a test to check various components
events are triggered properly
+ JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java
is failing on Japanese Windows
+ JDK-8334305: Remove all code for nsk.share.Log verbose
mode
+ JDK-8334490: Normalize string with locale invariant
`toLowerCase()`
+ JDK-8334777: Test javax/management/remote/mandatory/notif/
/NotifReconnectDeadlockTest.java failed with
NullPointerException
+ JDK-8335150: Test LogGeneratedClassesTest.java fails on
rpmbuild mock enviroment
+ JDK-8335172: Add manual steps to run security/auth/callback/
/TextCallbackHandler/Password.java test
+ JDK-8335789: [TESTBUG] XparColor.java test fails with
Error. Parse Exception: Invalid or unrecognized bugid: @
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8336498: [macos] [build]: install-file macro may run
into permission denied error
+ JDK-8336692: Redo fix for JDK-8284620
+ JDK-8336942: Improve test coverage for class loading
elements with annotations of different retentions
+ JDK-8337222: gc/TestDisableExplicitGC.java fails due to
unexpected CodeCache GC
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337692: Better TLS connection support
+ JDK-8337826: Improve logging in OCSPTimeout and
SimpleOCSPResponder to help diagnose JDK-8309754
+ JDK-8337886: java/awt/Frame/MaximizeUndecoratedTest.java
fails in OEL due to a slight color difference
+ JDK-8337951: Test sun/security/validator/samedn.sh
CertificateNotYetValidException: NotBefore validation
+ JDK-8338100: C2: assert(!n_loop-&gt;is_member(get_loop(lca)))
failed: control must not be back in the loop
+ JDK-8338426: Test java/nio/channels/Selector/WakeupNow.java
failed
+ JDK-8338430: Improve compiler transformations
+ JDK-8338571: [TestBug] DefaultCloseOperation.java test
not working as expected wrt instruction after JDK-8325851 fix
+ JDK-8338595: Add more linesize for MIME decoder in macro
bench test Base64Decode
+ JDK-8338668: Test javax/swing/JFileChooser/8080628/
/bug8080628.java doesn&#x27;t test for GTK L&amp;F
+ JDK-8339154: Cleanups and JUnit conversion of
test/jdk/java/util/zip/Available.java
+ JDK-8339261: Logs truncated in test
javax/net/ssl/DTLS/DTLSRehandshakeTest.java
+ JDK-8339356: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java
failed with java.net.SocketException: An established
connection was aborted by the software in your host machine
+ JDK-8339524: Clean up a few ExtendedRobot tests
+ JDK-8339687: Rearrange reachabilityFence()s in
jdk.test.lib.util.ForceGC
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339883: Open source several AWT/2D related tests
+ JDK-8339902: Open source couple TextField related tests
+ JDK-8339943: Frame not disposed in
java/awt/dnd/DropActionChangeTest.java
+ JDK-8340078: Open source several 2D tests
+ JDK-8340116: test/jdk/sun/security/tools/jarsigner/
/PreserveRawManifestEntryAndDigest.java can fail due to regex
+ JDK-8340411: open source several 2D imaging tests
+ JDK-8340480: Bad copyright notices in changes from
JDK-8339902
+ JDK-8340687: Open source closed frame tests #1
+ JDK-8340719: Open source AWT List tests
+ JDK-8340969: jdk/jfr/startupargs/TestStartDuration.java
should be marked as flagless
+ JDK-8341037: Use standard layouts in
DefaultFrameIconTest.java and MenuCrash.java
+ JDK-8341111: open source several AWT tests including menu
shortcut tests
+ JDK-8341316: [macos] javax/swing/ProgressMonitor/
/ProgressMonitorEscapeKeyPress.java fails sometimes in macos
+ JDK-8341412: Various test failures after JDK-8334305
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8341453: java/awt/a11y/AccessibleJTableTest.java
fails in some cases where the test tables are not visible
+ JDK-8341722: Fix some warnings as errors when building on
Linux with toolchain clang
+ JDK-8341881: [REDO] java/nio/file/attribute/
/BasicFileAttributeView/CreationTime.java#tmp fails on alinux3
+ JDK-8341978: Improve JButton/bug4490179.java
+ JDK-8341982: Simplify JButton/bug4323121.java
+ JDK-8342098: Write a test to compare the images
+ JDK-8342145: File libCreationTimeHelper.c compile fails
on Alpine
+ JDK-8342270: Test sun/security/pkcs11/Provider/
/RequiredMechCheck.java needs write access to src tree
+ JDK-8342498: Add test for Allocation elimination after
use as alignment reference by SuperWord
+ JDK-8342508: Use latch in BasicMenuUI/bug4983388.java
instead of delay
+ JDK-8342541: Exclude List/KeyEventsTest/KeyEventsTest.java
from running on macOS
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342602: Remove JButton/PressedButtonRightClickTest
test
+ JDK-8342607: Enhance register printing on x86_64 platforms
+ JDK-8342609: jpackage test helper function incorrectly
removes a directory instead of its contents only
+ JDK-8342634: javax/imageio/plugins/wbmp/
/WBMPStreamTruncateTest.java creates temp file in src dir
+ JDK-8342635: javax/swing/JFileChooser/FileSystemView/
/WindowsDefaultIconSizeTest.java creates tmp file in src dir
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8342811: java/net/httpclient/PlainProxyConnectionTest.java
failed: Unexpected connection count: 5
+ JDK-8342858: Make target mac-jdk-bundle fails on chmod
command
+ JDK-8342988: GHA: Build JTReg in single step
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343100: Consolidate EmptyFolderTest and
EmptyFolderPackageTest jpackage tests into single java file
+ JDK-8343101: Rework BasicTest.testTemp test cases
+ JDK-8343118: [TESTBUG] java/awt/PrintJob/PrintCheckboxTest/
/PrintCheckboxManualTest.java fails with Error. Can&#x27;t find
HTML file PrintCheckboxManualTest.html
+ JDK-8343128: PassFailJFrame.java test result: Error. Bad
action for script: build}
+ JDK-8343129: Disable unstable check of
ThreadsListHandle.sanity_vm ThreadList values
+ JDK-8343178: Test BasicTest.java javac compile fails
cannot find symbol
