Protect yourself against future threats.
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2024.2608
Security update for java-11-openjdk
29 April 2024
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: java-11-openjdk
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2024-21085 CVE-2024-21011 CVE-2024-21068
CVE-2024-21094 CVE-2024-21012
Original Bulletin:
https://www.suse.com/support/update/announcement/2024/suse-su-20241452-1
Comment: CVSS (Max): 3.7 CVE-2024-21094 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
Security update for java-11-openjdk
Announcement ID: SUSE-SU-2024:1452-1
Rating: low
o bsc#1213470
o bsc#1222979
o bsc#1222983
References: o bsc#1222984
o bsc#1222986
o bsc#1222987
o CVE-2024-21011
o CVE-2024-21012
Cross-References: o CVE-2024-21068
o CVE-2024-21085
o CVE-2024-21094
o CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:N/A:L
o CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:L/A:N
o CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
CVSS scores: /S:U/C:N/I:L/A:N
o CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:N/A:L
o CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:L/A:N
Affected o SUSE Linux Enterprise High Performance Computing 12 SP5
Products: o SUSE Linux Enterprise Server 12 SP5
o SUSE Linux Enterprise Server for SAP Applications 12 SP5
An update that solves five vulnerabilities and has one security fix can now be
installed.
Description:
This update for java-11-openjdk fixes the following issues:
o CVE-2024-21011: Fixed denial of service due to long Exception message
logging (JDK-8319851,bsc#1222979)
o CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client
improper reverse DNS lookup (JDK-8315708,bsc#1222987)
o CVE-2024-21068: Fixed integer overflow in C1 compiler address generation
(JDK-8322122,bsc#1222983)
o CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory
allocation (JDK-8322114,bsc#1222984)
o CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation
failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#
1222986)
Other fixes: - Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU) *
Security fixes + JDK-8318340: Improve RSA key implementations * Other changes +
JDK-6928542: Chinese characters in RTF are not decoded + JDK-7132796: [macosx]
closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS +
JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup
does not appear. + JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking + JDK-8054572: [macosx] JComboBox paints the
border incorrectly + JDK-8058176: [mlvm] tests should not allow code cache
exhaustion + JDK-8067651: LevelTransitionTest.java, fix trivial methods levels
logic + JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005 intermittently
times out + JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments + JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting + JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java + JDK-8169475: WheelModifier.java fails by
timeout + JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh to
Java Jtreg Test + JDK-8186610: move ModuleUtils to top-level testlibrary +
JDK-8192864: defmeth tests can hide failures + JDK-8193543: Regression
automated test '/open/test/jdk/java/ /awt/TrayIcon/SystemTrayInstance/
SystemTrayInstanceTest.java' fails + JDK-8198668: MemoryPoolMBean/
isUsageThresholdExceeded/ /isexceeded001/TestDescription.java still failing +
JDK-8202282: [TESTBUG] appcds TestCommon .makeCommandLineForAppCDS() can be
removed + JDK-8202790: DnD test DisposeFrameOnDragTest.java does not clean up +
JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/ /
ChoicePopupLocation.java fails + JDK-8207211: [TESTBUG] Remove excessive output
from CDS/AppCDS tests + JDK-8207214: Broken links in JDK API serialized-form
page + JDK-8207855: Make applications/jcstress invoke tests in batches +
JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/ /TestDescription.java fails in
jdk/hs nightly + JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always detected +
JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails in AUFS file system
