Описание
Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues:
Upgrade to upstream tag jdk-11.0.28+6 (July 2025 CPU):
Security fixes:
- CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595)
- CVE-2025-30754: incomplete handshake may lead to weakening TLS protections (bsc#1246598)
- CVE-2025-30761: Improve scripting supports (bsc#1246580)
- CVE-2025-50059: Improve HTTP client header handling (bsc#1246575)
- CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584)
Changelog:
+ JDK-8026976: ECParameters, Point does not match field size
+ JDK-8211400: nsk.share.gc.Memory::getArrayLength returns wrong
value
+ JDK-8231058: VerifyOops crashes with assert(_offset >= 0)
failed: offset for non comment?
+ JDK-8232625: HttpClient redirect policy should be more
conservative
+ JDK-8258483: [TESTBUG] gtest
CollectorPolicy.young_scaled_initial_ergo_vm fails if heap is
too small
+ JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are
problematic
+ JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts
+ JDK-8301753: AppendFile/WriteFile has differences between make
3.81 and 4+
+ JDK-8303770: Remove Baltimore root certificate expiring in May
2025
+ JDK-8315380: AsyncGetCallTrace crash in frame::safe_for_sender
+ JDK-8327476: Upgrade JLine to 3.26.1
+ JDK-8328957: Update PKCS11Test.java to not use hardcoded path
+ JDK-8331959: Update PKCS#11 Cryptographic Token Interface to
v3.1
+ JDK-8339300: CollectorPolicy.young_scaled_initial_ergo_vm
gtest fails on ppc64 based platforms
+ JDK-8339728: [Accessibility,Windows,JAWS] Bug in the
getKeyChar method of the AccessBridge class
+ JDK-8345133: Test sun/security/tools/jarsigner/
/TsacertOptionTest.java failed: Warning found in stdout
+ JDK-8345625: Better HTTP connections
+ JDK-8346887: DrawFocusRect() may cause an assertion failure
+ JDK-8347629: Test FailOverDirectExecutionControlTest.java
fails with -Xcomp
+ JDK-8348110: Update LCMS to 2.17
+ JDK-8348596: Update FreeType to 2.13.3
+ JDK-8348598: Update Libpng to 1.6.47
+ JDK-8348989: Better Glyph drawing
+ JDK-8349111: Enhance Swing supports
+ JDK-8349594: Enhance TLS protocol support
+ JDK-8350469: [11u] Test AbsPathsInImage.java fails
- JDK-8239429 public clone
+ JDK-8350498: Remove two Camerfirma root CA certificates
+ JDK-8350991: Improve HTTP client header handling
+ JDK-8351099: Bump update version of OpenJDK: 11.0.28
+ JDK-8351422: Improve scripting supports
+ JDK-8352302: Test sun/security/tools/jarsigner/
/TimestampCheck.java is failing
+ JDK-8352716: (tz) Update Timezone Data to 2025b
+ JDK-8356096: ISO 4217 Amendment 179 Update
+ JDK-8356571: Re-enable -Wtype-limits for GCC in LCMS
+ JDK-8359170: Add 2 TLS and 2 CS Sectigo roots
+ JDK-8360147: Better Glyph drawing redux
Список пакетов
SUSE Enterprise Storage 7.1
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Module for Legacy 15 SP6
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Module for Legacy 15 SP7
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Module for Package Hub 15 SP6
java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Module for Package Hub 15 SP7
java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server 15 SP3-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server 15 SP4-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server 15 SP5-LTSS
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server for SAP Applications 15 SP4
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Linux Enterprise Server for SAP Applications 15 SP5
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Manager Proxy 4.3
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
SUSE Manager Server 4.3
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
openSUSE Leap 15.6
java-11-openjdk-11.0.28.0-150000.3.129.2
java-11-openjdk-demo-11.0.28.0-150000.3.129.2
java-11-openjdk-devel-11.0.28.0-150000.3.129.2
java-11-openjdk-headless-11.0.28.0-150000.3.129.2
java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2
java-11-openjdk-jmods-11.0.28.0-150000.3.129.2
java-11-openjdk-src-11.0.28.0-150000.3.129.2
Ссылки
- Link for SUSE-SU-2025:02666-1
- E-Mail link for SUSE-SU-2025:02666-1
- SUSE Security Ratings
- SUSE Bug 1246575
- SUSE Bug 1246580
- SUSE Bug 1246584
- SUSE Bug 1246595
- SUSE Bug 1246598
- SUSE CVE CVE-2025-30749 page
- SUSE CVE CVE-2025-30754 page
- SUSE CVE CVE-2025-30761 page
- SUSE CVE CVE-2025-50059 page
- SUSE CVE CVE-2025-50106 page
Описание
unknown
Затронутые продукты
SUSE Enterprise Storage 7.1:java-11-openjdk-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-demo-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-devel-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-headless-11.0.28.0-150000.3.129.2
Ссылки
- CVE-2025-30749
- SUSE Bug 1246595
Описание
unknown
Затронутые продукты
SUSE Enterprise Storage 7.1:java-11-openjdk-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-demo-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-devel-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-headless-11.0.28.0-150000.3.129.2
Ссылки
- CVE-2025-30754
- SUSE Bug 1246595
- SUSE Bug 1246598
Описание
unknown
Затронутые продукты
SUSE Enterprise Storage 7.1:java-11-openjdk-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-demo-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-devel-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-headless-11.0.28.0-150000.3.129.2
Ссылки
- CVE-2025-30761
- SUSE Bug 1246580
- SUSE Bug 1246595
Описание
unknown
Затронутые продукты
SUSE Enterprise Storage 7.1:java-11-openjdk-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-demo-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-devel-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-headless-11.0.28.0-150000.3.129.2
Ссылки
- CVE-2025-50059
- SUSE Bug 1246575
Описание
unknown
Затронутые продукты
SUSE Enterprise Storage 7.1:java-11-openjdk-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-demo-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-devel-11.0.28.0-150000.3.129.2
SUSE Enterprise Storage 7.1:java-11-openjdk-headless-11.0.28.0-150000.3.129.2
Ссылки
- CVE-2025-50106
- SUSE Bug 1246584
- SUSE Bug 1246595