<div class="container">
    <h1>Security update for java-17-openjdk</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-2023:3023-1</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>important</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207922">#1207922</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213473">#1213473</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213474">#1213474</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213475">#1213475</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213479">#1213479</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213481">#1213481</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213482">#1213482</a>
                        </li>
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22006.html">CVE-2023-22006</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22036.html">CVE-2023-22036</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22041.html">CVE-2023-22041</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22044.html">CVE-2023-22044</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22045.html">CVE-2023-22045</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-22049.html">CVE-2023-22049</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-25193.html">CVE-2023-25193</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22006</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22006</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22036</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22036</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22041</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22041</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22044</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22044</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22045</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-22049</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-25193</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-25193</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">Basesystem Module 15-SP4</li>
                    
                        <li class="list-group-item">Basesystem Module 15-SP5</li>
                    
                        <li class="list-group-item">openSUSE Leap 15.4</li>
                    
                        <li class="list-group-item">openSUSE Leap 15.5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 15 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 15 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP5</li>
                    
                        <li class="list-group-item">SUSE Manager Proxy 4.3</li>
                    
                        <li class="list-group-item">SUSE Manager Retail Branch Server 4.3</li>
                    
                        <li class="list-group-item">SUSE Manager Server 4.3</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves seven vulnerabilities can now be installed.</p>

