Vulnerability Scan Report for registry.suse.com/bci/openjdk-devel:17-15.4
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: September 02, 2024 14:02
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: September 02, 2024 14:02
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
java-17-openjdk-devel | LOW | fixed |
Security update for java-17-openjdk Vulnerability ID: SUSE-SU-2024:1499-1 Installed Version: 17.0.7.0-150400.3.21.1 Fixed Version: 17.0.11.0-150400.3.42.1 This update for java-17-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987) - CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) - CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with 'Exceeded _node_regs array' (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: - Update to upstream tag jdk-17.0.11+9 (April 2024 CPU) * Security fixes + JDK-8318340: Improve RSA key implementations * Other changes + JDK-6928542: Chinese characters in RTF are not decoded + JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS + JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup does not appear. + JDK-7167356: (javac) investigate failing tests in JavacParserTest + JDK-8054022: HttpURLConnection timeouts with Expect: 100-Continue and no chunking + JDK-8054572: [macosx] JComboBox paints the border incorrectly + JDK-8169475: WheelModifier.java fails by timeout + JDK-8205076: [17u] Inet6AddressImpl.c: `lookupIfLocalHost` accesses `int InetAddress.preferIPv6Address` as a boolean + JDK-8209595: MonitorVmStartTerminate.java timed out + JDK-8210410: Refactor java.util.Currency:i18n shell tests to plain java tests + JDK-8261404: Class.getReflectionFactory() is not thread-safe + JDK-8261837: SIGSEGV in ciVirtualCallTypeData::translate_from + JDK-8263256: Test java/net/Inet6Address/serialize/ /Inet6AddressSerializationTest.java fails due to dynamic reconfigurations of network interface during test + JDK-8269258: java/net/httpclient/ManyRequestsLegacy.java failed with connection timeout + JDK-8271118: C2: StressGCM should have higher priority than frequency-based policy + JDK-8271616: oddPart in MutableBigInteger::mutableModInverse contains info on final result + JDK-8272811: Document the effects of building with _GNU_SOURCE in os_posix.hpp + JDK-8272853: improve `JavadocTester.runTests` + JDK-8273454: C2: Transform (-a)*(-b) into a*b + JDK-8274060: C2: Incorrect computation after JDK-8273454 + JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows 11 + JDK-8274621: NullPointerException because listenAddress[0] is null + JDK-8274632: Possible pointer overflow in PretouchTask chunk claiming + JDK-8274634: Use String.equals instead of String.compareTo in java.desktop + JDK-8276125: RunThese24H.java SIGSEGV in JfrThreadGroup::thread_group_id + JDK-8278028: [test-library] Warnings cleanup of the test library + JDK-8278312: Update SimpleSSLContext keystore to use SANs for localhost IP addresses + JDK-8278363: Create extented container test groups + JDK-8280241: (aio) AsynchronousSocketChannel init fails in IPv6 only Windows env + JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/ /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. + JDK-8281543: Remove unused code/headerfile dtraceAttacher.hpp + JDK-8281585: Remove unused imports under test/lib and jtreg/gc + JDK-8283400: [macos] a11y : Screen magnifier does not reflect JRadioButton value change + JDK-8283626: AArch64: Set relocInfo::offset_unit to 4 + JDK-8283994: Make Xerces DatatypeException stackless + JDK-8286312: Stop mixing signed and unsigned types in bit operations + JDK-8286846: test/jdk/javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java fails on mac aarch64 + JDK-8287832: jdk/jfr/event/runtime/TestActiveSettingEvent.java failed with 'Expected two batches of Active Setting events' + JDK-8288663: JFR: Disabling the JfrThreadSampler commits only a partially disabled state + JDK-8288846: misc tests fail 'assert(ms < 1000) failed: Un-interruptable sleep, short time use only' + JDK-8289764: gc/lock tests failed with 'OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects' + JDK-8290041: ModuleDescriptor.hashCode is inconsistent + JDK-8290203: ProblemList vmTestbase/nsk/jvmti/scenarios/ /capability/CM03/cm03t001/TestDescription.java on linux-all + JDK-8290399: [macos] Aqua LAF does not fire an action event if combo box menu is displayed + JDK-8292458: Atomic operations on scoped enums don't build with clang + JDK-8292946: GC lock/jni/jnilock001 test failed 'assert(gch->gc_cause() == GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed: Twice in a row' + JDK-8293117: Add atomic bitset functions + JDK-8293547: Add relaxed add_and_fetch for macos aarch64 atomics + JDK-8294158: HTML formatting for PassFailJFrame instructions + JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java failure + JDK-8294535: Add screen capture functionality to PassFailJFrame + JDK-8295068: SSLEngine throws NPE parsing CertificateRequests + JDK-8295124: Atomic::add to pointer type may return wrong value + JDK-8295274: HelidonAppTest.java fails 'assert(event->should_commit()) failed: invariant' from compiled frame' + JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts + JDK-8297968: Crash in PrintOptoAssembly + JDK-8298087: XML Schema Validation reports an required attribute twice via ErrorHandler + JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java failed: ExceptionInInitializerError: target class not found + JDK-8300269: The selected item in an editable JComboBox with titled border is not visible in Aqua LAF + JDK-8301306: java/net/httpclient/* fail with -Xcomp + JDK-8301310: The SendRawSysexMessage test may cause a JVM crash + JDK-8301787: java/net/httpclient/SpecialHeadersTest failing after JDK-8301306 + JDK-8301846: Invalid TargetDataLine after screen lock when using JFileChooser or COM library + JDK-8302017: Allocate BadPaddingException only if it will be thrown + JDK-8302149: Speed up compiler/jsr292/methodHandleExceptions/ /TestAMEnotNPE.java + JDK-8303605: Memory leaks in Metaspace gtests + JDK-8304074: [JMX] Add an approximation of total bytes allocated on the Java heap by the JVM + JDK-8304696: Duplicate class names in dynamicArchive tests can lead to test failure + JDK-8305356: Fix ignored bad CompileCommands in tests + JDK-8305900: Use loopback IP addresses in security policy files of httpclient tests + JDK-8305906: HttpClient may use incorrect key when finding pooled HTTP/2 connection for IPv6 address + JDK-8305962: update jcstress to 0.16 + JDK-8305972: Update XML Security for Java to 3.0.2 + JDK-8306014: Update javax.net.ssl TLS tests to use SSLContextTemplate or SSLEngineTemplate + JDK-8306408: Fix the format of several tables in building.md + JDK-8307185: pkcs11 native libraries make JNI calls into java code while holding GC lock + JDK-8307926: Support byte-sized atomic bitset operations + JDK-8307955: Prefer to PTRACE_GETREGSET instead of PTRACE_GETREGS in method 'ps_proc.c::process_get_lwp_regs' + JDK-8307990: jspawnhelper must close its writing side of a pipe before reading from it + JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC while allocating + JDK-8308245: Add -proc:full to describe current default annotation processing policy + JDK-8308336: Test java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed: java.net.BindException: Address already in use + JDK-8309302: java/net/Socket/Timeouts.java fails with AssertionError on test temporal post condition + JDK-8309305: sun/security/ssl/SSLSocketImpl/ /BlockedAsyncClose.java fails with jtreg test timeout + JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing due to empty while loop + JDK-8309733: [macOS, Accessibility] VoiceOver: Incorrect announcements of JRadioButton + JDK-8309870: Using -proc:full should be considered requesting explicit annotation processing + JDK-8310106: sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks handshakeConsumers + JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/ /bug6889007.java fails + JDK-8310380: Handle problems in core-related tests on macOS when codesign tool does not work + JDK-8310631: test/jdk/sun/nio/cs/TestCharsetMapping.java is spuriously passing + JDK-8310807: java/nio/channels/DatagramChannel/Connect.java timed out + JDK-8310838: Correct range notations in MethodTypeDesc specification + JDK-8310844: [AArch64] C1 compilation fails because monitor offset in OSR buffer is too large for immediate + JDK-8310923: Refactor Currency tests to use JUnit + JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows platform + JDK-8311160: [macOS, Accessibility] VoiceOver: No announcements on JRadioButtonMenuItem and JCheckBoxMenuItem + JDK-8311581: Remove obsolete code and comments in TestLVT.java + JDK-8311645: Memory leak in jspawnhelper spawnChild after JDK-8307990 + JDK-8311986: Disable runtime/os/TestTracePageSizes.java for ShenandoahGC + JDK-8312428: PKCS11 tests fail with NSS 3.91 + JDK-8312434: SPECjvm2008/xml.transform with CDS fails with 'can't seal package nu.xom' + JDK-8313081: MonitoringSupport_lock should