SUSE-SU-2025:02657-1: important: Security update for java-21-openjdk
SLE-UPDATES
null at suse.de
Mon Aug 4 12:33:44 UTC 2025
# Security update for java-21-openjdk
Announcement ID: SUSE-SU-2025:02657-1
Release Date: 2025-08-04T10:34:53Z
Rating: important
References:
* bsc#1213796
* bsc#1246575
* bsc#1246584
* bsc#1246595
* bsc#1246598
Cross-References:
* CVE-2025-30749
* CVE-2025-30754
* CVE-2025-50059
* CVE-2025-50106
CVSS scores:
* CVE-2025-30749 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-30749 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-30749 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-30754 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-30754 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30754 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-50059 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-50059 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-50106 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-50106 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves four vulnerabilities and has one security fix can now be
installed.
## Description:
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.8+9 (July 2025 CPU):
Security fixes:
* CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595)
* CVE-2025-30754: incomplete handshake may lead to weakening TLS protections
(bsc#1246598)
* CVE-2025-50059: Improve HTTP client header handling (bsc#1246575)
* CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584)
Other fixes:
* Allow compilation of openjdk for 40 years (bsc#1213796)
Changelog:
+ JDK-6956385: URLConnection.getLastModified() leaks file
handles for jar:file and file: URLs
+ JDK-8051591: Test
javax/swing/JTabbedPane/8007563/Test8007563.java fails
+ JDK-8136895: Writer not closed with disk full error, file
resource leaked
+ JDK-8180450: secondary_super_cache does not scale well
+ JDK-8183348: Better cleanup for
jdk/test/sun/security/pkcs12/P12SecretKey.java
+ JDK-8200566: DistributionPointFetcher fails to fetch CRLs if
the DistributionPoints field contains more than one
DistributionPoint and the first one fails
+ JDK-8202100: Merge vm/share/InMemoryJavaCompiler w/
jdk/test/lib/compiler/InMemoryJavaCompiler
+ JDK-8210471: GZIPInputStream constructor could leak an
un-end()ed Inflater
+ JDK-8211400: nsk.share.gc.Memory::getArrayLength returns
wrong value
+ JDK-8220213: com/sun/jndi/dns/ConfigTests/Timeout.java
failed intermittent
+ JDK-8249831: Test sun/security/mscapi/nonUniqueAliases/
/NonUniqueAliases.java is marked with @ignore
+ JDK-8253440: serviceability/sa/TestJhsdbJstackLineNumbers.java
failed with "Didn't find enough line numbers"
+ JDK-8256211: assert fired in
java/net/httpclient/DependentPromiseActionsTest (infrequent)
+ JDK-8258483: [TESTBUG] gtest
CollectorPolicy.young_scaled_initial_ergo_vm fails if heap is
too small
+ JDK-8267174: Many test files have the wrong Copyright header
+ JDK-8270269: Desktop.browse method fails if earlier
CoInitialize call as COINIT_MULTITHREADED
+ JDK-8276995: Bug in jdk.jfr.event.gc.collection.TestSystemGC
+ JDK-8279016: JFR Leak Profiler is broken with Shenandoah
+ JDK-8280991: [XWayland] No displayChanged event after
setDisplayMode call
+ JDK-8281511: java/net/ipv6tests/UdpTest.java fails with
checkTime failed
+ JDK-8282726: java/net/vthread/BlockingSocketOps.java
timeout/hang intermittently on Windows
+ JDK-8286204: [Accessibility,macOS,VoiceOver] VoiceOver reads
the spinner value 10 as 1 when user iterates to 10 for the
first time on macOS