    <h2>Description:</h2>
    <p>This update for java-17-openjdk fixes the following issues:</p>
<p>Updated to version jdk-17.0.8+7 (July 2023 CPU):</p>
<ul>
<li>CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473).</li>
<li>CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474).</li>
<li>CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475).</li>
<li>CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479).</li>
<li>CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481).</li>
<li>CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482).</li>
<li>
<p>CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922).</p>
</li>
<li>
<p>JDK-8294323: Improve Shared Class Data</p>
</li>
<li>JDK-8296565: Enhanced archival support</li>
<li>JDK-8298676, JDK-8300891: Enhanced Look and Feel</li>
<li>JDK-8300285: Enhance TLS data handling</li>
<li>JDK-8300596: Enhance Jar Signature validation</li>
<li>JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1</li>
<li>JDK-8302475: Enhance HTTP client file downloading</li>
<li>JDK-8302483: Enhance ZIP performance</li>
<li>JDK-8303376: Better launching of JDI</li>
<li>JDK-8304460: Improve array usages</li>
<li>JDK-8304468: Better array usages</li>
<li>JDK-8305312: Enhanced path handling</li>
<li>JDK-8308682: Enhance AES performance</li>
</ul>
<p>Bugfixes:</p>
<ul>
<li>JDK-8178806: Better exception logging in crypto code</li>
<li>JDK-8201516: DebugNonSafepoints generates incorrect
    information</li>
<li>JDK-8224768: Test ActalisCA.java fails</li>
<li>JDK-8227060: Optimize safepoint cleanup subtask order</li>
<li>JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java
    fails with AssertionError</li>
<li>JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel</li>
<li>JDK-8244976: vmTestbase/nsk/jdi/Event/request/request001.java
    doesn&#x27; initialize eName</li>
<li>JDK-8245877: assert(_value != __null) failed: resolving NULL
    _value in JvmtiExport::post_compiled_method_load</li>
<li>JDK-8248001: javadoc generates invalid HTML pages whose
    ftp:// links are broken</li>
<li>JDK-8252990: Intrinsify Unsafe.storeStoreFence</li>
<li>JDK-8254711: Add java.security.Provider.getService JFR Event</li>
<li>JDK-8257856: Make ClassFileVersionsTest.java robust to JDK
    version updates</li>
<li>JDK-8261495: Shenandoah: reconsider update references memory
    ordering</li>
<li>JDK-8268288: jdk/jfr/api/consumer/streaming/
    /TestOutOfProcessMigration.java fails with "Error:
    ShouldNotReachHere()"</li>
<li>JDK-8268298: jdk/jfr/api/consumer/log/TestVerbosity.java
    fails: unexpected log message</li>
<li>JDK-8268582: javadoc throws NPE with --ignore-source-errors
    option</li>
<li>JDK-8269821: Remove is-queue-active check in inner loop of
    write_ref_array_pre_work</li>
<li>JDK-8270434: JDI+UT: Unexpected event in JDI tests</li>
<li>JDK-8270859: Post JEP 411 refactoring: client libs with
    maximum covering > 10K</li>
<li>JDK-8270869: G1ServiceThread may not terminate</li>
<li>JDK-8271519: java/awt/event/SequencedEvent/
    /MultipleContextsFunctionalTest.java failed with "Total [200]<ul>
<li>Expected [400]"</li>
</ul>
</li>
<li>JDK-8273909: vmTestbase/nsk/jdi/Event/request/request001 can
    still fail with "ERROR: new event is not ThreadStartEvent"</li>
<li>JDK-8274243: Implement fast-path for ASCII-compatible
    CharsetEncoders on aarch64</li>
<li>JDK-8274615: Support relaxed atomic add for linux-aarch64</li>
<li>JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile</li>
<li>JDK-8275233: Incorrect line number reported in exception
    stack trace thrown from a lambda expression</li>
<li>JDK-8275287: Relax memory ordering constraints on updating
    instance class and array class counters</li>
<li>JDK-8275721: Name of UTC timezone in a locale changes
    depending on previous code</li>
<li>JDK-8275735: [linux] Remove deprecated Metrics api (kernel
    memory limit)</li>
<li>JDK-8276058: Some swing test fails on specific CI macos system</li>
<li>JDK-8277407: javax/swing/plaf/synth/SynthButtonUI/6276188/
    /bug6276188.java fails to compile after JDK-8276058</li>
<li>JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -
    add 4357905</li>
<li>JDK-8278146: G1: Rework VM_G1Concurrent VMOp to clearly
    identify it as pause</li>
<li>JDK-8278434: timeouts in test  java/time/test/java/time/
    /format/TestZoneTextPrinterParser.java</li>
<li>JDK-8278834: Error "Cannot read field "sym" because
    "this.lvar[od]" is null" when compiling</li>
<li>JDK-8282077: PKCS11 provider C_sign() impl should handle
    CKR_BUFFER_TOO_SMALL error</li>
<li>JDK-8282201: Consider removal of expiry check in
    VerifyCACerts.java test</li>
<li>JDK-8282227: Locale information for nb is not working properly</li>