be unconditionally initialized after 8304074 + JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles + JDK-8313206: PKCS11 tests silently skip execution + JDK-8313575: Refactor PKCS11Test tests + JDK-8313621: test/jdk/jdk/internal/math/FloatingDecimal/ /TestFloatingDecimal should use RandomFactory + JDK-8313643: Update HarfBuzz to 8.2.2 + JDK-8313816: Accessing jmethodID might lead to spurious crashes + JDK-8314164: java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fails intermittently in timeout + JDK-8314220: Configurable InlineCacheBuffer size + JDK-8314830: runtime/ErrorHandling/ tests ignore external VM flags + JDK-8315034: File.mkdirs() occasionally fails to create folders on Windows shared folder + JDK-8315042: NPE in PKCS7.parseOldSignedData + JDK-8315594: Open source few headless Swing misc tests + JDK-8315600: Open source few more headless Swing misc tests + JDK-8315602: Open source swing security manager test + JDK-8315611: Open source swing text/html and tree test + JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch + JDK-8315731: Open source several Swing Text related tests + JDK-8315761: Open source few swing JList and JMenuBar tests + JDK-8315920: C2: 'control input must dominate current control' assert failure + JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to determine its location + JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use createTestJvm + JDK-8316028: Update FreeType to 2.13.2 + JDK-8316030: Update Libpng to 1.6.40 + JDK-8316106: Open source few swing JInternalFrame and JMenuBar tests + JDK-8316304: (fs) Add support for BasicFileAttributes .creationTime() for Linux + JDK-8316392: compiler/interpreter/ /TestVerifyStackAfterDeopt.java failed with SIGBUS in PcDescContainer::find_pc_desc_internal + JDK-8316414: C2: large byte array clone triggers 'failed: malformed control flow' assertion failure on linux-x86 + JDK-8316415: Parallelize sun/security/rsa/SignedObjectChain.java subtests + JDK-8316418: containers/docker/TestMemoryWithCgroupV1.java get OOM killed with Parallel GC + JDK-8316445: Mark com/sun/management/HotSpotDiagnosticMXBean/ /CheckOrigin.java as vm.flagless + JDK-8316679: C2 SuperWord: wrong result, load should not be moved before store if not comparable + JDK-8316693: Simplify at-requires checkDockerSupport() + JDK-8316929: Shenandoah: Shenandoah degenerated GC and full GC need to cleanup old OopMapCache entries + JDK-8316947: Write a test to check textArea triggers MouseEntered/MouseExited events properly + JDK-8317039: Enable specifying the JDK used to run jtreg + JDK-8317144: Exclude sun/security/pkcs11/sslecc/ /ClientJSSEServerJSSE.java on Linux ppc64le + JDK-8317307: test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed out: no further information + JDK-8317603: Improve exception messages thrown by sun.nio.ch.Net native methods (win) + JDK-8317771: [macos14] Expand/collapse a JTree using keyboard freezes the application in macOS 14 Sonoma + JDK-8317807: JAVA_FLAGS removed from jtreg running in JDK-8317039 + JDK-8317960: [17u] Excessive CPU usage on AbstractQueuedSynchronized.isEnqueued + JDK-8318154: Improve stability of WheelModifier.java test + JDK-8318183: C2: VM may crash after hitting node limit + JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows + JDK-8318468: compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1 + JDK-8318490: Increase timeout for JDK tests that are close to the limit when run with libgraal + JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java + JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni tests + JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads tests + JDK-8318689: jtreg is confused when folder name is the same as the test name + JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with 'transport error 202: bind failed: Address already in use' + JDK-8318951: Additional negative value check in JPEG decoding + JDK-8318955: Add ReleaseIntArrayElements in Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return + JDK-8318957: Enhance agentlib:jdwp help output by info about allow option + JDK-8318961: increase javacserver connection timeout values and max retry attempts + JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent Files + JDK-8318983: Fix comment typo in PKCS12Passwd.java + JDK-8319124: Update XML Security for Java to 3.0.3 + JDK-8319213: Compatibility.java reads both stdout and stderr of JdkUtils + JDK-8319436: Proxy.newProxyInstance throws NPE if loader is null and interface not visible