+ JDK-8286789: Test forceEarlyReturn002.java timed out
+ JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit
access thread fields from native
+ JDK-8294155: Exception thrown before awaitAndCheck hangs
PassFailJFrame
+ JDK-8295804: javax/swing/JFileChooser/
/JFileChooserSetLocationTest.java failed with "setLocation()
is not working properly"
+ JDK-8297692: Avoid sending per-region GCPhaseParallel JFR
events in G1ScanCollectionSetRegionClosure
+ JDK-8303770: Remove Baltimore root certificate expiring in
May 2025
+ JDK-8305010: Test vmTestbase/nsk/jvmti/scenarios/sampling/
/SP05/sp05t003/TestDescription.java timed out: thread not
suspended
+ JDK-8307318: Test serviceability/sa/
/ClhsdbCDSJstackPrintAll.java failed:
ArrayIndexOutOfBoundsException
+ JDK-8307824: Clean up Finalizable.java and finalize
terminology in vmTestbase/nsk/share
+ JDK-8308033: The jcmd thread dump related tests should test
virtual threads
+ JDK-8308966: Add intrinsic for float/double modulo for x86
AVX2 and AVX512
+ JDK-8309667: TLS handshake fails because of
ConcurrentModificationException in PKCS12KeyStore
.engineGetEntry
+ JDK-8309841: Jarsigner should print a warning if an entry is
removed
+ JDK-8309978: [x64] Fix useless padding
+ JDK-8310066: Improve test coverage for JVMTI GetThreadState
on carrier and mounted vthread
+ JDK-8310525: DynamicLauncher for JDP test needs to try
harder to find a free port
+ JDK-8310643: Misformatted copyright messages in FFM
+ JDK-8312246: NPE when HSDB visits bad oop
+ JDK-8312475: org.jline.util.PumpReader signed byte problem
+ JDK-8313290: Misleading exception message from
STS.Subtask::get when task forked after shutdown
+ JDK-8313430: [JVMCI] fatal error: Never compilable: in JVMCI
shutdown
+ JDK-8313654: Test WaitNotifySuspendedVThreadTest.java timed
out
+ JDK-8314056: Remove runtime platform check from frem/drem
+ JDK-8314136: Test java/net/httpclient/CancelRequestTest.java
failed: WARNING: tracker for HttpClientImpl(42) has
outstanding operations
+ JDK-8314236: Overflow in Collections.rotate
+ JDK-8314319: LogCompilation doesn't reset lateInlining when
it encounters a failure.
+ JDK-8314840: 3 gc/epsilon tests ignore external vm options
+ JDK-8314842: zgc/genzgc tests ignore vm flags
+ JDK-8315128: jdk/jfr/event/runtime/
/TestResidentSetSizeEvent.java fails with "The size should be
less than or equal to peak"
+ JDK-8315484: java/awt/dnd/RejectDragDropActionTest.java
timed out
+ JDK-8315669: Open source several Swing PopupMenu related
tests
+ JDK-8315742: Open source several Swing Scroll related tests
+ JDK-8315827: Kitchensink.java and RenaissanceStressTest.java
time out with jvmti module errors
+ JDK-8315871: Opensource five more Swing regression tests
+ JDK-8315876: Open source several Swing CSS related tests
+ JDK-8315951: Open source several Swing HTMLEditorKit related
tests
+ JDK-8315981: Opensource five more random Swing tests
+ JDK-8316061: Open source several Swing RootPane and Slider
related tests
+ JDK-8316324: Opensource five miscellaneous Swing tests
+ JDK-8316388: Opensource five Swing component related
regression tests
+ JDK-8316452: java/lang/instrument/modules/
/AppendToClassPathModuleTest.java ignores VM flags
+ JDK-8316497: ColorConvertOp - typo for non-ICC conversions
needs one-line fix
+ JDK-8316580: HttpClient with StructuredTaskScope does not
close when a task fails
+ JDK-8316629: j.text.DateFormatSymbols setZoneStrings()
exception is unhelpful
+ JDK-8317264: Pattern.Bound has `static` fields that should
be `static final`.