<li>JDK-8282704: runtime/Thread/StopAtExit.java may leak memory</li>
<li>JDK-8283057: Update GCC to version 11.2.0 for Oracle builds
    on Linux</li>
<li>JDK-8283062: Uninitialized warnings in libgtest with GCC 11.2</li>
<li>JDK-8283520: JFR: Memory leak in dcmd_arena</li>
<li>JDK-8283566: G1: Improve G1BarrierSet::enqueue performance</li>
<li>JDK-8284331: Add sanity check for signal handler modification
    warning.</li>
<li>JDK-8285635: javax/swing/JRootPane/DefaultButtonTest.java
    failed with Default Button not pressed for L&F:
    com.sun.java.swing.plaf.motif.MotifLookAndFeel</li>
<li>JDK-8285987: executing shell scripts without #! fails on
    Alpine linux</li>
<li>JDK-8286191: misc tests fail due to JDK-8285987</li>
<li>JDK-8286287: Reading file as UTF-16 causes Error which
    "shouldn&#x27;t happen"</li>
<li>JDK-8286331: jni_GetStringUTFChars() uses wrong heap allocator</li>
<li>JDK-8286346: 3-parameter version of AllocateHeap should not
    ignore AllocFailType</li>
<li>JDK-8286398: Address possibly lossy conversions in
    jdk.internal.le</li>
<li>JDK-8287007: [cgroups] Consistently use stringStream
    throughout parsing code</li>
<li>JDK-8287246: DSAKeyValue should check for missing params
    instead of relying on KeyFactory provider</li>
<li>JDK-8287541: Files.writeString fails to throw IOException for
    charset "windows-1252"</li>
<li>JDK-8287854: Dangling reference in ClassVerifier::verify_class</li>
<li>JDK-8287876: The recently de-problemlisted
    TestTitledBorderLeak test is unstable</li>
<li>JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md
    with information on 4th party dependencies</li>
<li>JDK-8288589: Files.readString ignores encoding errors for
    UTF-16</li>
<li>JDK-8289509: Improve test coverage for XPath Axes:
    descendant, descendant-or-self, following, following-sibling</li>
<li>JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space</li>
<li>JDK-8289949: Improve test coverage for XPath: operators</li>
<li>JDK-8290822: C2: assert in PhaseIdealLoop::do_unroll() is
    subject to undefined behavior</li>
<li>JDK-8291226: Create Test Cases to cover scenarios for
    JDK-8278067</li>
<li>JDK-8291637: HttpClient default keep alive timeout not
    followed if server sends invalid value</li>
<li>JDK-8291638: Keep-Alive timeout of 0 should close connection
    immediately</li>
<li>JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage()
    is lower than expected</li>
<li>JDK-8292301: [REDO v2] C2 crash when allocating array of size
    too large</li>
<li>JDK-8292407: Improve Weak CAS VarHandle/Unsafe tests
    resilience under spurious failures</li>
<li>JDK-8292713: Unsafe.allocateInstance should be intrinsified
    without UseUnalignedAccesses</li>
<li>JDK-8292755: Non-default method in interface leads to a stack
    overflow in JShell</li>
<li>JDK-8292990: Improve test coverage for XPath Axes: parent</li>
<li>JDK-8293295: Add type check asserts to
    java_lang_ref_Reference accessors</li>
<li>JDK-8293492: ShenandoahControlThread missing from hs-err log
    and thread dump</li>
<li>JDK-8293858: Change PKCS7 code to use default SecureRandom
    impl instead of SHA1PRNG</li>
<li>JDK-8293887: AArch64 build failure with GCC 12 due to
    maybe-uninitialized warning in libfdlibm k_rem_pio2.c</li>
<li>JDK-8294183: AArch64: Wrong macro check in
    SharedRuntime::generate_deopt_blob</li>
<li>JDK-8294281: Allow warnings to be disabled on a per-file basis</li>
<li>JDK-8294673: JFR: Add SecurityProviderService#threshold to
    TestActiveSettingEvent.java</li>
<li>JDK-8294717: (bf) DirectByteBuffer constructor will leak if
    allocating Deallocator or Cleaner fails with OOME</li>
<li>JDK-8294906: Memory leak in PKCS11 NSS TLS server</li>
<li>JDK-8295564: Norwegian Nynorsk Locale is missing formatting</li>
<li>JDK-8295974: jni_FatalError and Xcheck:jni warnings should
    print the native stack when there are no Java frames</li>
<li>JDK-8296084: javax/swing/JSpinner/4788637/bug4788637.java
    fails intermittently on a VM</li>
<li>JDK-8296318: use-def assert: special case undetected loops
    nested in infinite loops</li>
<li>JDK-8296343: CPVE thrown on missing content-length in OCSP
    response</li>
<li>JDK-8296412: Special case infinite loops with unmerged
    backedges in IdealLoopTree::check_safepts</li>
<li>JDK-8296545: C2 Blackholes should allow load optimizations</li>
<li>JDK-8296934: Write a test to verify whether Undecorated Frame
    can be iconified or not</li>
<li>JDK-8297000: [jib] Add more friendly warning for proxy issues</li>
<li>JDK-8297154: Improve safepoint cleanup logging</li>
<li>JDK-8297450: ScaledTextFieldBorderTest.java fails when run
    with -show parameter</li>
<li>JDK-8297587: Upgrade JLine to 3.22.0</li>