from class loader + JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes + JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh + JDK-8319922: libCreationTimeHelper.so fails to link in JDK 21 + JDK-8319961: JvmtiEnvBase doesn't zero _ext_event_callbacks + JDK-8320001: javac crashes while adding type annotations to the return type of a constructor + JDK-8320168: handle setsocktopt return values + JDK-8320208: Update Public Suffix List to b5bf572 + JDK-8320300: Adjust hs_err output in malloc/mmap error cases + JDK-8320363: ppc64 TypeEntries::type_unknown logic looks wrong, missed optimization opportunity + JDK-8320597: RSA signature verification fails on signed data that does not encode params correctly + JDK-8320798: Console read line with zero out should zero out underlying buffer + JDK-8320885: Bump update version for OpenJDK: jdk-17.0.11 + JDK-8320921: GHA: Parallelize hotspot_compiler test jobs + JDK-8320937: support latest VS2022 MSC_VER in abstract_vm_version.cpp + JDK-8321151: JDK-8294427 breaks Windows L&F on all older Windows versions + JDK-8321215: Incorrect x86 instruction encoding for VSIB addressing mode + JDK-8321408: Add Certainly roots R1 and E1 + JDK-8321480: ISO 4217 Amendment 176 Update + JDK-8321599: Data loss in AVX3 Base64 decoding + JDK-8321815: Shenandoah: gc state should be synchronized to java threads only once per safepoint + JDK-8321972: test runtime/Unsafe/InternalErrorTest.java timeout on linux-riscv64 platform + JDK-8322098: os::Linux::print_system_memory_info enhance the THP output with /sys/kernel/mm/transparent_hugepage/hpage_pmd_size + JDK-8322321: Add man page doc for -XX:+VerifySharedSpaces + JDK-8322417: Console read line with zero out should zero out when throwing exception + JDK-8322583: RISC-V: Enable fast class initialization checks + JDK-8322725: (tz) Update Timezone Data to 2023d + JDK-8322750: Test 'api/java_awt/interactive/ /SystemTrayTests.html' failed because A blue ball icon is added outside of the system tray + JDK-8322772: Clean up code after JDK-8322417 + JDK-8322783: prioritize /etc/os-release over /etc/SuSE-release in hs_err/info output + JDK-8322968: [17u] Amend Atomics gtest with 1-byte tests + JDK-8323008: filter out harmful -std* flags added by autoconf from CXX + JDK-8323021: Shenandoah: Encountered reference count always attributed to first worker thread + JDK-8323086: Shenandoah: Heap could be corrupted by oom during evacuation + JDK-8323243: JNI invocation of an abstract instance method corrupts the stack + JDK-8323331: fix typo hpage_pdm_size + JDK-8323428: Shenandoah: Unused memory in regions compacted during a full GC should be mangled + JDK-8323515: Create test alias 'all' for all test roots + JDK-8323637: Capture hotspot replay files in GHA + JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed + JDK-8323806: [17u] VS2017 build fails with warning after 8293117. + JDK-8324184: Windows VS2010 build failed with 'error C2275: 'int64_t'' + JDK-8324280: RISC-V: Incorrect implementation in VM_Version::parse_satp_mode + JDK-8324347: Enable 'maybe-uninitialized' warning for FreeType 2.13.1 + JDK-8324514: ClassLoaderData::print_on should print address of class loader + JDK-8324647: Invalid test group of lib-test after JDK-8323515 + JDK-8324659: GHA: Generic jtreg errors are not reported + JDK-8324937: GHA: Avoid multiple test suites per job + JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing + JDK-8325150: (tz) Update Timezone Data to 2024a + JDK-8325585: Remove no longer necessary calls to set/unset-in-asgct flag in JDK 17 + JDK-8326000: Remove obsolete comments for class sun.security.ssl.SunJSSE + JDK-8327036: [macosx-aarch64] SIGBUS in MarkActivationClosure::do_code_blob reached from Unsafe_CopySwapMemory0 + JDK-8327391: Add SipHash attribution file + JDK-8329836: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.11 - Removed the possibility to use the system timezone-java (bsc#1213470). |
||
java-17-openjdk-headless | HIGH | fixed |