+ JDK-8208699: remove unneeded imports from runtime tests + JDK-8208704:
runtime/appcds/MultiReleaseJars.java timed out often in hs-tier7 testing +
JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option is not always
required for appcds tests + JDK-8209549: remove VMPropsExt from TEST.ROOT +
JDK-8209595: MonitorVmStartTerminate.java timed out + JDK-8209946: [TESTBUG]
CDS tests should use "@run driver" + JDK-8211438: [Testbug] runtime/
XCheckJniJsig/XCheckJSig.java looks for libjsig in wrong location +
JDK-8211978: Move testlibrary/jdk/testlibrary/ /SimpleSSLContext.java and
testkeys to network testlibrary + JDK-8213622: Windows VS2013 build failure -
"'snprintf': identifier not found" + JDK-8213926:
WB_EnqueueInitializerForCompilation requests compilation for NULL +
JDK-8213927: G1 ignores AlwaysPreTouch when UseTransparentHugePages is enabled
+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr modules +
JDK-8214915: CtwRunner misses export for jdk.internal.access + JDK-8216408:
XMLStreamWriter setDefaultNamespace(null) throws NullPointerException +
JDK-8217475: Unexpected StackOverflowError in "process reaper" thread +
JDK-8218754: JDK-8068225 regression in JDIBreakpointTest + JDK-8219475: javap
man page needs to be updated + JDK-8219585: [TESTBUG] sun/management/jmxremote/
bootstrap/ /JMXInterfaceBindingTest.java passes trivially when it shouldn't +
JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper .TestCaseImpl can't be
defined in different runtime package as its nest host + JDK-8225471: Test
utility jdk.test.lib.util.FileUtils .areAllMountPointsAccessible needs to
tolerate duplicates + JDK-8226706: (se) Reduce the number of outer loop
iterations on Windows in java/nio/channels/Selector/RacyDeregister.java +
JDK-8226905: unproblem list applications/ctw/modules/ tests on windows +
JDK-8226910: make it possible to use jtreg's -match via run-test framework +
JDK-8227438: [TESTLIB] Determine if file exists by Files.exists in function
FileUtils.deleteFileIfExistsWithRetry + JDK-8231585: java/lang/management/
ThreadMXBean/ /MaxDepthForThreadInfoTest.java fails with
java.lang.NullPointerException + JDK-8232839: JDI AfterThreadDeathTest.java
failed due to "FAILED: Did not get expected IllegalThreadStateException on a
StepRequest.enable()" + JDK-8233453: MLVM deoptimize stress test timed out +
JDK-8234309: LFGarbageCollectedTest.java fails with parse Exception +
JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/ /
AccessibleChoiceTest.java fails + JDK-8237777: "Dumping core ..." is shown
despite claiming that "# No core dump will be written." + JDK-8237834: com/sun/
jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read timeout +
JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel + JDK-8239801:
[macos] java/awt/Focus/UnaccessibleChoice/ /AccessibleChoiceTest.java fails +
JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001 failed due to "
(IsSameObject#3) unexpected monitor object: 0x000000562336DBA8" + JDK-8246222:
Rename javac test T6395981.java to be more informative + JDK-8247818: GCC 10
warning stringop-overflow with symbol code + JDK-8249087: Always initialize
_body[0..1] in Symbol constructor + JDK-8251349: Add TestCaseImpl to
OverloadCompileQueueTest.java's build dependencies + JDK-8251904: vmTestbase/
nsk/sysdict/vm/stress/btree/btree010/ /btree010.java fails with
ClassNotFoundException: nsk.sysdict.share.BTree0LLRLRLRRLR + JDK-8253543:
sanity/client/SwingSet/src/ /ButtonDemoScreenshotTest.java failed with
"AssertionError: All pixels are not black" + JDK-8253739: java/awt/image/
MultiResolutionImage/ /MultiResolutionImageObserverTest.java fails +
JDK-8253820: Save test images and dumps with timestamps from client sanity
suite + JDK-8255277: randomDelay in DrainDeadlockT and LoggingDeadlock do not
randomly delay + JDK-8255546: Missing coverage for
javax.smartcardio.CardPermission and ResponseAPDU + JDK-8255743: Relax SIGFPE
match in in runtime/ErrorHandling/SecondaryErrorTest.java + JDK-8257505: nsk/
share/test/StressOptions stressTime is scaled in getter but not when printed +
JDK-8259801: Enable XML Signature secure validation mode by default +