<li>JDK-8297730: C2: Arraycopy intrinsic throws incorrect
    exception</li>
<li>JDK-8297955: LDAP CertStore should use LdapName and not
    String for DNs</li>
<li>JDK-8298488: [macos13] tools/jpackage tests failing with
    "Exit code: 137" on macOS</li>
<li>JDK-8298887: On the latest macOS+XCode the Robot API may
    report wrong colors</li>
<li>JDK-8299179: ArrayFill with store on backedge needs to reduce
    length by 1</li>
<li>JDK-8299259: C2: Div/Mod nodes without zero check could be
    split through iv phi of loop resulting in SIGFPE</li>
<li>JDK-8299544: Improve performance of CRC32C intrinsics
    (non-AVX-512) for small inputs</li>
<li>JDK-8299570: [JVMCI] Insufficient error handling when
    CodeBuffer is exhausted</li>
<li>JDK-8299959: C2: CmpU::Value must filter overflow computation
    against local sub computation</li>
<li>JDK-8300042: Improve CPU related JFR events descriptions</li>
<li>JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy
    due to constant NULL src argument</li>
<li>JDK-8300823: UB: Compile::_phase_optimize_finished is
    initialized too late</li>
<li>JDK-8300939: sun/security/provider/certpath/OCSP/
    /OCSPNoContentLength.java fails due to network errors</li>
<li>JDK-8301050: Detect Xen Virtualization on Linux aarch64</li>
<li>JDK-8301119: Support for GB18030-2022</li>
<li>JDK-8301123: Enable Symbol refcounting underflow checks in
    PRODUCT</li>
<li>JDK-8301190: [vectorapi] The typeChar of LaneType is
    incorrect when default locale is tr</li>
<li>JDK-8301216: ForkJoinPool invokeAll() ignores timeout</li>
<li>JDK-8301338: Identical branch conditions in
    CompileBroker::print_heapinfo</li>
<li>JDK-8301491: C2: java.lang.StringUTF16::indexOfChar intrinsic
    called with negative character argument</li>
<li>JDK-8301637: ThreadLocalRandom.current().doubles().parallel()
    contention</li>
<li>JDK-8301661: Enhance os::pd_print_cpu_info on macOS and
    Windows</li>
<li>JDK-8302151: BMPImageReader throws an exception reading BMP
    images</li>
<li>JDK-8302172: [JVMCI] HotSpotResolvedJavaMethodImpl.canBeInlined
    must respect ForceInline</li>
<li>JDK-8302320: AsyncGetCallTrace obtains too few frames in
    sanity test</li>
<li>JDK-8302491: NoClassDefFoundError omits the original cause of
    an error</li>
<li>JDK-8302508: Add timestamp to the output TraceCompilerThreads</li>
<li>JDK-8302594: use-after-free in Node::destruct</li>
<li>JDK-8302595: use-after-free related to GraphKit::clone_map</li>
<li>JDK-8302791: Add specific ClassLoader object to Proxy
    IllegalArgumentException message</li>
<li>JDK-8302849: SurfaceManager might expose partially
    constructed object</li>
<li>JDK-8303069: Memory leak in CompilerOracle::parse_from_line</li>
<li>JDK-8303102: jcmd: ManagementAgent.status truncates the text
    longer than O_BUFLEN</li>
<li>JDK-8303130: Document required Accessibility permissions on
    macOS</li>
<li>JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m
    needs CFRelease call in early potential CHECK_NULL return</li>
<li>JDK-8303433: Bump update version for OpenJDK: jdk-17.0.8</li>
<li>JDK-8303440: The "ZonedDateTime.parse" may not accept the
    "UTC+XX" zone id</li>
<li>JDK-8303465: KeyStore of type KeychainStore, provider Apple
    does not show all trusted certificates</li>
<li>JDK-8303476: Add the runtime version in the release file of a
    JDK image</li>
<li>JDK-8303482: Update LCMS to 2.15</li>
<li>JDK-8303508: Vector.lane() gets wrong value on x86</li>
<li>JDK-8303511: C2: assert(get_ctrl(n) == cle_out) during
    unrolling</li>
<li>JDK-8303564: C2: "Bad graph detected in build_loop_late"
    after a CMove is wrongly split thru phi</li>
<li>JDK-8303575: adjust Xen handling on Linux aarch64</li>
<li>JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs
    CFRelease call in early potential CHECK_NULL return</li>
<li>JDK-8303588: [JVMCI] make JVMCI source directories conform
    with standard layout</li>
<li>JDK-8303809: Dispose context in SPNEGO NegotiatorImpl</li>
<li>JDK-8303822: gtestMain should give more helpful output</li>
<li>JDK-8303861: Error handling step timeouts should never be
    blocked by OnError and others</li>
<li>JDK-8303937: Corrupted heap dumps due to missing retries for
    os::write()</li>
<li>JDK-8303949: gcc10 warning Linux ppc64le - note: the layout
    of aggregates containing vectors with 8-byte alignment has
    changed in GCC 5</li>
<li>JDK-8304054: Linux: NullPointerException from
    FontConfiguration.getVersion in case no fonts are installed</li>
<li>JDK-8304063: tools/jpackage/share/AppLauncherEnvTest.java
    fails when checking LD_LIBRARY_PATH</li>
<li>JDK-8304134: jib bootstrapper fails to quote filename when
    checking download filetype</li>
<li>JDK-8304291: [AIX] Broken build after JDK-8301998</li>