+ JDK-8318509: x86 count_positives intrinsic broken for
-XX:AVX3Threshold=0
+ JDK-8318636: Add jcmd to print annotated process memory map
+ JDK-8318700: MacOS Zero cannot run gtests due to wrong JVM
path
+ JDK-8318811: Compiler directives parser swallows a character
after line comments
+ JDK-8318915: Enhance checks in BigDecimal.toPlainString()
+ JDK-8319439: Move BufferNode from PtrQueue files to new files
+ JDK-8319572: Test jdk/incubator/vector/LoadJsvmlTest.java
ignores VM flags
+ JDK-8319690: [AArch64] C2 compilation hits
offset_ok_for_immed: assert "c2 compiler bug"
+ JDK-8320687: sun.jvmstat.monitor.MonitoredHost
.getMonitoredHost() throws unexpected exceptions when invoked
concurrently
+ JDK-8320948: NPE due to unreported compiler error
+ JDK-8321204: C2: assert(false) failed: node should be in
igvn hash table
+ JDK-8321479: java -D-D crashes
+ JDK-8321931: memory_swap_current_in_bytes reports 0 as
"unlimited"
+ JDK-8322141: SequenceInputStream.transferTo should not
return as soon as Long.MAX_VALUE bytes have been transferred
+ JDK-8322475: Extend printing for System.map
+ JDK-8323795: jcmd Compiler.codecache should print total size
of code cache
+ JDK-8324345: Stack overflow during C2 compilation when
splitting memory phi
+ JDK-8324678: Replace NULL with nullptr in HotSpot gtests
+ JDK-8324681: Replace NULL with nullptr in HotSpot jtreg test
native code files
+ JDK-8324799: Use correct extension for C++ test headers
+ JDK-8324880: Rename get_stack_trace.h
+ JDK-8325055: Rename Injector.h
+ JDK-8325180: Rename jvmti_FollowRefObjects.h
+ JDK-8325347: Rename native_thread.h
+ JDK-8325367: Rename nsk_list.h
+ JDK-8325435: [macos] Menu or JPopupMenu not closed when main
window is resized
+ JDK-8325456: Rename nsk_mutex.h
+ JDK-8325458: Rename mlvmJvmtiUtils.h
+ JDK-8325680: Uninitialised memory in deleteGSSCB of
GSSLibStub.c:179
+ JDK-8325682: Rename nsk_strace.h
+ JDK-8325910: Rename jnihelper.h
+ JDK-8326090: Rename jvmti_aod.h
+ JDK-8326389: [test] improve assertEquals failure output
+ JDK-8326524: Rename agent_common.h
+ JDK-8326586: Improve Speed of System.map
+ JDK-8327071: [Testbug] g-tests for cgroup leave files in
/tmp on linux
+ JDK-8327169: serviceability/dcmd/vm/SystemMapTest.java and
SystemDumpMapTest.java may fail after JDK-8326586
+ JDK-8327370: (ch) sun.nio.ch.Poller.register throws
AssertionError
+ JDK-8327461: KeyStore getEntry is not thread-safe
+ JDK-8328107: Shenandoah/C2: TestVerifyLoopOptimizations test
failure
+ JDK-8328301: Convert Applet test
ManualHTMLDataFlavorTest.java to main program
+ JDK-8328482: Convert and Open source few manual applet test
to main based
+ JDK-8328484: Convert and Opensource few JFileChooser applet
test to main
+ JDK-8328648: Remove applet usage from JFileChooser tests
bug4150029
+ JDK-8328670: Automate and open source few closed manual
applet test
+ JDK-8328673: Convert closed text/html/CSS manual applet test
to main
+ JDK-8328864: NullPointerException in
sun.security.jca.ProviderList.getService()
+ JDK-8329261: G1: interpreter post-barrier x86 code asserts
index size of wrong buffer
+ JDK-8329729:
java/util/Properties/StoreReproducibilityTest.java times out
+ JDK-8330106: C2: VectorInsertNode::make() shouldn't call
ConINode::make() directly
+ JDK-8330158: C2: Loop strip mining uses ABS with min int
+ JDK-8330534: Update nsk/jdwp tests to use driver instead of
othervm
+ JDK-8330598: java/net/httpclient/Http1ChunkedTest.java fails
with java.util.MissingFormatArgumentException: Format
specifier '%s'
+ JDK-8330936: [ubsan] exclude function BilinearInterp and
ShapeSINextSpan in libawt java2d from ubsan checks
+ JDK-8331088: Incorrect TraceLoopPredicate output
+ JDK-8331735: UpcallLinker::on_exit races with GC when
copying frame anchor
+ JDK-8332252: Clean up vmTestbase/vm/share
+ JDK-8332506: SIGFPE In
ObjectSynchronizer::is_async_deflation_needed()
+ JDK-8332631: Update nsk.share.jpda.BindServer to don't use
finalization
+ JDK-8332641: Update nsk.share.jpda.Jdb to don't use
finalization
+ JDK-8332880: JFR GCHelper class recognizes "Archive" regions
as valid
+ JDK-8332921: Ctrl+C does not call shutdown hooks after JLine
upgrade
+ JDK-8333013: Update vmTestbase/nsk/share/LocalProcess.java
to don't use finalization
+ JDK-8333117: Remove support of remote and manual debuggee
launchers
+ JDK-8333680: com/sun/tools/attach/BasicTests.java fails with
"SocketException: Permission denied: connect"
+ JDK-8333805: Replaying compilation with null static final
fields results in a crash
+ JDK-8333890: Fatal error in auto-vectorizer with float16
kernel.
