Overview

File _patchinfo of Package patchinfo.39178

<patchinfo incident="39178">
  <issue tracker="cve" id="2025-4447"/>
  <issue tracker="cve" id="2025-30691"/>
  <issue tracker="cve" id="2025-30698"/>
  <issue tracker="cve" id="2025-21587"/>
  <issue tracker="bnc" id="1235844">[Build 20250108-SELinux] java-*-openj9: openQA test fails in java because it requests execstack permission, which is not needed</issue>
  <issue tracker="bnc" id="1243429">VUL-0: CVE-2025-4447: java-1.8.0-ibm: Buffer Overflow in Eclipse OpenJ9</issue>
  <issue tracker="bnc" id="1241276">VUL-0: CVE-2025-30698: java-11-openjdk,java-17-openjdk,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk: openjdk: Oracle Java 2D unauthorized data access and DoS</issue>
  <issue tracker="bnc" id="1241275">VUL-0: CVE-2025-30691: java-21-openjdk: openjdk: Oracle Java SE Compiler Unauthorized Data Access</issue>
  <issue tracker="bnc" id="1241274">VUL-0: CVE-2025-21587: java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk: openjdk: JSSE unauthorized access, deletion or modification of critical data</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-openj9</summary>
  <description>This update for java-1_8_0-openj9 fixes the following issues:

- CVE-2025-4447: Fixed buffer overflow in Eclipse OpenJ9 (bsc#1243429).
- CVE-2025-30698: Fixed 2D unauthorized data access and DoS (bsc#1241276).
- CVE-2025-30691: Fixed Compiler Unauthorized Data Access (bsc#1241275).
- CVE-2025-21587: Fixed unauthorized access, deletion or modification of critical data (bsc#1241274).

Other bugfixes:

- Fixed wrong execstack flag in libj9jit (bsc#1235844)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places