<li>JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998</li>
<li>JDK-8304350: Font.getStringBounds calculates wrong width for
    TextAttribute.TRACKING other than 0.0</li>
<li>JDK-8304671: javac regression: Compilation with --release 8
    fails on underscore in enum identifiers</li>
<li>JDK-8304683: Memory leak in WB_IsMethodCompatible</li>
<li>JDK-8304760: Add 2 Microsoft TLS roots</li>
<li>JDK-8304867: Explicitly disable dtrace for ppc builds</li>
<li>JDK-8304880: [PPC64] VerifyOops code in C1 doesn&#x27;t work with
    ZGC</li>
<li>JDK-8305088: SIGSEGV in Method::is_method_handle_intrinsic</li>
<li>JDK-8305113: (tz) Update Timezone Data to 2023c</li>
<li>JDK-8305400: ISO 4217 Amendment 175 Update</li>
<li>JDK-8305403: Shenandoah evacuation workers may deadlock</li>
<li>JDK-8305481: gtest is_first_C_frame failing on ARM</li>
<li>JDK-8305690: [X86] Do not emit two REX prefixes in
    Assembler::prefix</li>
<li>JDK-8305711: Arm: C2 always enters slowpath for monitorexit</li>
<li>JDK-8305721: add <code>make compile-commands</code> artifacts to
    .gitignore</li>
<li>JDK-8305975: Add TWCA Global Root CA</li>
<li>JDK-8305993: Add handleSocketErrorWithMessage to extend nio
    Net.c exception message</li>
<li>JDK-8305994: Guarantee eventual async monitor deflation</li>
<li>JDK-8306072: Open source several AWT MouseInfo related tests</li>
<li>JDK-8306133: Open source few AWT Drag & Drop related tests</li>
<li>JDK-8306409: Open source AWT KeyBoardFocusManger,
    LightWeightComponent related tests</li>
<li>JDK-8306432: Open source several AWT Text Component related
    tests</li>
<li>JDK-8306466: Open source more AWT Drag & Drop related tests</li>
<li>JDK-8306489: Open source AWT List related tests</li>
<li>JDK-8306543: GHA: MSVC installation is failing</li>
<li>JDK-8306640: Open source several AWT TextArea related tests</li>
<li>JDK-8306652: Open source AWT MenuItem related tests</li>
<li>JDK-8306658: GHA: MSVC installation could be optional since
    it might already be pre-installed</li>
<li>JDK-8306664: GHA: Update MSVC version to latest stepping</li>
<li>JDK-8306681: Open source more AWT DnD related tests</li>
<li>JDK-8306683: Open source several clipboard and color AWT tests</li>
<li>JDK-8306752: Open source several container and component AWT
    tests</li>
<li>JDK-8306753: Open source several container AWT tests</li>
<li>JDK-8306755: Open source few Swing JComponent and
    AbstractButton tests</li>
<li>JDK-8306768: CodeCache Analytics reports wrong threshold</li>
<li>JDK-8306774: Make runtime/Monitor/
    /GuaranteedAsyncDeflationIntervalTest.java more reliable</li>
<li>JDK-8306825: Monitor deflation might be accidentally disabled
    by zero intervals</li>
<li>JDK-8306850: Open source AWT Modal related tests</li>
<li>JDK-8306871: Open source more AWT Drag & Drop tests</li>
<li>JDK-8306883: Thread stacksize is reported with wrong units in
    os::create_thread logging</li>
<li>JDK-8306941: Open source several datatransfer and dnd AWT
    tests</li>
<li>JDK-8306943: Open source several dnd AWT tests</li>
<li>JDK-8306954: Open source five Focus related tests</li>
<li>JDK-8306955: Open source several JComboBox jtreg tests</li>
<li>JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep</li>
<li>JDK-8306996: Open source Swing MenuItem related tests</li>
<li>JDK-8307080: Open source some more JComboBox jtreg tests</li>
<li>JDK-8307128: Open source some drag and drop tests 4</li>
<li>JDK-8307130: Open source few Swing JMenu tests</li>
<li>JDK-8307133: Open source some JTable jtreg tests</li>
<li>JDK-8307134: Add GTS root CAs</li>
<li>JDK-8307135: java/awt/dnd/NotReallySerializableTest/
    /NotReallySerializableTest.java failed</li>
<li>JDK-8307331: Correctly update line maps when class redefine
    rewrites bytecodes</li>
<li>JDK-8307346: Add missing gc+phases logging for
    ObjectCount(AfterGC) JFR event collection code</li>
<li>JDK-8307347: serviceability/sa/ClhsdbDumpclass.java could
    leave files owned by root on macOS</li>
<li>JDK-8307378: Allow collectors to provide specific values for
    GC notifications&#x27; actions</li>
<li>JDK-8307381: Open Source JFrame, JIF related Swing Tests</li>
<li>JDK-8307425: Socket input stream read burns CPU cycles with
    back-to-back poll(0) calls</li>
<li>JDK-8307799: Newly added java/awt/dnd/MozillaDnDTest.java has
    invalid jtreg <code>@requires</code> clause</li>
<li>JDK-8308554: [17u] Fix commit of 8286191. vm.musl was not
    removed from ExternalEditorTest</li>
<li>JDK-8308880: [17u] micro bench ZoneStrings missed in backport
    of 8278434</li>
<li>JDK-8308884: [17u/11u] Backout JDK-8297951</li>
<li>JDK-8311467: [17u] Remove designator
    DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.8</li>
</ul>