JDK-8264135: UnsafeGetStableArrayElement should account for different JIT
implementation details + JDK-8265349: vmTestbase/../stress/compiler/deoptimize/
/Test.java fails with OOME due to CodeCache exhaustion. + JDK-8269025: jsig/
Testjsig.java doesn't check exit code + JDK-8269077: TestSystemGC uses "require
vm.gc.G1" for large pages subtest + JDK-8271094: runtime/duplAttributes/
DuplAttributesTest.java doesn't check exit code + JDK-8271224: runtime/
EnclosingMethodAttr/EnclMethodAttr.java doesn't check exit code + JDK-8271828:
mark hotspot runtime/classFileParserBug tests which ignore external VM flags +
JDK-8271829: mark hotspot runtime/Throwable tests which ignore external VM
flags + JDK-8271890: mark hotspot runtime/Dictionary tests which ignore
external VM flags + JDK-8272291: mark hotspot runtime/logging tests which
ignore external VM flags + JDK-8272335: runtime/cds/appcds/MoveJDKTest.java
doesn't check exit codes + JDK-8272551: mark hotspot runtime/modules tests
which ignore external VM flags + JDK-8272552: mark hotspot runtime/cds tests
which ignore external VM flags + JDK-8273803: Zero: Handle "zero" variant in
CommandLineOptionTest.java + JDK-8274122: java/io/File/createTempFile/
SpecialTempFile.java fails in Windows 11 + JDK-8274621: NullPointerException
because listenAddress[0] is null + JDK-8276796: gc/TestSystemGC.java large
pages subtest fails with ZGC + JDK-8280007: Enable Neoverse N1 optimizations
for Arm Neoverse V1 & N2 + JDK-8281149: (fs) java/nio/file/FileStore/Basic.java
fails with java.lang.RuntimeException: values differ by more than 1GB +
JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/ /ThreadInfo/
Deadlock/JavaDeadlock001/TestDescription.java from problemlist. + JDK-8281717:
Cover logout method for several LoginModule + JDK-8282665: [REDO]
ByteBufferTest.java: replace endless recursion with RuntimeException in void ck
(double x, double y) + JDK-8284090: com/sun/security/auth/module/
AllPlatforms.java fails to compile + JDK-8285756: clean up use of bad arguments
for @clean in langtools tests + JDK-8285785: CheckCleanerBound test fails with
PasswordCallback object is not released + JDK-8285867: Convert applet manual
tests SelectionVisible.java to Frame and automate + JDK-8286846: test/jdk/javax
/swing/plaf/aqua/ /CustomComboBoxFocusTest.java fails on mac aarch64 +
JDK-8286969: Add a new test library API to execute kinit in SecurityTools.java
+ JDK-8287113: JFR: Periodic task thread uses period for method sampling events
+ JDK-8289511: Improve test coverage for XPath Axes: child + JDK-8289764: gc/
lock tests failed with "OutOfMemoryError: Java heap space: failed reallocation
of scalar replaced objects" + JDK-8289948: Improve test coverage for XPath
functions: Node Set Functions + JDK-8290399: [macos] Aqua LAF does not fire an
action event if combo box menu is displayed + JDK-8290909: MemoryPoolMBean/
isUsageThresholdExceeded tests failed with "isUsageThresholdExceeded() returned
false, and is still false, while threshold = MMMMMMM and used peak = NNNNNNN" +
JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup required permissions
for jtreg version 7 jar + JDK-8292946: GC lock/jni/jnilock001 test failed
"assert(gch->gc_cause() == GCCause::_scavenge_alot || !gch->
incremental_collection_failed()) failed: Twice in a row" + JDK-8293819: sun/
util/logging/PlatformLoggerTest.java failed with "RuntimeException: Retrieved
backing PlatformLogger level null is not the expected CONFIG" + JDK-8294158:
HTML formatting for PassFailJFrame instructions + JDK-8294254: [macOS] javax/
swing/plaf/aqua/ /CustomComboBoxFocusTest.java failure + JDK-8294402: Add
diagnostic logging to VMProps.checkDockerSupport + JDK-8294535: Add screen
capture functionality to PassFailJFrame + JDK-8296083: javax/swing/JTree/
6263446/bug6263446.java fails intermittently on a VM + JDK-8296384: [TESTBUG]
sun/security/provider/SecureRandom/ /AbstractDrbg/SpecTest.java intermittently
timeout + JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java failed:
ExceptionInInitializerError: target class not found + JDK-8300269: The selected
item in an editable JComboBox with titled border is not visible in Aqua LAF +
