exploitDog

SUSE-SU-2025:3997-1

Опубликовано: 07 нояб. 2025

Источник: suse-cvrf

Описание

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues:

Upgrade to upstream tag jdk-17.0.17+10 (October 2025 CPU):

CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data (bsc#1252414).
CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized access to critical data or complete access (bsc#1252417).

Other bug fixes:

Do not embed rebuild counter (bsc#1246806)

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Module for Basesystem 15 SP6

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Module for Legacy 15 SP6

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Module for Legacy 15 SP7

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Server 15 SP4-LTSS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Server 15 SP5-LTSS

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Server for SAP Applications 15 SP4

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise Server for SAP Applications 15 SP5

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Manager Proxy LTS 4.3

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

SUSE Manager Server LTS 4.3

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

openSUSE Leap 15.6

java-17-openjdk-17.0.17.0-150400.3.60.2

java-17-openjdk-demo-17.0.17.0-150400.3.60.2

java-17-openjdk-devel-17.0.17.0-150400.3.60.2

java-17-openjdk-headless-17.0.17.0-150400.3.60.2

java-17-openjdk-javadoc-17.0.17.0-150400.3.60.2

java-17-openjdk-jmods-17.0.17.0-150400.3.60.2

java-17-openjdk-src-17.0.17.0-150400.3.60.2

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20253997-1/
Link for SUSE-SU-2025:3997-1
https://lists.suse.com/pipermail/sle-security-updates/2025-November/023178.html
E-Mail link for SUSE-SU-2025:3997-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1246806
SUSE Bug 1246806
https://bugzilla.suse.com/1252414
SUSE Bug 1252414
https://bugzilla.suse.com/1252417
SUSE Bug 1252417
https://www.suse.com/security/cve/CVE-2025-53057/
SUSE CVE CVE-2025-53057 page
https://www.suse.com/security/cve/CVE-2025-53066/
SUSE CVE CVE-2025-53066 page

Описание

unknown

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-demo-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-devel-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-headless-17.0.17.0-150400.3.60.2

Ссылки

https://www.suse.com/security/cve/CVE-2025-53057.html
CVE-2025-53057
https://bugzilla.suse.com/1252414
SUSE Bug 1252414

Описание

unknown

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-demo-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-devel-17.0.17.0-150400.3.60.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-17-openjdk-headless-17.0.17.0-150400.3.60.2

Ссылки

https://www.suse.com/security/cve/CVE-2025-53066.html
CVE-2025-53066
https://bugzilla.suse.com/1252417
SUSE Bug 1252417

Уязвимость SUSE-SU-2025:3997-1