Описание
Security update for java-1_8_0-ibm
This update for java-1_8_0-ibm fixes the following issues:
Update to Java 8.0 Service Refresh 8 Fix Pack 50.
Security issues fixed:
- Oracle July 15 2025 CPU (bsc#1247754).
- CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications that load and run untrusted code (bsc#1246595).
- CVE-2025-30754: incomplete handshake allows unauthenticated attacker with network access via TLS to gain unauthorized update, insert, delete and read access to sensitive data (bsc#1246598).
- CVE-2025-30761: issue in the Scripting component allows unauthenticated attacker with network access to gain unauthorized creation, deletion or modification access to critical data (bsc#1246580).
- CVE-2025-50059: issue in the Networking component allows unauthenticated attacker with network access to gain unauthorized access to critical data (bsc#1246575).
- CVE-2025-50106: Glyph out-of-memory access allows unauthenticated attacker with network access to compromise and takeover Java applications that load and run untrusted code (bsc#1246584).
Other issues fixed.
- Class Libraries:
- Oracle Security Fix 8348989: Better Glyph drawing.
- Removal of Baltimore root certificate and TWO CAMERFIRMA root CA certificates from CACERTS.
- Update timezone information to the latest TZDATA2025B.
- Java Virtual Machine:
- Assertion failure at copyforwardscheme.cpp.
- JIT Compiler:
- GC assert due to an invalid object reference.
- SIGILL from JIT compiled method.
- Unexpected behaviour with very large arrays.
- Security:
- Deserialization of a serialized RSAPrivateCrtKey is throwing an exception.
- EDDSAsignature fails when doing multiple update.
- HTTPS channel binding support.
- IBMJCEPlus provider supports post quantum cryptography algorithms ML-KEM (key encapsulation) and ML-DSA (digital signature).
- Key certificate management: Extended key usage cannot be set without having key usage extension in certificate request.
- MessageDigest.update API does not throw the correct exception.
- Oracle Security Fix 8349594: Enhance TLS protocol support.
- Problem getting key in PKCS12 keystore on MAC.
- TLS support for the EDDSA signature algorithm.
- Wrong algorithm name returned for EDDSA keys.
- z/OS Extentions:
- IBMJCEHybridException with hybrid provider in GCM mode.
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- Link for SUSE-SU-2025:03236-1
- E-Mail link for SUSE-SU-2025:03236-1
- SUSE Security Ratings
- SUSE Bug 1246575
- SUSE Bug 1246580
- SUSE Bug 1246584
- SUSE Bug 1246595
- SUSE Bug 1246598
- SUSE Bug 1247754
- SUSE CVE CVE-2025-30749 page
- SUSE CVE CVE-2025-30754 page
- SUSE CVE CVE-2025-30761 page
- SUSE CVE CVE-2025-50059 page
- SUSE CVE CVE-2025-50106 page
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- CVE-2025-30749
- SUSE Bug 1246595
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- CVE-2025-30754
- SUSE Bug 1246595
- SUSE Bug 1246598
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- CVE-2025-30761
- SUSE Bug 1246580
- SUSE Bug 1246595
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- CVE-2025-50059
- SUSE Bug 1246575
- SUSE Bug 1246595
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.50-30.138.1
SUSE Linux Enterprise Server 12 SP5-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.50-30.138.1
Ссылки
- CVE-2025-50106
- SUSE Bug 1246584
- SUSE Bug 1246595