<div class="container">
<h1>Security update for java-11-openjdk</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2023:3287-1</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207922">#1207922</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213473">#1213473</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213474">#1213474</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213475">#1213475</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213479">#1213479</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213481">#1213481</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213482">#1213482</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22006.html">CVE-2023-22006</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22036.html">CVE-2023-22036</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22041.html">CVE-2023-22041</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22044.html">CVE-2023-22044</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22045.html">CVE-2023-22045</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22049.html">CVE-2023-22049</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-25193.html">CVE-2023-25193</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22006</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.1</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22006</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.1</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22036</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22036</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22041</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.1</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22041</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.1</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22044</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22044</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22045</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22045</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22049</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-22049</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-25193</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-25193</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem Module 15-SP4</li>
<li class="list-group-item">Basesystem Module 15-SP5</li>
<li class="list-group-item">openSUSE Leap 15.4</li>
<li class="list-group-item">openSUSE Leap 15.5</li>
<li class="list-group-item">SUSE CaaS Platform 4.0</li>
<li class="list-group-item">SUSE Enterprise Storage 7.1</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing LTSS 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.3</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.4</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.5</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP5</li>
<li class="list-group-item">SUSE Manager Proxy 4.2</li>
<li class="list-group-item">SUSE Manager Proxy 4.3</li>
<li class="list-group-item">SUSE Manager Retail Branch Server 4.2</li>
<li class="list-group-item">SUSE Manager Retail Branch Server 4.3</li>
<li class="list-group-item">SUSE Manager Server 4.2</li>
<li class="list-group-item">SUSE Manager Server 4.3</li>
<li class="list-group-item">SUSE Package Hub 15 15-SP4</li>
<li class="list-group-item">SUSE Package Hub 15 15-SP5</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves seven vulnerabilities can now be installed.</p>
<h2>Description:</h2>
<p>This update for java-11-openjdk fixes the following issues:</p>
<p>Updated to jdk-11.0.20+8 (July 2023 CPU):</p>
<ul>
<li>CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473).</li>
<li>CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474).</li>
<li>CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475).</li>
<li>CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479).</li>
<li>CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481).</li>
<li>CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482).</li>
<li>
<p>CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922).</p>
</li>
<li>
<p>JDK-8298676: Enhanced Look and Feel</p>
</li>
<li>JDK-8300285: Enhance TLS data handling</li>
<li>JDK-8300596: Enhance Jar Signature validation</li>
<li>JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1</li>
<li>JDK-8302475: Enhance HTTP client file downloading</li>
<li>JDK-8302483: Enhance ZIP performance</li>
<li>JDK-8303376: Better launching of JDI</li>
<li>JDK-8304468: Better array usages</li>
<li>JDK-8305312: Enhanced path handling</li>
<li>JDK-8308682: Enhance AES performance</li>
</ul>
<p>Bugfixes:</p>
<ul>
<li>JDK-8171426: java/lang/ProcessBuilder/Basic.java failed with
Stream closed</li>
<li>JDK-8178806: Better exception logging in crypto code</li>
<li>JDK-8187522: test/sun/net/ftp/FtpURLConnectionLeak.java timed
out</li>
<li>JDK-8209167: Use CLDR's time zone mappings for Windows</li>
<li>JDK-8209546: Make sun/security/tools/keytool/autotest.sh to
support macosx</li>
<li>JDK-8209880: tzdb.dat is not reproducibly built</li>
<li>JDK-8213531: Test javax/swing/border/TestTitledBorderLeak.java
fails</li>
<li>JDK-8214459: NSS source should be removed</li>
<li>JDK-8214807: Improve handling of very old class files</li>
<li>JDK-8215015: [TESTBUG] remove unneeded -Xfuture option from
tests</li>
<li>JDK-8215575: C2 crash: assert(get_instanceKlass()->is_loaded())
failed: must be at least loaded</li>
<li>JDK-8220093: Change to GCC 8.2 for building on Linux at Oracle</li>
<li>JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java
fails with AssertionError</li>
<li>JDK-8232853: AuthenticationFilter.Cache::remove may throw
ConcurrentModificationException</li>
