File _patchinfo of Package patchinfo.38419
<patchinfo incident="38419">
<issue tracker="cve" id="2025-30698"/>
<issue tracker="cve" id="2025-21587"/>
<issue tracker="cve" id="2025-30691"/>
<issue tracker="bnc" id="1241275">VUL-0: CVE-2025-30691: java-21-openjdk: openjdk: Oracle Java SE Compiler Unauthorized Data Access</issue>
<issue tracker="bnc" id="1241276">VUL-0: CVE-2025-30698: java-11-openjdk,java-17-openjdk,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk: openjdk: Oracle Java 2D unauthorized data access and DoS</issue>
<issue tracker="bnc" id="1241274">VUL-0: CVE-2025-21587: java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk: openjdk: JSSE unauthorized access, deletion or modification of critical data</issue>
<packager>fstrba</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for java-11-openjdk</summary>
<description>This update for java-11-openjdk fixes the following issues:
Upgrade to upstream tag jdk-11.0.27+6 (April 2025 CPU)
CVEs:
+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)
Changes:
+ JDK-8195675: Call to insertText with single character
from custom Input Method ignored
+ JDK-8202926: Test java/awt/Focus/
/WindowUpdateFocusabilityTest/
/WindowUpdateFocusabilityTest.html fails
+ JDK-8216539: tools/jar/modularJar/Basic.java timed out
+ JDK-8268364: jmethod clearing should be done during
unloading
+ JDK-8273914: Indy string concat changes order of
operations
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8306408: Fix the format of several tables in
building.md
+ JDK-8309841: Jarsigner should print a warning if an entry
is removed
+ JDK-8312049: runtime/logging/ClassLoadUnloadTest can be
improved
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with "OutOfMemoryError: GC overhead limit exceeded"
+ JDK-8327650: Test java/nio/channels/DatagramChannel/
/StressNativeSignal.java timed out
+ JDK-8328242: Add a log area to the PassFailJFrame
+ JDK-8331863: DUIterator_Fast used before it is constructed
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337692: Better TLS connection support
+ JDK-8338430: Improve compiler transformations
+ JDK-8339560: Unaddressed comments during code review of
JDK-8337664
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339931: Update problem list for
WindowUpdateFocusabilityTest.java
+ JDK-8340387: Update OS detection code to recognize
Windows Server 2025
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343474: [updates] Customize README.md to specifics
of update project
+ JDK-8343599: Kmem limit and max values swapped when
printing container information
+ JDK-8343786: [11u] GHA: Bump macOS and Xcode versions to
macos-13 and XCode 14.3.1
+ JDK-8344589: Update IANA Language Subtag Registry to
Version 2024-11-19
+ JDK-8345509: Bump update version of OpenJDK: 11.0.27
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347847: Enhance jar file support
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8354087: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.27
</description>
</patchinfo>