Security update for java-17-openjdk Vulnerability ID: SUSE-SU-2023:3023-1 Installed Version: 17.0.7.0-150400.3.21.1 Fixed Version: 17.0.8.0-150400.3.27.1 This update for java-17-openjdk fixes the following issues: Updated to version jdk-17.0.8+7 (July 2023 CPU): - CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473). - CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474). - CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475). - CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479). - CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481). - CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482). - CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922). - JDK-8294323: Improve Shared Class Data - JDK-8296565: Enhanced archival support - JDK-8298676, JDK-8300891: Enhanced Look and Feel - JDK-8300285: Enhance TLS data handling - JDK-8300596: Enhance Jar Signature validation - JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1 - JDK-8302475: Enhance HTTP client file downloading - JDK-8302483: Enhance ZIP performance - JDK-8303376: Better launching of JDI - JDK-8304460: Improve array usages - JDK-8304468: Better array usages - JDK-8305312: Enhanced path handling - JDK-8308682: Enhance AES performance Bugfixes: - JDK-8178806: Better exception logging in crypto code - JDK-8201516: DebugNonSafepoints generates incorrect information - JDK-8224768: Test ActalisCA.java fails - JDK-8227060: Optimize safepoint cleanup subtask order - JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError - JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel - JDK-8244976: vmTestbase/nsk/jdi/Event/request/request001.java doesn' initialize eName - JDK-8245877: assert(_value != __null) failed: resolving NULL _value in JvmtiExport::post_compiled_method_load - JDK-8248001: javadoc generates invalid HTML pages whose ftp:// links are broken - JDK-8252990: Intrinsify Unsafe.storeStoreFence - JDK-8254711: Add java.security.Provider.getService JFR Event - JDK-8257856: Make ClassFileVersionsTest.java robust to JDK version updates - JDK-8261495: Shenandoah: reconsider update references memory ordering - JDK-8268288: jdk/jfr/api/consumer/streaming/ /TestOutOfProcessMigration.java fails with 'Error: ShouldNotReachHere()' - JDK-8268298: jdk/jfr/api/consumer/log/TestVerbosity.java fails: unexpected log message - JDK-8268582: javadoc throws NPE with --ignore-source-errors option - JDK-8269821: Remove is-queue-active check in inner loop of write_ref_array_pre_work - JDK-8270434: JDI+UT: Unexpected event in JDI tests - JDK-8270859: Post JEP 411 refactoring: client libs with maximum covering > 10K - JDK-8270869: G1ServiceThread may not terminate - JDK-8271519: java/awt/event/SequencedEvent/ /MultipleContextsFunctionalTest.java failed with 'Total [200] - Expected [400]' - JDK-8273909: vmTestbase/nsk/jdi/Event/request/request001 can still fail with 'ERROR: new event is not ThreadStartEvent' - JDK-8274243: Implement fast-path for ASCII-compatible CharsetEncoders on aarch64 - JDK-8274615: Support relaxed atomic add for linux-aarch64 - JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile - JDK-8275233: Incorrect line number reported in exception stack trace thrown from a lambda expression - JDK-8275287: Relax memory ordering constraints on updating instance class and array class counters - JDK-8275721: Name of UTC timezone in a locale changes depending on previous code - JDK-8275735: [linux] Remove deprecated Metrics api (kernel memory limit) - JDK-8276058: Some swing test fails on specific CI macos system - JDK-8277407: javax/swing/plaf/synth/SynthButtonUI/6276188/ /bug6276188.java fails to compile after JDK-8276058 - JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java - add 4357905 - JDK-8278146: G1: Rework VM_G1Concurrent VMOp to clearly identify it as pause - JDK-8278434: timeouts in test java/time/test/java/time/ /format/TestZoneTextPrinterParser.java - JDK-8278834: Error 'Cannot read field 'sym' because 'this.lvar[od]' is null' when compiling - JDK-8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error - JDK-8282201: Consider removal of expiry check in VerifyCACerts.java test - JDK-8282227: Locale information for nb is not working properly - JDK-8282704: runtime/Thread/StopAtExit.java may leak memory - JDK-8283057: Update GCC to version 11.2.0 for Oracle builds on Linux - JDK-8283062: Uninitialized warnings in libgtest with GCC 11.2 - JDK-8283520: JFR: Memory leak in dcmd_arena - JDK-8283566: G1: Improve G1BarrierSet::enqueue performance - JDK-8284331: Add sanity check for signal handler modification warning. - JDK-8285635: javax/swing/JRootPane/DefaultButtonTest.java failed with Default Button not pressed for L&F: com.sun.java.swing.plaf.motif.MotifLookAndFeel - JDK-8285987: executing shell scripts without #! fails on Alpine linux - JDK-8286191: misc tests fail due to JDK-8285987 - JDK-8286287: Reading file as UTF-16 causes Error which 'shouldn't happen' - JDK-8286331: jni_GetStringUTFChars() uses wrong heap allocator - JDK-8286346: 3-parameter version of