    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE Important update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                openSUSE Leap 15.4
                
                    
                        <br/>
                        <code>zypper in -t patch openSUSE-SLE-15.4-2023-3023=1 SUSE-2023-3023=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                openSUSE Leap 15.5
                
                    
                        <br/>
                        <code>zypper in -t patch openSUSE-SLE-15.5-2023-3023=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                Basesystem Module 15-SP4
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3023=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                Basesystem Module 15-SP5
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3023=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
                    <ul>
                        
                            <li>java-17-openjdk-headless-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-jmods-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-headless-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debugsource-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-src-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-demo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    openSUSE Leap 15.4 (noarch)
                    <ul>
                        
                            <li>java-17-openjdk-javadoc-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>java-17-openjdk-headless-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-jmods-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-headless-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debugsource-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-src-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-demo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    openSUSE Leap 15.5 (noarch)
                    <ul>
                        
                            <li>java-17-openjdk-javadoc-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>java-17-openjdk-headless-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-headless-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debugsource-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-demo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>java-17-openjdk-headless-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-debuginfo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-headless-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-debugsource-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-demo-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-devel-17.0.8.0-150400.3.27.1</li>
                        
                            <li>java-17-openjdk-17.0.8.0-150400.3.27.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22006.html">https://www.suse.com/security/cve/CVE-2023-22006.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22036.html">https://www.suse.com/security/cve/CVE-2023-22036.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22041.html">https://www.suse.com/security/cve/CVE-2023-22041.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22044.html">https://www.suse.com/security/cve/CVE-2023-22044.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22045.html">https://www.suse.com/security/cve/CVE-2023-22045.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-22049.html">https://www.suse.com/security/cve/CVE-2023-22049.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-25193.html">https://www.suse.com/security/cve/CVE-2023-25193.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207922">https://bugzilla.suse.com/show_bug.cgi?id=1207922</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213473">https://bugzilla.suse.com/show_bug.cgi?id=1213473</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213474">https://bugzilla.suse.com/show_bug.cgi?id=1213474</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213475">https://bugzilla.suse.com/show_bug.cgi?id=1213475</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213479">https://bugzilla.suse.com/show_bug.cgi?id=1213479</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213481">https://bugzilla.suse.com/show_bug.cgi?id=1213481</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213482">https://bugzilla.suse.com/show_bug.cgi?id=1213482</a>
                    </li>
                
            
        </ul>
    
</div>