SUSE-CU-2025:2429-1: Recommended update of bci/openjdk-devel
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Apr 7 13:00:57 UTC 2025
SUSE Container Update Advisory: bci/openjdk-devel
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:2429-1
Container Tags : bci/openjdk-devel:17 , bci/openjdk-devel:17.0.14.0 , bci/openjdk-devel:17.0.14.0-4.20
Container Release : 4.20
Severity : moderate
Type : recommended
References : 1231298 CVE-2024-47554
-----------------------------------------------------------------
The container bci/openjdk-devel was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1150-1
Released: Mon Apr 7 09:47:05 2025
Summary: Recommended update for apache-commons-io
Type: recommended
Severity: moderate
References: 1231298,CVE-2024-47554
This update for apache-commons-io fixes the following issues:
apache-commons-io was updated from version 2.15.1 to 2.18.0:
- Key changes across versions:
* Cleaner code and updated dependencies
* Improved security when handling serialized data with the new safe deserialization feature
* New features for advanced file and stream operations
* Various bugs were fixed to improve reliability with fewer crashes and unexpected errors
* For the full list of changes please consult the packaged RELEASE-NOTES.txt
- Already fixed in previous version:
* CVE-2024-47554: Untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)
The following package changes have been done:
- apache-commons-io-2.18.0-150200.3.15.1 updated
More information about the sle-container-updates
mailing list