AllocateHeap should not ignore AllocFailType - JDK-8286398: Address possibly lossy conversions in jdk.internal.le - JDK-8287007: [cgroups] Consistently use stringStream throughout parsing code - JDK-8287246: DSAKeyValue should check for missing params instead of relying on KeyFactory provider - JDK-8287541: Files.writeString fails to throw IOException for charset 'windows-1252' - JDK-8287854: Dangling reference in ClassVerifier::verify_class - JDK-8287876: The recently de-problemlisted TestTitledBorderLeak test is unstable - JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md with information on 4th party dependencies - JDK-8288589: Files.readString ignores encoding errors for UTF-16 - JDK-8289509: Improve test coverage for XPath Axes: descendant, descendant-or-self, following, following-sibling - JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space - JDK-8289949: Improve test coverage for XPath: operators - JDK-8290822: C2: assert in PhaseIdealLoop::do_unroll() is subject to undefined behavior - JDK-8291226: Create Test Cases to cover scenarios for JDK-8278067 - JDK-8291637: HttpClient default keep alive timeout not followed if server sends invalid value - JDK-8291638: Keep-Alive timeout of 0 should close connection immediately - JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage() is lower than expected - JDK-8292301: [REDO v2] C2 crash when allocating array of size too large - JDK-8292407: Improve Weak CAS VarHandle/Unsafe tests resilience under spurious failures - JDK-8292713: Unsafe.allocateInstance should be intrinsified without UseUnalignedAccesses - JDK-8292755: Non-default method in interface leads to a stack overflow in JShell - JDK-8292990: Improve test coverage for XPath Axes: parent - JDK-8293295: Add type check asserts to java_lang_ref_Reference accessors - JDK-8293492: ShenandoahControlThread missing from hs-err log and thread dump - JDK-8293858: Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG - JDK-8293887: AArch64 build failure with GCC 12 due to maybe-uninitialized warning in libfdlibm k_rem_pio2.c - JDK-8294183: AArch64: Wrong macro check in SharedRuntime::generate_deopt_blob - JDK-8294281: Allow warnings to be disabled on a per-file basis - JDK-8294673: JFR: Add SecurityProviderService#threshold to TestActiveSettingEvent.java - JDK-8294717: (bf) DirectByteBuffer constructor will leak if allocating Deallocator or Cleaner fails with OOME - JDK-8294906: Memory leak in PKCS11 NSS TLS server - JDK-8295564: Norwegian Nynorsk Locale is missing formatting - JDK-8295974: jni_FatalError and Xcheck:jni warnings should print the native stack when there are no Java frames - JDK-8296084: javax/swing/JSpinner/4788637/bug4788637.java fails intermittently on a VM - JDK-8296318: use-def assert: special case undetected loops nested in infinite loops - JDK-8296343: CPVE thrown on missing content-length in OCSP response - JDK-8296412: Special case infinite loops with unmerged backedges in IdealLoopTree::check_safepts - JDK-8296545: C2 Blackholes should allow load optimizations - JDK-8296934: Write a test to verify whether Undecorated Frame can be iconified or not - JDK-8297000: [jib] Add more friendly warning for proxy issues - JDK-8297154: Improve safepoint cleanup logging - JDK-8297450: ScaledTextFieldBorderTest.java fails when run with -show parameter - JDK-8297587: Upgrade JLine to 3.22.0 - JDK-8297730: C2: Arraycopy intrinsic throws incorrect exception - JDK-8297955: LDAP CertStore should use LdapName and not String for DNs - JDK-8298488: [macos13] tools/jpackage tests failing with 'Exit code: 137' on macOS - JDK-8298887: On the latest macOS+XCode the Robot API may report wrong colors - JDK-8299179: ArrayFill with store on backedge needs to reduce length by 1 - JDK-8299259: C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE - JDK-8299544: Improve performance of CRC32C intrinsics (non-AVX-512) for small inputs - JDK-8299570: [JVMCI] Insufficient error handling when CodeBuffer is exhausted - JDK-8299959: C2: CmpU::Value must filter overflow computation against local sub computation - JDK-8300042: Improve CPU related JFR events descriptions - JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument - JDK-8300823: UB: Compile::_phase_optimize_finished is initialized too late - JDK-8300939: sun/security/provider/certpath/OCSP/ /OCSPNoContentLength.java fails due to network errors - JDK-8301050: Detect Xen Virtualization on Linux aarch64 - JDK-8301119: Support for GB18030-2022 - JDK-8301123: Enable Symbol refcounting