<li>JDK-8243936: NonWriteable system properties are actually
writeable</li>
<li>JDK-8246383: NullPointerException in
JceSecurity.getVerificationResult when using Entrust provider</li>
<li>JDK-8248701: On Windows generated modules-deps.gmk can
contain backslash-r (CR) characters</li>
<li>JDK-8257856: Make ClassFileVersionsTest.java robust to JDK
version updates</li>
<li>JDK-8259530: Generated docs contain MIT/GPL-licenced works
without reproducing the licence</li>
<li>JDK-8263420: Incorrect function name in
NSAccessibilityStaticText native peer implementation</li>
<li>JDK-8264290: Create implementation for
NSAccessibilityComponentGroup protocol peer</li>
<li>JDK-8264304: Create implementation for NSAccessibilityToolbar
protocol peer</li>
<li>JDK-8265486: ProblemList javax/sound/midi/Sequencer/
/Recording.java on macosx-aarch64</li>
<li>JDK-8268558: [TESTBUG] Case 2 in
TestP11KeyFactoryGetRSAKeySpec is skipped</li>
<li>JDK-8269746: C2: assert(!in->is_CFG()) failed: CFG Node with
no controlling input?</li>
<li>JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile</li>
<li>JDK-8275233: Incorrect line number reported in exception
stack trace thrown from a lambda expression</li>
<li>JDK-8275721: Name of UTC timezone in a locale changes
depending on previous code</li>
<li>JDK-8275735: [linux] Remove deprecated Metrics api (kernel
memory limit)</li>
<li>JDK-8276880: Remove java/lang/RuntimeTests/exec/ExecWithDir
as unnecessary</li>
<li>JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -
add 4357905</li>
<li>JDK-8278434: timeouts in test java/time/test/java/time/format/
/TestZoneTextPrinterParser.java</li>
<li>JDK-8280703: CipherCore.doFinal(...) causes potentially
massive byte[] allocations during decryption</li>
<li>JDK-8282077: PKCS11 provider C_sign() impl should handle
CKR_BUFFER_TOO_SMALL error</li>
<li>JDK-8282201: Consider removal of expiry check in
VerifyCACerts.java test</li>
<li>JDK-8282467: add extra diagnostics for JDK-8268184</li>
<li>JDK-8282600: SSLSocketImpl should not use user_canceled
workaround when not necessary</li>
<li>JDK-8283059: Uninitialized warning in check_code.c with GCC
11.2</li>
<li>JDK-8285497: Add system property for Java SE specification
maintenance version</li>
<li>JDK-8286398: Address possibly lossy conversions in
jdk.internal.le</li>
<li>JDK-8287007: [cgroups] Consistently use stringStream
throughout parsing code</li>
<li>JDK-8287246: DSAKeyValue should check for missing params
instead of relying on KeyFactory provider</li>
<li>JDK-8287876: The recently de-problemlisted
TestTitledBorderLeak test is unstable</li>
<li>JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md
with information on 4th party dependencies</li>
<li>JDK-8289301: P11Cipher should not throw out of bounds
exception during padding</li>
<li>JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space</li>
<li>JDK-8291226: Create Test Cases to cover scenarios for
JDK-8278067</li>
<li>JDK-8291637: HttpClient default keep alive timeout not
followed if server sends invalid value</li>
<li>JDK-8291638: Keep-Alive timeout of 0 should close connection
immediately</li>
<li>JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage()
is lower than expected</li>
<li>JDK-8293232: Fix race condition in pkcs11 SessionManager</li>
<li>JDK-8293815: P11PSSSignature.engineUpdate should not print
debug messages during normal operation</li>
<li>JDK-8294548: Problem list SA core file tests on macosx-x64
due to JDK-8294316</li>
<li>JDK-8294906: Memory leak in PKCS11 NSS TLS server</li>
<li>JDK-8295974: jni_FatalError and Xcheck:jni warnings should
print the native stack when there are no Java frames</li>
<li>JDK-8296934: Write a test to verify whether Undecorated Frame
can be iconified or not</li>
<li>JDK-8297000: [jib] Add more friendly warning for proxy issues</li>
<li>JDK-8297450: ScaledTextFieldBorderTest.java fails when run
with -show parameter</li>
<li>JDK-8298887: On the latest macOS+XCode the Robot API may
report wrong colors</li>
<li>JDK-8299259: C2: Div/Mod nodes without zero check could be
split through iv phi of loop resulting in SIGFPE</li>
<li>JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy
due to constant NULL src argument</li>
<li>JDK-8300205: Swing test bug8078268 make latch timeout
configurable</li>
<li>JDK-8300490: Spaces in name of MacOS Code Signing Identity
are not correctly handled after JDK-8293550</li>
<li>JDK-8301119: Support for GB18030-2022</li>
<li>JDK-8301170: perfMemory_windows.cpp add free_security_attr to
early returns</li>
<li>JDK-8301401: Allow additional characters for GB18030-2022
support</li>
<li>JDK-8302151: BMPImageReader throws an exception reading BMP
images</li>
<li>JDK-8302791: Add specific ClassLoader object to Proxy
IllegalArgumentException message</li>
<li>JDK-8303102: jcmd: ManagementAgent.status truncates the text
longer than O_BUFLEN</li>
<li>JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m
needs CFRelease call in early potential CHECK_NULL return</li>
<li>JDK-8303432: Bump update version for OpenJDK: jdk-11.0.20</li>
<li>JDK-8303440: The "ZonedDateTime.parse" may not accept the
"UTC+XX" zone id</li>
<li>JDK-8303465: KeyStore of type KeychainStore, provider Apple
does not show all trusted certificates</li>
<li>JDK-8303476: Add the runtime version in the release file of a
JDK image</li>
<li>JDK-8303482: Update LCMS to 2.15</li>
<li>JDK-8303564: C2: "Bad graph detected in build_loop_late"
after a CMove is wrongly split thru phi</li>
<li>JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs
CFRelease call in early potential CHECK_NULL return</li>
<li>JDK-8303822: gtestMain should give more helpful output</li>
<li>JDK-8303861: Error handling step timeouts should never be
blocked by OnError and others</li>