+ JDK-8334644: Automate
javax/print/attribute/PageRangesException.java
+ JDK-8334780: Crash: assert(h_array_list.not_null()) failed:
invariant
+ JDK-8334895: OpenJDK fails to configure on linux aarch64
when CDS is disabled after JDK-8331942
+ JDK-8335181: Incorrect handling of HTTP/2 GOAWAY frames in
HttpClient
+ JDK-8335643: serviceability/dcmd/vm tests fail for ZGC after
JDK-8322475
+ JDK-8335662: [AArch64] C1: guarantee(val < (1ULL << nbits))
failed: Field too big for insn
+ JDK-8335684: Test ThreadCpuTime.java should pause like
ThreadCpuTimeArray.java
+ JDK-8335710: serviceability/dcmd/vm/SystemDumpMapTest.java
and SystemMapTest.java fail on Linux Alpine after 8322475
+ JDK-8335836: serviceability/jvmti/StartPhase/AllowedFunctions/
/AllowedFunctions.java fails with unexpected exit code: 112
+ JDK-8335860: compiler/vectorization/
/TestFloat16VectorConvChain.java fails with non-standard
AVX/SSE settings
+ JDK-8336042: Caller/callee param size mismatch in
deoptimization causes crash
+ JDK-8336499: Failure when creating non-CRT RSA private keys
in SunPKCS11
+ JDK-8336587: failure_handler lldb command times out on
macosx-aarch64 core file
+ JDK-8336827: compiler/vectorization/
/TestFloat16VectorConvChain.java timeouts on ppc64 platforms
after JDK-8335860
+ JDK-8337221: CompileFramework: test library to conveniently
compile java and jasm sources for fuzzing
+ JDK-8337299: vmTestbase/nsk/jdb/stop_at/stop_at002/
/stop_at002.java failure goes undetected
+ JDK-8337681: PNGImageWriter uses much more memory than
necessary
+ JDK-8337795: Type annotation attached to incorrect type
during class reading
+ JDK-8337958: Out-of-bounds array access in
secondary_super_cache
+ JDK-8337981: ShenandoahHeap::is_in should check for alive
regions
+ JDK-8337998: CompletionFailure in getEnclosingType attaching
type annotations
+ JDK-8338010: WB_IsFrameDeoptimized miss ResourceMark
+ JDK-8338064: Give better error for ConcurrentHashTable
corruption
+ JDK-8338136: Hotspot should support multiple large page
sizes on Windows
+ JDK-8338154: Fix -Wzero-as-null-pointer-constant warnings in
gtest framework
+ JDK-8338202: Shenandoah: Improve handshake closure labels
+ JDK-8338314: JFR: Split JFRCheckpoint VM operation
+ JDK-8339148: Make os::Linux::active_processor_count() public
+ JDK-8339288: Improve diagnostic logging
runtime/cds/DeterministicDump.java
+ JDK-8339300: CollectorPolicy.young_scaled_initial_ergo_vm
gtest fails on ppc64 based platforms
+ JDK-8339538: Wrong timeout computations in DnsClient
+ JDK-8339639: Opensource few AWT PopupMenu tests
+ JDK-8339678: Update runtime/condy tests to be executed with
VM flags
+ JDK-8339727: Open source several AWT focus tests - series 1
+ JDK-8339769: Incorrect error message during startup if
working directory does not exist
+ JDK-8339794: Open source closed choice tests #1
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339836: Open source several AWT Mouse tests - Batch 1
+ JDK-8339842: Open source several AWT focus tests - series 2
+ JDK-8339895: Open source several AWT focus tests - series 3
+ JDK-8339906: Open source several AWT focus tests - series 4
+ JDK-8339935: Open source several AWT focus tests - series 5
+ JDK-8339982: Open source several AWT Mouse tests - Batch 2
+ JDK-8339984: Open source AWT MenuItem related tests
+ JDK-8339995: Open source several AWT focus tests - series 6
+ JDK-8340024: In ClassReader, extract a constant for the
superclass supertype_index
+ JDK-8340077: Open source few Checkbox tests - Set2
+ JDK-8340084: Open source AWT Frame related tests
+ JDK-8340143: Open source several Java2D rendering loop tests.
