<div class="container">
    <h1>Security update for java-11-openjdk</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-2024:1498-2</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>low</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213470">bsc#1213470</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222979">bsc#1222979</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222983">bsc#1222983</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222984">bsc#1222984</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222986">bsc#1222986</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222987">bsc#1222987</a>
                        </li>
                    
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-21011.html">CVE-2024-21011</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-21012.html">CVE-2024-21012</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-21068.html">CVE-2024-21068</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-21085.html">CVE-2024-21085</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-21094.html">CVE-2024-21094</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-21011</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-21012</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-21068</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-21085</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-21094</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">Legacy Module 15-SP6</li>
                    
                        <li class="list-group-item">openSUSE Leap 15.6</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP6</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP6</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 15 SP6</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP6</li>
                    
                        <li class="list-group-item">SUSE Package Hub 15 15-SP6</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves five vulnerabilities and has one security fix can now be installed.</p>

    


    
        <h2>Description:</h2>
    
    <p>This update for java-11-openjdk fixes the following issues:</p>
<ul>
<li>CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979)</li>
<li>CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987)</li>
<li>CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983)  </li>
<li>CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) </li>
<li>CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986)</li>
</ul>
<p>Other fixes:
- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU)
  * Security fixes
    + JDK-8318340: Improve RSA key implementations
  * Other changes
    + JDK-6928542: Chinese characters in RTF are not decoded
    + JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/
      /bug4517214.java fails on MacOS
    + JDK-7148092: [macosx] When Alt+down arrow key is pressed,
      the combobox popup does not appear.
    + JDK-8054022: HttpURLConnection timeouts with Expect:
      100-Continue and no chunking
    + JDK-8054572: [macosx] JComboBox paints the border incorrectly
    + JDK-8058176: [mlvm] tests should not allow code cache
      exhaustion
    + JDK-8067651: LevelTransitionTest.java, fix trivial methods
      levels logic
    + JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005
      intermittently times out
    + JDK-8156889: ListKeychainStore.sh fails in some virtualized
      environments
    + JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
      timeouting
    + JDK-8166554: Avoid compilation blocking in
      OverloadCompileQueueTest.java
    + JDK-8169475: WheelModifier.java fails by timeout
    + JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh
      to Java Jtreg Test
    + JDK-8186610: move ModuleUtils to top-level testlibrary
    + JDK-8192864: defmeth tests can hide failures
    + JDK-8193543: Regression automated test &#x27;/open/test/jdk/java/
      /awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java&#x27;
      fails
    + JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
      /isexceeded001/TestDescription.java still failing
    + JDK-8202282: [TESTBUG] appcds TestCommon
      .makeCommandLineForAppCDS() can be removed
    + JDK-8202790: DnD test DisposeFrameOnDragTest.java does not
      clean up
    + JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/
      /ChoicePopupLocation.java fails
    + JDK-8207211: [TESTBUG] Remove excessive output from
      CDS/AppCDS tests
    + JDK-8207214: Broken links in JDK API serialized-form page
    + JDK-8207855: Make applications/jcstress invoke tests in
      batches
    + JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/
      /TestDescription.java fails in jdk/hs nightly
    + JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
      .findDeadlock.INDIFY_Test Deadlocked threads are not always
      detected
    + JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails
      in AUFS file system
    + JDK-8208699: remove unneeded imports from runtime tests
    + JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out
      often in hs-tier7 testing
    + JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option
      is not always required for appcds tests
    + JDK-8209549: remove VMPropsExt from TEST.ROOT
    + JDK-8209595: MonitorVmStartTerminate.java timed out
    + JDK-8209946: [TESTBUG] CDS tests should use "@run driver"
    + JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java
      looks for libjsig in wrong location
    + JDK-8211978: Move  testlibrary/jdk/testlibrary/
      /SimpleSSLContext.java and testkeys to network testlibrary
    + JDK-8213622: Windows VS2013 build failure - "&#x27;snprintf&#x27;:
      identifier not found"
    + JDK-8213926: WB_EnqueueInitializerForCompilation requests
      compilation for NULL
    + JDK-8213927: G1 ignores AlwaysPreTouch when
      UseTransparentHugePages is enabled
    + JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr
      modules
    + JDK-8214915: CtwRunner misses export for jdk.internal.access
    + JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws
      NullPointerException
    + JDK-8217475: Unexpected StackOverflowError in "process
      reaper" thread
    + JDK-8218754: JDK-8068225 regression in JDIBreakpointTest
    + JDK-8219475: javap man page needs to be updated
    + JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/
      /JMXInterfaceBindingTest.java passes trivially when it
      shouldn&#x27;t
    + JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper
      .TestCaseImpl can&#x27;t be defined in different runtime package as
      its nest host
    + JDK-8225471: Test utility  jdk.test.lib.util.FileUtils
      .areAllMountPointsAccessible needs to tolerate duplicates
    + JDK-8226706: (se) Reduce the number of outer loop iterations
      on Windows in java/nio/channels/Selector/RacyDeregister.java
    + JDK-8226905: unproblem list applications/ctw/modules/<em> tests
      on windows
    + JDK-8226910: make it possible to use jtreg&#x27;s -match via
      run-test framework
    + JDK-8227438: [TESTLIB] Determine if file exists by
      Files.exists in function FileUtils.deleteFileIfExistsWithRetry
    + JDK-8231585: java/lang/management/ThreadMXBean/
      /MaxDepthForThreadInfoTest.java fails with
      java.lang.NullPointerException
    + JDK-8232839: JDI AfterThreadDeathTest.java failed due to
      "FAILED: Did not get expected IllegalThreadStateException on a
      StepRequest.enable()"
    + JDK-8233453: MLVM deoptimize stress test timed out
    + JDK-8234309: LFGarbageCollectedTest.java fails with parse
      Exception
    + JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/
      /AccessibleChoiceTest.java fails
    + JDK-8237777: "Dumping core ..." is shown despite claiming
      that "# No core dump will be written."
    + JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java
      failing with LDAP response read timeout
    + JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
    + JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/
      /AccessibleChoiceTest.java fails
    + JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001
      failed due to "(IsSameObject#3) unexpected monitor object:
      0x000000562336DBA8"
    + JDK-8246222: Rename javac test T6395981.java to be more
      informative
    + JDK-8247818: GCC 10 warning stringop-overflow with symbol code
    + JDK-8249087: Always initialize _body[0..1] in Symbol
      constructor
    + JDK-8251349: Add TestCaseImpl to
      OverloadCompileQueueTest.java&#x27;s build dependencies
    + JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/
      /btree010.java fails with ClassNotFoundException:
      nsk.sysdict.share.BTree0LLRLRLRRLR
    + JDK-8253543: sanity/client/SwingSet/src/
      /ButtonDemoScreenshotTest.java failed with "AssertionError:
      All pixels are not black"
    + JDK-8253739: java/awt/image/MultiResolutionImage/
      /MultiResolutionImageObserverTest.java fails
    + JDK-8253820: Save test images and dumps with timestamps from
      client sanity suite
    + JDK-8255277: randomDelay in DrainDeadlockT and
      LoggingDeadlock do not randomly delay
    + JDK-8255546: Missing coverage for
      javax.smartcardio.CardPermission and ResponseAPDU
    + JDK-8255743: Relax SIGFPE match in in
      runtime/ErrorHandling/SecondaryErrorTest.java
    + JDK-8257505: nsk/share/test/StressOptions stressTime is
      scaled in getter but not when printed
    + JDK-8259801: Enable XML Signature secure validation mode by
      default
    + JDK-8264135: UnsafeGetStableArrayElement should account for
      different JIT implementation details
    + JDK-8265349: vmTestbase/../stress/compiler/deoptimize/
      /Test.java fails with OOME due to CodeCache exhaustion.
    + JDK-8269025: jsig/Testjsig.java doesn&#x27;t check exit code
    + JDK-8269077: TestSystemGC uses "require vm.gc.G1" for large
      pages subtest
    + JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java
      doesn&#x27;t check exit code
    + JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java
      doesn&#x27;t check exit code
    + JDK-8271828: mark hotspot runtime/classFileParserBug tests
      which ignore external VM flags
    + JDK-8271829: mark hotspot runtime/Throwable tests which
      ignore external VM flags
    + JDK-8271890: mark hotspot runtime/Dictionary tests which
      ignore external VM flags
    + JDK-8272291: mark hotspot runtime/logging tests which ignore
      external VM flags
    + JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn&#x27;t
      check exit codes
    + JDK-8272551: mark hotspot runtime/modules tests which ignore
      external VM flags
    + JDK-8272552: mark hotspot runtime/cds tests which ignore
      external VM flags
    + JDK-8273803: Zero: Handle "zero" variant in
      CommandLineOptionTest.java
    + JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java
      fails in Windows 11
    + JDK-8274621: NullPointerException because listenAddress[0] is
      null
    + JDK-8276796: gc/TestSystemGC.java large pages subtest fails
      with ZGC
    + JDK-8280007: Enable Neoverse N1 optimizations for Arm
      Neoverse V1 & N2
    + JDK-8281149: (fs) java/nio/file/FileStore/Basic.java  fails
      with java.lang.RuntimeException: values differ by more than
      1GB
    + JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/
      /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java
      from problemlist.
    + JDK-8281717: Cover logout method for several LoginModule
    + JDK-8282665: [REDO] ByteBufferTest.java: replace endless
      recursion with RuntimeException in void ck(double x, double y)
    + JDK-8284090: com/sun/security/auth/module/AllPlatforms.java
      fails to compile
    + JDK-8285756: clean up use of bad arguments for <code>@clean</code> in
      langtools tests
    + JDK-8285785: CheckCleanerBound test fails with
      PasswordCallback object is not released
    + JDK-8285867: Convert applet manual tests
      SelectionVisible.java to Frame and automate
    + JDK-8286846: test/jdk/javax/swing/plaf/aqua/
      /CustomComboBoxFocusTest.java fails on mac aarch64
    + JDK-8286969: Add a new test library API to execute kinit in
      SecurityTools.java
    + JDK-8287113: JFR: Periodic task thread uses period for method
      sampling events
    + JDK-8289511: Improve test coverage for XPath Axes: child
    + JDK-8289764: gc/lock tests failed with "OutOfMemoryError:
      Java heap space: failed reallocation of scalar replaced
      objects"
    + JDK-8289948: Improve test coverage for XPath functions: Node
      Set Functions
    + JDK-8290399: [macos] Aqua LAF does not fire an action event
      if combo box menu is displayed
    + JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests
      failed with "isUsageThresholdExceeded() returned false, and is
      still false, while threshold = MMMMMMM and used peak = NNNNNNN"
    + JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup
      required permissions for jtreg version 7 jar
    + JDK-8292946: GC lock/jni/jnilock001 test failed
      "assert(gch->gc_cause() == GCCause::_scavenge_alot ||
      !gch->incremental_collection_failed()) failed: Twice in a row"
    + JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed
      with "RuntimeException: Retrieved backing PlatformLogger level
      null is not the expected CONFIG"
    + JDK-8294158: HTML formatting for PassFailJFrame instructions
    + JDK-8294254: [macOS] javax/swing/plaf/aqua/
      /CustomComboBoxFocusTest.java failure
    + JDK-8294402: Add diagnostic logging to
      VMProps.checkDockerSupport
    + JDK-8294535: Add screen capture functionality to
      PassFailJFrame
    + JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails
      intermittently on a VM
    + JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
      /AbstractDrbg/SpecTest.java intermittently timeout
    + JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java
      failed: ExceptionInInitializerError: target class not found
    + JDK-8300269: The selected item in an editable JComboBox with
      titled border is not visible in Aqua LAF
    + JDK-8300727: java/awt/List/ListGarbageCollectionTest/
      /AwtListGarbageCollectionTest.java failed with "List wasn&#x27;t
      garbage collected"
    + JDK-8301310: The SendRawSysexMessage test may cause a JVM
      crash
    + JDK-8301377: adjust timeout for JLI
      GetObjectSizeIntrinsicsTest.java subtest again
    + JDK-8301846: Invalid TargetDataLine after screen lock when
      using JFileChooser or COM library
    + JDK-8302017: Allocate BadPaddingException only if it will be
      thrown
    + JDK-8302109: Trivial fixes to btree tests
    + JDK-8302149: Speed up
      compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java
    + JDK-8302607: increase timeout for
      ContinuousCallSiteTargetChange.java
    + JDK-8304074: [JMX] Add an approximation of total bytes
      allocated on the Java heap by the JVM
    + JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373
    + JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1
    + JDK-8305502: adjust timeouts in three more M&M tests
    + JDK-8305505: NPE in javazic compiler
    + JDK-8305972: Update XML Security for Java to 3.0.2
    + JDK-8306072: Open source several AWT MouseInfo related tests
    + JDK-8306076: Open source AWT misc tests
    + JDK-8306409: Open source AWT KeyBoardFocusManger,
      LightWeightComponent related tests
    + JDK-8306640: Open source several AWT TextArea related tests
    + JDK-8306652: Open source AWT MenuItem related tests
    + JDK-8306681: Open source more AWT DnD related tests
    + JDK-8306683: Open source several clipboard and color AWT tests
    + JDK-8306752: Open source several container and component AWT
      tests
    + JDK-8306753: Open source several container AWT tests
    + JDK-8306755: Open source few Swing JComponent and
      AbstractButton tests
    + JDK-8306812: Open source several AWT Miscellaneous tests
    + JDK-8306871: Open source more AWT Drag & Drop tests
    + JDK-8306996: Open source Swing MenuItem related tests
    + JDK-8307123: Fix deprecation warnings in DPrinter
    + JDK-8307130: Open source few Swing JMenu tests
    + JDK-8307299: Move more DnD tests to open
    + JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing
      JTableHeader tests
    + JDK-8307381: Open Source JFrame, JIF related Swing Tests
    + JDK-8307683: Loop Predication should not hoist range checks
      with trap on success projection by negating their condition
    + JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC
      while allocating
    + JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler
      .compile does not close files
    + JDK-8308223: failure handler missed jcmd.vm.info command
    + JDK-8308232: nsk/jdb tests don&#x27;t pass -verbose flag to the
      debuggee
    + JDK-8308245: Add -proc:full to describe current default
      annotation processing policy
    + JDK-8308336: Test java/net/HttpURLConnection/
      /HttpURLConnectionExpectContinueTest.java failed:
      java.net.BindException: Address already in use
    + JDK-8309104: [JVMCI] compiler/unsafe/
      /UnsafeGetStableArrayElement test asserts wrong values with
      Graal
    + JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton
      predicates for all If nodes in loop predication
    + JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/
      /agentthr001/TestDescription.java crashing due to empty while
      loop
    + JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when
      using second test directory
    + JDK-8309870: Using -proc:full should be considered requesting
      explicit annotation processing
    + JDK-8310106: sun.security.ssl.SSLHandshake
      .getHandshakeProducer() incorrectly checks handshakeConsumers
    + JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
      /bug6889007.java fails
    + JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/
      /interrupt001.java timed out due to missing prompt
    + JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
      timed out
    + JDK-8311081: KeytoolReaderP12Test.java fail on localized
      Windows platform
    + JDK-8311511: Improve description of NativeLibrary JFR event
    + JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java
    + JDK-8313081: MonitoringSupport_lock should be unconditionally
      initialized after 8304074
    + JDK-8313082: Enable CreateCoredumpOnCrash for testing in
      makefiles
    + JDK-8313164: src/java.desktop/windows/native/libawt/windows/
      /awt_Robot.cpp GetRGBPixels adjust releasing of resources
    + JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground
      release resources in early returns
    + JDK-8313643: Update HarfBuzz to 8.2.2
    + JDK-8313816: Accessing jmethodID might lead to spurious
      crashes
    + JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to
      extra concurrent mark with -Xcomp
    + JDK-8314164: java/net/HttpURLConnection/
      /HttpURLConnectionExpectContinueTest.java fails intermittently
      in timeout
    + JDK-8314883:
      Java_java_util_prefs_FileSystemPreferences_lockFile0 write
      result errno in missing case
    + JDK-8315034: File.mkdirs() occasionally fails to create
      folders on Windows shared folder
    + JDK-8315042: NPE in PKCS7.parseOldSignedData
    + JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some
      cases
    + JDK-8315499: build using devkit on Linux ppc64le RHEL puts
      path to devkit into libsplashscreen
    + JDK-8315594: Open source few headless Swing misc tests
    + JDK-8315600: Open source few more headless Swing misc tests
    + JDK-8315602: Open source swing security manager test
    + JDK-8315606: Open source few swing text/html tests
    + JDK-8315611: Open source swing text/html and tree test
    + JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should
      run with -Xbatch
    + JDK-8315731: Open source several Swing Text related tests
    + JDK-8315761: Open source few swing JList and JMenuBar tests
    + JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/
      /bug4654927.java: component must be showing on the screen to
      determine its location
    + JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use
      createTestJvm
    + JDK-8316028: Update FreeType to 2.13.2
    + JDK-8316030: Update Libpng to 1.6.40
    + JDK-8316106: Open source few swing JInternalFrame and
      JMenuBar tests
    + JDK-8316461: Fix: make test outputs TEST SUCCESS after
      unsuccessful exit
    + JDK-8316947: Write a test to check textArea triggers
      MouseEntered/MouseExited events properly
    + JDK-8317307: test/jdk/com/sun/jndi/ldap/
      /LdapPoolTimeoutTest.java fails with ConnectException:
      Connection timed out: no further information
    + JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js
    + JDK-8318154: Improve stability of WheelModifier.java test
    + JDK-8318410: jdk/java/lang/instrument/BootClassPath/
      /BootClassPathTest.sh fails on Japanese Windows
    + JDK-8318468: compiler/tiered/LevelTransitionTest.java fails
      with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1
    + JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java
    + JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni
      tests
    + JDK-8318608: Enable parallelism in
      vmTestbase/nsk/stress/threads tests
    + JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with
      "transport error 202: bind failed: Address already in use"
    + JDK-8318889: C2: add bailout after assert Bad graph detected
      in build_loop_late
    + JDK-8318951: Additional negative value check in JPEG decoding
    + JDK-8318955: Add ReleaseIntArrayElements in
      Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to
      early return
    + JDK-8318971: Better Error Handling for Jar Tool When
      Processing Non-existent Files
    + JDK-8318983: Fix comment typo in PKCS12Passwd.java
    + JDK-8319124: Update XML Security for Java to 3.0.3
    + JDK-8319456: jdk/jfr/event/gc/collection/
      /TestGCCauseWith[Serial|Parallel].java : GC cause &#x27;GCLocker
      Initiated GC&#x27; not in the valid causes
    + JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh
    + JDK-8320001: javac crashes while adding type annotations to
      the return type of a constructor
    + JDK-8320208: Update Public Suffix List to b5bf572
    + JDK-8320363: ppc64 TypeEntries::type_unknown logic looks
      wrong, missed optimization opportunity
    + JDK-8320597: RSA signature verification fails on signed data
      that does not encode params correctly
    + JDK-8320798: Console read line with zero out should zero out
      underlying buffer
    + JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23
    + JDK-8320937: support latest VS2022 MSC_VER in
      abstract_vm_version.cpp
    + JDK-8321151: JDK-8294427 breaks Windows L&F on all older
      Windows versions
    + JDK-8321215: Incorrect x86 instruction encoding for VSIB
      addressing mode
    + JDK-8321408: Add Certainly roots R1 and E1
    + JDK-8321480: ISO 4217 Amendment 176 Update
    + JDK-8322178: Error. can&#x27;t find jdk.testlibrary
      .SimpleSSLContext in test directory or libraries
    + JDK-8322417: Console read line with zero out should zero out
      when throwing exception
    + JDK-8322725: (tz) Update Timezone Data to 2023d
    + JDK-8322750: Test "api/java_awt/interactive/
      /SystemTrayTests.html" failed because A blue ball icon is
      added outside of the system tray
    + JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is
      failing assert
    + JDK-8322772: Clean up code after JDK-8322417
    + JDK-8323008: filter out harmful -std</em> flags added by autoconf
      from CXX
    + JDK-8323243: JNI invocation of an abstract instance method
      corrupts the stack
    + JDK-8323515: Create test alias "all" for all test roots
    + JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/
      /platform/docker/TestDockerMemoryMetrics.java always fail
      because OOM killed
    + JDK-8324184: Windows VS2010 build failed with "error C2275:
      &#x27;int64_t&#x27;"
    + JDK-8324307: [11u] hotspot fails to build with GCC 12 and
      newer (non-static data member initializers)
    + JDK-8324347: Enable "maybe-uninitialized" warning for
      FreeType 2.13.1
    + JDK-8324659: GHA: Generic jtreg errors are not reported
    + JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/
      /AKISerialNumber.java is failing
    + JDK-8325150: (tz) Update Timezone Data to 2024a
    + JDK-8326109: GCC 13 reports maybe-uninitialized warnings for
      jni.cpp with dtrace enabled
    + JDK-8326503: [11u] java/net/HttpURLConnection/
      /HttpURLConnectionExpectContinueTest.java fail because of
      package org.junit.jupiter.api does not exist
    + JDK-8327391: Add SipHash attribution file
    + JDK-8329837: [11u] Remove designator
      DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23</p>
<ul>
<li>Removed the possibility to use the system timezone-java (bsc#1213470)</li>
</ul>



