Overview

File _patchinfo of Package patchinfo.37552

<patchinfo incident="37552">
  <issue tracker="bnc" id="1236278">VUL-0: CVE-2025-21502: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: JDK: Enhance array handling (Oracle CPU 2025-01)</issue>
  <issue tracker="bnc" id="1233296">VUL-0: CVE-2024-10917: java-1_8_0-openj9,java-11-openj9,java-17-openj9,java-21-openj9: JNI function GetStringUTFLength may return an incorrect value when processing modified UTF-8 string representations</issue>
  <issue tracker="bnc" id="1236470">VUL-0: java-1_8_0-ibm: Oracle January 21 2025 CPU</issue>
  <issue tracker="cve" id="2024-10917"/>
  <issue tracker="cve" id="2025-21502"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for java-1_8_0-ibm</summary>
  <description>This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 40 (bsc#1236470):

- CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write access to data through the Hotspot
  component API (bsc#1236278).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places