+ JDK-8340146: ZGC: TestAllocateHeapAt.java should not run
with UseLargePages
+ JDK-8340164: Open source few Component tests - Set1
+ JDK-8340173: Open source some Component/Panel/EventQueue
tests - Set2
+ JDK-8340176: Replace usage of -noclassgc with -Xnoclassgc in
test/jdk/java/lang/management/MemoryMXBean/LowMemoryTest2.java
+ JDK-8340193: Open source several AWT Dialog tests - Batch 1
+ JDK-8340228: Open source couple more miscellaneous AWT tests
+ JDK-8340271: Open source several AWT Robot tests
+ JDK-8340279: Open source several AWT Dialog tests - Batch 2
+ JDK-8340332: Open source mixed AWT tests - Set3
+ JDK-8340366: Open source several AWT Dialog tests - Batch 3
+ JDK-8340367: Opensource few AWT image tests
+ JDK-8340393: Open source closed choice tests #2
+ JDK-8340407: Open source a few more Component related tests
+ JDK-8340417: Open source some MenuBar tests - Set1
+ JDK-8340432: Open source some MenuBar tests - Set2
+ JDK-8340433: Open source closed choice tests #3
+ JDK-8340437: Open source few more AWT Frame related tests
+ JDK-8340458: Open source additional Component tests (part 2)
+ JDK-8340555: Open source DnD tests - Set4
+ JDK-8340560: Open Source several AWT/2D font and rendering
tests
+ JDK-8340605: Open source several AWT PopupMenu tests
+ JDK-8340621: Open source several AWT List tests
+ JDK-8340625: Open source additional Component tests (part 3)
+ JDK-8340639: Open source few more AWT List tests
+ JDK-8340713: Open source DnD tests - Set5
+ JDK-8340784: Remove PassFailJFrame constructor with
screenshots
+ JDK-8340790: Open source several AWT Dialog tests - Batch 4
+ JDK-8340809: Open source few more AWT PopupMenu tests
+ JDK-8340874: Open source some of the AWT Geometry/Button
tests
+ JDK-8340907: Open source closed frame tests # 2
+ JDK-8340966: Open source few Checkbox and Cursor tests - Set1
+ JDK-8340967: Open source few Cursor tests - Set2
+ JDK-8340978: Open source few DnD tests - Set6
+ JDK-8340985: Open source some Desktop related tests
+ JDK-8341000: Open source some of the AWT Window tests
+ JDK-8341004: Open source AWT FileDialog related tests
+ JDK-8341072: Open source several AWT Canvas and Rectangle
related tests
+ JDK-8341128: open source some 2d graphics tests
+ JDK-8341148: Open source several Choice related tests
+ JDK-8341162: Open source some of the AWT window test
+ JDK-8341170: Open source several Choice related tests (part 2)
+ JDK-8341177: Opensource few List and a Window test
+ JDK-8341191: Open source few more AWT FileDialog tests
+ JDK-8341239: Open source closed frame tests # 3
+ JDK-8341257: Open source few DND tests - Set1
+ JDK-8341258: Open source few various AWT tests - Set1
+ JDK-8341278: Open source few TrayIcon tests - Set7
+ JDK-8341298: Open source more AWT window tests
+ JDK-8341373: Open source closed frame tests # 4
+ JDK-8341378: Open source few TrayIcon tests - Set8
+ JDK-8341447: Open source closed frame tests # 5
+ JDK-8341535: sun/awt/font/TestDevTransform.java fails with
RuntimeException: Different rendering
+ JDK-8341637: java/net/Socket/UdpSocket.java fails with
"java.net.BindException: Address already in use"
(macos-aarch64)
+ JDK-8341779: [REDO BACKPORT] type annotations are not
visible to javac plugins across compilation boundaries
(JDK-8225377)
+ JDK-8341972: java/awt/dnd/DnDRemoveFocusOwnerCrashTest.java
timed out after JDK-8341257
+ JDK-8342075: HttpClient: improve HTTP/2 flow control checks
+ JDK-8342376: More reliable OOM handling in
ExceptionDuringDumpAtObjectsInitPhase test
+ JDK-8342524: Use latch in AbstractButton/bug6298940.java
instead of delay
+ JDK-8342633: javax/management/security/
/HashedPasswordFileTest.java creates tmp file in src dir
+ JDK-8342958: Use jvmArgs consistently in microbenchmarks
+ JDK-8343019: Primitive caches must use boxed instances from
