Overview

File _patchinfo of Package patchinfo.41279

<patchinfo incident="41279">
  <issue tracker="cve" id="2025-53066"/>
  <issue tracker="cve" id="2025-53057"/>
  <issue tracker="bnc" id="1252414">VUL-0: CVE-2025-53057: java-17-openjdk, java-21-openjdk: unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data</issue>
  <issue tracker="bnc" id="1246806">trackerbug: packages embed rebuild-counter</issue>
  <issue tracker="bnc" id="1252417">VUL-0: CVE-2025-53066: java-17-openjdk, java-21-openjdk: unauthenticated attacker can achive unauthorized access to critical data or complete access</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-11-openjdk</summary>
  <description>This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.29+7 (October 2025 CPU):

- CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data (bsc#1252414).
- CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized access to critical data or complete access (bsc#1252417).

Other bug fixes:

- Do not embed rebuild counter (bsc#1246806)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places