    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE  update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                openSUSE Leap 15.6
                
                    
                        <br/>
                        <code>zypper in -t patch openSUSE-SLE-15.6-2024-1498=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                Legacy Module 15-SP6
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-1498=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                SUSE Package Hub 15 15-SP6
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1498=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>java-11-openjdk-headless-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-devel-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-devel-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-headless-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-demo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-src-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-jmods-11.0.23.0-150000.3.113.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    openSUSE Leap 15.6 (noarch)
                    <ul>
                        
                            <li>java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>java-11-openjdk-headless-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-devel-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-devel-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-headless-debuginfo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-demo-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1</li>
                        
                            <li>java-11-openjdk-11.0.23.0-150000.3.113.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    SUSE Package Hub 15 15-SP6 (noarch)
                    <ul>
                        
                            <li>java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-21011.html">https://www.suse.com/security/cve/CVE-2024-21011.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-21012.html">https://www.suse.com/security/cve/CVE-2024-21012.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-21068.html">https://www.suse.com/security/cve/CVE-2024-21068.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-21085.html">https://www.suse.com/security/cve/CVE-2024-21085.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-21094.html">https://www.suse.com/security/cve/CVE-2024-21094.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1213470">https://bugzilla.suse.com/show_bug.cgi?id=1213470</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222979">https://bugzilla.suse.com/show_bug.cgi?id=1222979</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222983">https://bugzilla.suse.com/show_bug.cgi?id=1222983</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222984">https://bugzilla.suse.com/show_bug.cgi?id=1222984</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222986">https://bugzilla.suse.com/show_bug.cgi?id=1222986</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1222987">https://bugzilla.suse.com/show_bug.cgi?id=1222987</a>
                    </li>
                
            
        </ul>
    
</div>