the archive
+ JDK-8343037: Missing @since tag on JColorChooser.showDialog
overload
+ JDK-8343103: Enable debug logging for vmTestbase/nsk/jvmti/
/scenarios/sampling/SP05/sp05t003/TestDescription.java
+ JDK-8343124: Tests fails with java.lang.IllegalAccessException:
class com.sun.javatest.regtest.agent.MainWrapper$MainTask
cannot access
+ JDK-8343144: UpcallLinker::on_entry racingly clears pending
exception with GC safepoints
+ JDK-8343170: java/awt/Cursor/JPanelCursorTest/
/JPanelCursorTest.java does not show the default cursor
+ JDK-8343224: print/Dialog/PaperSizeError.java fails with
MediaSizeName is not A4: A4
+ JDK-8343342: java/io/File/GetXSpace.java fails on Windows
with CD-ROM drive
+ JDK-8343345: Use -jvmArgsPrepend when running
microbenchmarks in RunTests.gmk
+ JDK-8343529: serviceability/sa/ClhsdbWhere.java fails
AssertionFailure: Corrupted constant pool
+ JDK-8343754: Problemlist
jdk/jfr/event/oldobject/TestShenandoah.java after JDK-8279016
+ JDK-8343855: HTTP/2 ConnectionWindowUpdateSender may miss
some unprocessed DataFrames from closed streams
+ JDK-8343891: Test javax/swing/JTabbedPane/
/TestJTabbedPaneBackgroundColor.java failed
+ JDK-8343936: Adjust timeout in test
javax/management/monitor/DerivedGaugeMonitorTest.java
+ JDK-8344316: security/auth/callback/TextCallbackHandler/
/Password.java make runnable with JTReg and add the UI
+ JDK-8344346: java/net/httpclient/ShutdownNow.java fails with
java.lang.AssertionError: client was still running, but exited
after further delay: timeout should be adjusted
+ JDK-8344361: Restore null return for invalid services from
legacy providers
+ JDK-8344414: ZGC: Another division by zero in
rule_major_allocation_rate
+ JDK-8344925: translet-name ignored when package-name is also
set
+ JDK-8345133: Test sun/security/tools/jarsigner/
/TsacertOptionTest.java failed: Warning found in stdout
+ JDK-8345134: Test sun/security/tools/jarsigner/
/ConciseJarsigner.java failed: unable to find valid
certification path to requested target
+ JDK-8345146: [PPC64] Make intrinsic conversions between bit
representations of half precision values and floats
+ JDK-8345341: Fix incorrect log message in JDI stop002t test
+ JDK-8345357: test/jdk/javax/swing/JRadioButton/8033699/
/bug8033699.java fails in ubuntu22.04
+ JDK-8345447: test/jdk/javax/swing/JToolBar/4529206/
/bug4529206.java fails in ubuntu22.04
+ JDK-8345547: test/jdk/javax/swing/text/DefaultEditorKit/
/4278839/bug4278839.java fails in ubuntu22.04
+ JDK-8345598: Upgrade NSS binaries for interop tests
+ JDK-8345625: Better HTTP connections
+ JDK-8345728: [Accessibility,macOS,Screen Magnifier]:
JCheckbox unchecked state does not magnify but works for
checked state
+ JDK-8345838: Remove the
appcds/javaldr/AnonVmClassesDuringDump.java test
+ JDK-8346049: jdk/test/lib/security/timestamp/TsaServer.java
warnings
+ JDK-8346082: Output JVMTI agent information in hserr files
+ JDK-8346264: "Total compile time" counter should include
time spent in failing/bailout compiles
+ JDK-8346581: JRadioButton/ButtonGroupFocusTest.java fails in
CI on Linux
+ JDK-8346888: [ubsan] block.cpp:1617:30: runtime error:
9.97582e+36 is outside the range of representable values of
type 'int'
+ JDK-8347000: Bug in
com/sun/net/httpserver/bugs/B6361557.java test
+ JDK-8347019: Test javax/swing/JRadioButton/8033699/
/bug8033699.java still fails: Focus is not on Radio Button
Single as Expected
+ JDK-8347083: Incomplete logging in nsk/jvmti/
/ResourceExhausted/resexhausted00* tests
+ JDK-8347126: gc/stress/TestStressG1Uncommit.java gets
OOM-killed
+ JDK-8347173: java/net/DatagramSocket/
/InterruptibleDatagramSocket.java fails with virtual thread
factory
+ JDK-8347286: (fs) Remove some extensions from
java/nio/file/Files/probeContentType/Basic.java
+ JDK-8347296: WinInstallerUiTest fails in local test runs if