+ JDK-8343378: Exceptions in javax/management
DeadLockTest.java do not cause test failure
+ JDK-8343491: javax/management/remote/mandatory/connection/
/DeadLockTest.java failing with NoSuchObjectException: no such
object in table
+ JDK-8343599: Kmem limit and max values swapped when
printing container information
+ JDK-8343724: [PPC64] Disallow OptoScheduling
+ JDK-8343882: BasicAnnoTests doesn&#x27;t handle multiple
annotations at the same position
+ JDK-8344581: [TESTBUG] java/awt/Robot/
/ScreenCaptureRobotTest.java failing on macOS
+ JDK-8344589: Update IANA Language Subtag Registry to
Version 2024-11-19
+ JDK-8344646: The libjsig deprecation warning should go to
stderr not stdout
+ JDK-8345296: AArch64: VM crashes with SIGILL when prctl
is disallowed
+ JDK-8345368: java/io/File/createTempFile/SpecialTempFile.java
fails on Windows Server 2025
+ JDK-8345371: Bump update version for OpenJDK: jdk-17.0.15
+ JDK-8345375: Improve debuggability of
test/jdk/java/net/Socket/CloseAvailable.java
+ JDK-8345414: Google CAInterop test failures
+ JDK-8345468: test/jdk/javax/swing/JScrollBar/4865918/
/bug4865918.java fails in ubuntu22.04
+ JDK-8346055: javax/swing/text/StyledEditorKit/4506788/
/bug4506788.java fails in ubuntu22.04
+ JDK-8346324: javax/swing/JScrollBar/4865918/bug4865918.java
fails in CI
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8346671: java/nio/file/Files/probeContentType/Basic.java
fails on Windows 2025
+ JDK-8346828: javax/swing/JScrollBar/4865918/bug4865918.java
still fails in CI
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8346908: Update JDK 17 javadoc man page
+ JDK-8346972: Test java/nio/channels/FileChannel/
/LoopingTruncate.java fails sometimes with IOException: There
is not enough space on the disk
+ JDK-8347424: Fix and rewrite
sun/security/x509/DNSName/LeadingPeriod.java test
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347740: java/io/File/createTempFile/SpecialTempFile.java
failing
+ JDK-8347847: Enhance jar file support
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8348625: [21u, 17u] Revert JDK-8185862 to restore old
java.awt.headless behavior on Windows
+ JDK-8348675: TrayIcon tests fail in Ubuntu 24.10 Wayland
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8353905: [17u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.15
</code></pre>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Manager Retail Branch Server 4.3
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Manager Server 4.3
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1490=1</code>
</li>
<li class="list-group-item">
openSUSE Leap 15.4
<br/>
<code>zypper in -t patch
SUSE-2025-1490=1</code>
</li>
<li class="list-group-item">
openSUSE Leap 15.6
<br/>
<code>zypper in -t patch
openSUSE-SLE-15.6-2025-1490=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP6
<br/>
<code>zypper in -t patch
SUSE-SLE-Module-Basesystem-15-SP6-2025-1490=1</code>
</li>
<li class="list-group-item">
Legacy Module 15-SP6
<br/>
<code>zypper in -t patch
SUSE-SLE-Module-Legacy-15-SP6-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP4 LTSS
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP5 LTSS
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP5
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1490=1</code>
</li>
<li class="list-group-item">
SUSE Manager Proxy 4.3
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1490=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Manager Retail Branch Server 4.3 (x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Manager Server 4.3 (ppc64le s390x x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-jmods-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-src-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (noarch)
<ul>
<li>java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-jmods-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-src-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.6 (noarch)
<ul>
<li>java-17-openjdk-javadoc-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing ESPOS 15
SP4 (aarch64 x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing LTSS 15
SP4 (aarch64 x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing ESPOS 15
SP5 (aarch64 x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing LTSS 15
SP5 (aarch64 x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le
s390x x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le
s390x x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP4
(ppc64le x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP5
(ppc64le x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
<li>
SUSE Manager Proxy 4.3 (x86_64)
<ul>
<li>java-17-openjdk-devel-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debugsource-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-demo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-debuginfo-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-headless-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-17.0.15.0-150400.3.54.1</li>
<li>java-17-openjdk-devel-17.0.15.0-150400.3.54.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-21587.html">https://www.suse.com/security/cve/CVE-2025-21587.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-30691.html">https://www.suse.com/security/cve/CVE-2025-30691.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-30698.html">https://www.suse.com/security/cve/CVE-2025-30698.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241274">https://bugzilla.suse.com/show_bug.cgi?id=1241274</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241275">https://bugzilla.suse.com/show_bug.cgi?id=1241275</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1241276">https://bugzilla.suse.com/show_bug.cgi?id=1241276</a>
</li>
</ul>
</div>
--===============7739932505455621795==--
|
|
|
|