<li>JDK-8303937: Corrupted heap dumps due to missing retries for
os::write()</li>
<li>JDK-8304134: jib bootstrapper fails to quote filename when
checking download filetype</li>
<li>JDK-8304291: [AIX] Broken build after JDK-8301998</li>
<li>JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998</li>
<li>JDK-8304350: Font.getStringBounds calculates wrong width for
TextAttribute.TRACKING other than 0.0</li>
<li>JDK-8304760: Add 2 Microsoft TLS roots</li>
<li>JDK-8305113: (tz) Update Timezone Data to 2023c</li>
<li>JDK-8305400: ISO 4217 Amendment 175 Update</li>
<li>JDK-8305528: [11u] Backport of JDK-8259530 breaks build with
JDK10 bootstrap VM</li>
<li>JDK-8305682: Update the javadoc in the Character class to
state support for GB 18030-2022 Implementation Level 2</li>
<li>JDK-8305711: Arm: C2 always enters slowpath for monitorexit</li>
<li>JDK-8305721: add <code>make compile-commands</code> artifacts to
.gitignore</li>
<li>JDK-8305975: Add TWCA Global Root CA</li>
<li>JDK-8306543: GHA: MSVC installation is failing</li>
<li>JDK-8306658: GHA: MSVC installation could be optional since
it might already be pre-installed</li>
<li>JDK-8306664: GHA: Update MSVC version to latest stepping</li>
<li>JDK-8306768: CodeCache Analytics reports wrong threshold</li>
<li>JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep</li>
<li>JDK-8307134: Add GTS root CAs</li>
<li>JDK-8307811: [TEST] compilation of TimeoutInErrorHandlingTest
fails after backport of JDK-8303861</li>
<li>JDK-8308006: Missing NMT memory tagging in CMS</li>
<li>JDK-8308884: [17u/11u] Backout JDK-8297951</li>
<li>JDK-8309476: [11u] tools/jmod/hashes/HashesOrderTest.java
fails intermittently</li>
<li>JDK-8311465: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.20</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE Important update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.4
<br/>
<code>zypper in -t patch openSUSE-SLE-15.4-2023-3287=1</code>
</li>
<li class="list-group-item">
openSUSE Leap 15.5
<br/>
<code>zypper in -t patch openSUSE-SLE-15.5-2023-3287=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3287=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Package Hub 15 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Package Hub 15 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP1
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Manager Proxy 4.2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Manager Retail Branch Server 4.2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Manager Server 4.2
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE Enterprise Storage 7.1
<br/>
<code>zypper in -t patch SUSE-Storage-7.1-2023-3287=1</code>
</li>
<li class="list-group-item">
SUSE CaaS Platform 4.0
<br/>
<span>
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will
inform you if it detects new updates and let you then trigger updating of
the complete cluster in a controlled way.
</span>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-src-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-jmods-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (noarch)
<ul>
<li>java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-src-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-jmods-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (noarch)
<ul>
<li>java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Package Hub 15 15-SP4 (noarch)
<ul>
<li>java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Package Hub 15 15-SP5 (noarch)
<ul>
<li>java-11-openjdk-javadoc-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Manager Proxy 4.2 (x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Manager Retail Branch Server 4.2 (x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Manager Server 4.2 (ppc64le s390x x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE Enterprise Storage 7.1 (aarch64 x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
<li>
SUSE CaaS Platform 4.0 (x86_64)
<ul>
<li>java-11-openjdk-demo-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-headless-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-11.0.20.0-150000.3.99.1</li>
<li>java-11-openjdk-devel-11.0.20.0-150000.3.99.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22006.html">https://www.suse.com/security/cve/CVE-2023-22006.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22036.html">https://www.suse.com/security/cve/CVE-2023-22036.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22041.html">https://www.suse.com/security/cve/CVE-2023-22041.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22044.html">https://www.suse.com/security/cve/CVE-2023-22044.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22045.html">https://www.suse.com/security/cve/CVE-2023-22045.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22049.html">https://www.suse.com/security/cve/CVE-2023-22049.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-25193.html">https://www.suse.com/security/cve/CVE-2023-25193.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207922">https://bugzilla.suse.com/show_bug.cgi?id=1207922</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213473">https://bugzilla.suse.com/show_bug.cgi?id=1213473</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213474">https://bugzilla.suse.com/show_bug.cgi?id=1213474</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213475">https://bugzilla.suse.com/show_bug.cgi?id=1213475</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213479">https://bugzilla.suse.com/show_bug.cgi?id=1213479</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213481">https://bugzilla.suse.com/show_bug.cgi?id=1213481</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213482">https://bugzilla.suse.com/show_bug.cgi?id=1213482</a>
</li>
</ul>
</div>