the path to test work directory is longer that regular
+ JDK-8347373: HTTP/2 flow control checks may count
unprocessed data twice
+ JDK-8347506: Compatible OCSP readtimeout property with OCSP
timeout
+ JDK-8347596: Update HSS/LMS public key encoding
+ JDK-8347629: Test FailOverDirectExecutionControlTest.java
fails with -Xcomp
+ JDK-8347995: Race condition in jdk/java/net/httpclient/
/offline/FixedResponseHttpClient.java
+ JDK-8348107: test/jdk/java/net/httpclient/
/HttpsTunnelAuthTest.java fails intermittently
+ JDK-8348110: Update LCMS to 2.17
+ JDK-8348299: Update List/ItemEventTest/ItemEventTest.java
+ JDK-8348323: Corrupted timezone string in JVM crash log
+ JDK-8348596: Update FreeType to 2.13.3
+ JDK-8348597: Update HarfBuzz to 10.4.0
+ JDK-8348598: Update Libpng to 1.6.47
+ JDK-8348600: Update PipeWire to 1.3.81
+ JDK-8348865: JButton/bug4796987.java never runs because
Windows XP is unavailable
+ JDK-8348936: [Accessibility,macOS,VoiceOver] VoiceOver
doesn't announce untick on toggling the checkbox with "space"
key on macOS
+ JDK-8348989: Better Glyph drawing
+ JDK-8349111: Enhance Swing supports
+ JDK-8349200: [JMH]
time.format.ZonedDateTimeFormatterBenchmark fails
+ JDK-8349348: Refactor ClassLoaderDeadlock.sh and Deadlock.sh
to run fully in java
+ JDK-8349358: [JMH] Cannot access class
jdk.internal.vm.ContinuationScope
+ JDK-8349492: Update sun/security/pkcs12/
/KeytoolOpensslInteropTest.java to use a recent Openssl
version
+ JDK-8349501: Relocate supporting classes in
security/testlibrary to test/lib/jdk tree
+ JDK-8349594: Enhance TLS protocol support
+ JDK-8349623: [ASAN] Gtest os_linux.glibc_mallinfo_wrapper_vm
fails
+ JDK-8349637: Integer.numberOfLeadingZeros outputs
incorrectly in certain cases
+ JDK-8349751: AIX build failure after upgrade pipewire to
1.3.81
+ JDK-8350201: Out of bounds access on Linux aarch64 in
os::print_register_info
+ JDK-8350211: CTW: Attempt to preload all classes in constant
pool
+ JDK-8350224: Test javax/swing/JComboBox/
/TestComboBoxComponentRendering.java fails in ubuntu 23.x and
later
+ JDK-8350260: Improve HTML instruction formatting in
PassFailJFrame
+ JDK-8350313: Include timings for leaving safepoint in
safepoint logging
+ JDK-8350383: Test: add more test case for string compare (UL
case)
+ JDK-8350386: Test TestCodeCacheFull.java fails with option
-XX:-UseCodeCacheFlushing
+ JDK-8350412: [21u] AArch64: Ambiguous frame layout leads to
incorrect traces in JFR
+ JDK-8350483: AArch64: turn on signum intrinsics by default
on Ampere CPUs
+ JDK-8350498: Remove two Camerfirma root CA certificates
+ JDK-8350546: Several java/net/InetAddress tests fails
UnknownHostException
+ JDK-8350616: Skip ValidateHazardPtrsClosure in non-debug
builds
+ JDK-8350650: Bump update version for OpenJDK: jdk-21.0.8
+ JDK-8350682: [JMH] vector.IndexInRangeBenchmark failed with
IndexOutOfBoundsException for size=1024
+ JDK-8350786: Some java/lang jtreg tests miss requires
vm.hasJFR
+ JDK-8350924: javax/swing/JMenu/4213634/bug4213634.java fails
+ JDK-8350991: Improve HTTP client header handling
+ JDK-8351086: (fc) Make java/nio/channels/FileChannel/
/BlockDeviceSize.java test manual
+ JDK-8351500: G1: NUMA migrations cause crashes in region
allocation
+ JDK-8351665: Remove unused UseNUMA in os_aix.cpp
+ JDK-8351933: Inaccurate masking of TC subfield decrement in
ForkJoinPool
+ JDK-8352076: [21u] Problem list tests that fail in 21 and
would be fixed by 8309622
+ JDK-8352109: java/awt/Desktop/MailTest.java fails in
platforms where Action.MAIL is not supported
+ JDK-8352302: Test sun/security/tools/jarsigner/
/TimestampCheck.java is failing
+ JDK-8352512: TestVectorZeroCount: counter not reset between
iterations
+ JDK-8352676: Opensource JMenu tests - series1
+ JDK-8352680: Opensource few misc swing tests