underflow checks in PRODUCT - JDK-8301190: [vectorapi] The typeChar of LaneType is incorrect when default locale is tr - JDK-8301216: ForkJoinPool invokeAll() ignores timeout - JDK-8301338: Identical branch conditions in CompileBroker::print_heapinfo - JDK-8301491: C2: java.lang.StringUTF16::indexOfChar intrinsic called with negative character argument - JDK-8301637: ThreadLocalRandom.current().doubles().parallel() contention - JDK-8301661: Enhance os::pd_print_cpu_info on macOS and Windows - JDK-8302151: BMPImageReader throws an exception reading BMP images - JDK-8302172: [JVMCI] HotSpotResolvedJavaMethodImpl.canBeInlined must respect ForceInline - JDK-8302320: AsyncGetCallTrace obtains too few frames in sanity test - JDK-8302491: NoClassDefFoundError omits the original cause of an error - JDK-8302508: Add timestamp to the output TraceCompilerThreads - JDK-8302594: use-after-free in Node::destruct - JDK-8302595: use-after-free related to GraphKit::clone_map - JDK-8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message - JDK-8302849: SurfaceManager might expose partially constructed object - JDK-8303069: Memory leak in CompilerOracle::parse_from_line - JDK-8303102: jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN - JDK-8303130: Document required Accessibility permissions on macOS - JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return - JDK-8303433: Bump update version for OpenJDK: jdk-17.0.8 - JDK-8303440: The 'ZonedDateTime.parse' may not accept the 'UTC+XX' zone id - JDK-8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates - JDK-8303476: Add the runtime version in the release file of a JDK image - JDK-8303482: Update LCMS to 2.15 - JDK-8303508: Vector.lane() gets wrong value on x86 - JDK-8303511: C2: assert(get_ctrl(n) == cle_out) during unrolling - JDK-8303564: C2: 'Bad graph detected in build_loop_late' after a CMove is wrongly split thru phi - JDK-8303575: adjust Xen handling on Linux aarch64 - JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return - JDK-8303588: [JVMCI] make JVMCI source directories conform with standard layout - JDK-8303809: Dispose context in SPNEGO NegotiatorImpl - JDK-8303822: gtestMain should give more helpful output - JDK-8303861: Error handling step timeouts should never be blocked by OnError and others - JDK-8303937: Corrupted heap dumps due to missing retries for os::write() - JDK-8303949: gcc10 warning Linux ppc64le - note: the layout of aggregates containing vectors with 8-byte alignment has changed in GCC 5 - JDK-8304054: Linux: NullPointerException from FontConfiguration.getVersion in case no fonts are installed - JDK-8304063: tools/jpackage/share/AppLauncherEnvTest.java fails when checking LD_LIBRARY_PATH - JDK-8304134: jib bootstrapper fails to quote filename when checking download filetype - JDK-8304291: [AIX] Broken build after JDK-8301998 - JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998 - JDK-8304350: Font.getStringBounds calculates wrong width for TextAttribute.TRACKING other than 0.0 - JDK-8304671: javac regression: Compilation with --release 8 fails on underscore in enum identifiers - JDK-8304683: Memory leak in WB_IsMethodCompatible - JDK-8304760: Add 2 Microsoft TLS roots - JDK-8304867: Explicitly disable dtrace for ppc builds - JDK-8304880: [PPC64] VerifyOops code in C1 doesn't work with ZGC - JDK-8305088: SIGSEGV in Method::is_method_handle_intrinsic - JDK-8305113: (tz) Update Timezone Data to 2023c - JDK-8305400: ISO 4217 Amendment 175 Update - JDK-8305403: Shenandoah evacuation workers may deadlock - JDK-8305481: gtest is_first_C_frame failing on ARM - JDK-8305690: [X86] Do not emit two REX prefixes in Assembler::prefix - JDK-8305711: Arm: C2 always enters slowpath for monitorexit - JDK-8305721: add `make compile-commands` artifacts to .gitignore - JDK-8305975: Add TWCA Global Root CA - JDK-8305993: Add handleSocketErrorWithMessage to extend nio Net.c exception message - JDK-8305994: Guarantee eventual async monitor deflation - JDK-8306072: Open source several AWT MouseInfo related tests - JDK-8306133: Open source few AWT Drag & Drop related tests - JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related tests - JDK-8306432: Open source several AWT Text Component related tests - JDK-8306466: Open source more AWT Drag & Drop related tests - JDK-8306489: Open source AWT List related tests - JDK-8306543: GHA: MSVC installation is failing - JDK-8306640: Open source several AWT TextArea related tests - JDK-8306652: Open source AWT MenuItem related tests - JDK-8306658: GHA: MSVC installation could be optional since it might already be pre-installed - JDK-8306664: GHA: Update MSVC version to latest stepping - JDK-8306681: Open source more AWT DnD related tests - JDK-8306683: Open source several clipboard and color AWT tests - JDK-8306752: Open source several container and component AWT tests - JDK-8306753: Open source several container AWT tests - JDK-8306755: Open source few Swing JComponent and AbstractButton tests - JDK-8306768: CodeCache Analytics reports wrong threshold - JDK-8306774: Make runtime/Monitor/ /GuaranteedAsyncDeflationIntervalTest.java more reliable - JDK-8306825: Monitor deflation might be accidentally disabled by zero intervals - JDK-8306850: Open source AWT Modal related tests - JDK-8306871: Open source more AWT Drag & Drop tests - JDK-8306883: Thread stacksize is reported with wrong units in os::create_thread logging - JDK-8306941: Open source several datatransfer and dnd AWT tests - JDK-8306943: Open source several dnd AWT tests - JDK-8306954: Open source five Focus related tests - JDK-8306955: Open source several JComboBox jtreg tests - JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep - JDK-8306996: Open source Swing MenuItem related tests - JDK-8307080: Open source some more JComboBox jtreg tests - JDK-8307128: Open source some drag and drop tests 4 - JDK-8307130: Open source few Swing JMenu tests - JDK-8307133: Open source some JTable jtreg tests - JDK-8307134: Add GTS root CAs - JDK-8307135: java/awt/dnd/NotReallySerializableTest/ /NotReallySerializableTest.java failed - JDK-8307331: Correctly update line maps when class redefine rewrites bytecodes - JDK-8307346: Add missing gc+phases logging for ObjectCount(AfterGC) JFR event collection code - JDK-8307347: serviceability/sa/ClhsdbDumpclass.java could leave files owned by root on macOS - JDK-8307378: Allow collectors to provide specific values for GC notifications' actions - JDK-8307381: Open Source JFrame, JIF related Swing Tests - JDK-8307425: Socket input stream read burns CPU cycles with back-to-back poll(0) calls - JDK-8307799: Newly added java/awt/dnd/MozillaDnDTest.java has invalid jtreg `@requires` clause - JDK-8308554: [17u] Fix commit of 8286191. vm.musl was not removed from ExternalEditorTest - JDK-8308880: [17u] micro bench ZoneStrings missed in backport of 8278434 - JDK-8308884: [17u/11u] Backout JDK-8297951 - JDK-8311467: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.8 |
|
|
java-17-openjdk-headless | HIGH | fixed |
Security update for java-17-openjdk Vulnerability ID: SUSE-SU-2023:4289-1 Installed Version: 17.0.7.0-150400.3.21.1 Fixed Version: 17.0.9.0-150400.3.33.1 This update for java-17-openjdk fixes the following issues: - Updated to JDK 17.0.9+9 (October 2023 CPU): - CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS (bsc#1216374). - CVE-2023-22025: Fixed a memory corruption issue in applications using AVX-512 (bsc#1216339). Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/17all-relnotes.html |
||
java-17-openjdk-headless | HIGH | fixed |
Security update for java-17-openjdk Vulnerability ID: SUSE-SU-2024:0325-1 Installed Version: 17.0.7.0-150400.3.21.1 Fixed Version: 17.0.10.0-150400.3.36.1 This update for java-17-openjdk fixes the following issues: Updated to version 17.0.10 (January 2024 CPU): - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check (bsc#1218907). - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier (bsc#1218903). - CVE-2024-20921: Fixed an incorrect optimization in the Hotspot JVM that could lead to corruption of JVM memory (bsc#1218905). - CVE-2024-20932: Fixed an incorrect handling of ZIP files with duplicate entries (bsc#1218908). - CVE-2024-20945: Fixed a potential private key leak through debug logs (bsc#1218909). - CVE-2024-20952: Fixed an RSA padding issue and timing side-channel attack against TLS (bsc#1218911). Find the full release notes at: https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029089.html |
||
java-17-openjdk-headless | HIGH | fixed |
Security update for java-17-openjdk Vulnerability ID: SUSE-SU-2024:2628-1 Installed Version: 17.0.7.0-150400.3.21.1 Fixed Version: 17.0.12.0-150400.3.45.1 This update for java-17-openjdk fixes the following issues: Updated to version 17.0.12+7 (July 2024 CPU): - CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). - CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). - CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). - CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). |