+ JDK-8352684: Opensource JInternalFrame tests - series1
+ JDK-8352706: httpclient HeadTest does not run on HTTP2
+ JDK-8352716: (tz) Update Timezone Data to 2025b
+ JDK-8352908: Open source several swing tests batch1
+ JDK-8352942: jdk/jfr/startupargs/TestMemoryOptions.java
fails with 32-bit build
+ JDK-8353070: Clean up and open source couple AWT Graphics
related tests (Part 1)
+ JDK-8353138: Screen capture for test
TaskbarPositionTest.java, failure case
+ JDK-8353190: Use "/native" Run Option for
TestAvailableProcessors Execution
+ JDK-8353237: [AArch64] Incorrect result of
VectorizedHashCode intrinsic on Cortex-A53
+ JDK-8353320: Open source more Swing text tests
+ JDK-8353446: Open source several AWT Menu tests - Batch 2
+ JDK-8353475: Open source two Swing DefaultCaret tests
+ JDK-8353685: Open some JComboBox bugs 4
+ JDK-8353709: Debug symbols bundle should contain full debug
files when building --with-external-symbols-in-bundles=public
+ JDK-8353787: Increased number of SHA-384-Digest
java.util.jar.Attributes$Name instances leading to higher
memory footprint
+ JDK-8353942: Open source Swing Tests - Set 5
+ JDK-8354255: [jittester] Remove TempDir debug output
+ JDK-8354530: AIX: sporadic unexpected errno when calling
setsockopt in Net.joinOrDrop
+ JDK-8354554: Open source several clipboard tests batch1
+ JDK-8354802: MAX_SECS definition is unused in os_linux
+ JDK-8354893: [REDO BACKPORT] javac crashes while adding type
annotations to the return type of a constructor (JDK-8320001)
+ JDK-8355498: [AIX] Adapt code for C++ VLA rule
+ JDK-8356053: Test java/awt/Toolkit/Headless/
/HeadlessToolkit.java fails by timeout
+ JDK-8356096: ISO 4217 Amendment 179 Update
+ JDK-8356571: Re-enable -Wtype-limits for GCC in LCMS
+ JDK-8357105: C2: compilation fails with "assert(false)
failed: empty program detected during loop optimization"
+ JDK-8357193: [VS 2022 17.14] Warning C5287 in debugInit.c:
enum type mismatch during build
+ JDK-8359170: Add 2 TLS and 2 CS Sectigo roots
+ JDK-8360147: Better Glyph drawing redux
+ JDK-8360406: [21u] Disable logic for attaching type
annotations to class files until 8359336 is fixed
+ JDK-8361672: [21u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.8
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-2657=1 openSUSE-SLE-15.6-2025-2657=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2657=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2657=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-src-21.0.8.0-150600.3.15.1
* java-21-openjdk-21.0.8.0-150600.3.15.1
* java-21-openjdk-demo-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-21.0.8.0-150600.3.15.1
* java-21-openjdk-jmods-21.0.8.0-150600.3.15.1
* openSUSE Leap 15.6 (noarch)
* java-21-openjdk-javadoc-21.0.8.0-150600.3.15.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-21.0.8.0-150600.3.15.1
* java-21-openjdk-demo-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-21.0.8.0-150600.3.15.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-21.0.8.0-150600.3.15.1
* java-21-openjdk-demo-21.0.8.0-150600.3.15.1
* java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1
* java-21-openjdk-headless-21.0.8.0-150600.3.15.1
## References:
* https://www.suse.com/security/cve/CVE-2025-30749.html
* https://www.suse.com/security/cve/CVE-2025-30754.html
* https://www.suse.com/security/cve/CVE-2025-50059.html
* https://www.suse.com/security/cve/CVE-2025-50106.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213796
* https://bugzilla.suse.com/show_bug.cgi?id=1246575
* https://bugzilla.suse.com/show_bug.cgi?id=1246584
* https://bugzilla.suse.com/show_bug.cgi?id=1246595
* https://bugzilla.suse.com/show_bug.cgi?id=1246598
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250804/a115b6b3/attachment.htm>
More information about the sle-updates
mailing list