JDK-8300727: java/awt/List/ListGarbageCollectionTest/ /
AwtListGarbageCollectionTest.java failed with "List wasn't garbage collected" +
JDK-8301310: The SendRawSysexMessage test may cause a JVM crash + JDK-8301377:
adjust timeout for JLI GetObjectSizeIntrinsicsTest.java subtest again +
JDK-8301846: Invalid TargetDataLine after screen lock when using JFileChooser
or COM library + JDK-8302017: Allocate BadPaddingException only if it will be
thrown + JDK-8302109: Trivial fixes to btree tests + JDK-8302149: Speed up
compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java + JDK-8302607:
increase timeout for ContinuousCallSiteTargetChange.java + JDK-8304074: [JMX]
Add an approximation of total bytes allocated on the Java heap by the JVM +
JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373 + JDK-8304725:
AsyncGetCallTrace can cause SIGBUS on M1 + JDK-8305502: adjust timeouts in
three more M&M tests + JDK-8305505: NPE in javazic compiler + JDK-8305972:
Update XML Security for Java to 3.0.2 + JDK-8306072: Open source several AWT
MouseInfo related tests + JDK-8306076: Open source AWT misc tests +
JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related
tests + JDK-8306640: Open source several AWT TextArea related tests +
JDK-8306652: Open source AWT MenuItem related tests + JDK-8306681: Open source
more AWT DnD related tests + JDK-8306683: Open source several clipboard and
color AWT tests + JDK-8306752: Open source several container and component AWT
tests + JDK-8306753: Open source several container AWT tests + JDK-8306755:
Open source few Swing JComponent and AbstractButton tests + JDK-8306812: Open
source several AWT Miscellaneous tests + JDK-8306871: Open source more AWT Drag
& Drop tests + JDK-8306996: Open source Swing MenuItem related tests +
JDK-8307123: Fix deprecation warnings in DPrinter + JDK-8307130: Open source
few Swing JMenu tests + JDK-8307299: Move more DnD tests to open + JDK-8307311:
Timeouts on one macOS 12.6.1 host of two Swing JTableHeader tests +
JDK-8307381: Open Source JFrame, JIF related Swing Tests + JDK-8307683: Loop
Predication should not hoist range checks with trap on success projection by
negating their condition + JDK-8308043: Deadlock in TestCSLocker.java due to
blocking GC while allocating + JDK-8308116:
jdk.test.lib.compiler.InMemoryJavaCompiler .compile does not close files +
JDK-8308223: failure handler missed jcmd.vm.info command + JDK-8308232: nsk/jdb
tests don't pass -verbose flag to the debuggee + JDK-8308245: Add -proc:full to
describe current default annotation processing policy + JDK-8308336: Test java/
net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use + JDK-8309104: [JVMCI] compiler/
unsafe/ /UnsafeGetStableArrayElement test asserts wrong values with Graal +
JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton predicates for all
If nodes in loop predication + JDK-8309462: [AIX] vmTestbase/nsk/jvmti/
RunAgentThread/ /agentthr001/TestDescription.java crashing due to empty while
loop + JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when using
second test directory + JDK-8309870: Using -proc:full should be considered
requesting explicit annotation processing + JDK-8310106:
sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks
handshakeConsumers + JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails + JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001
/ /interrupt001.java timed out due to missing prompt + JDK-8310807: java/nio/
channels/DatagramChannel/Connect.java timed out + JDK-8311081:
KeytoolReaderP12Test.java fail on localized Windows platform + JDK-8311511:
Improve description of NativeLibrary JFR event + JDK-8311585: Add
JRadioButtonMenuItem to bug8031573.java + JDK-8313081: MonitoringSupport_lock
should be unconditionally initialized after 8304074 + JDK-8313082: Enable
CreateCoredumpOnCrash for testing in makefiles + JDK-8313164: src/java.desktop/
windows/native/libawt/windows/ /awt_Robot.cpp GetRGBPixels adjust releasing of
resources + JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground
release resources in early returns + JDK-8313643: Update HarfBuzz to 8.2.2 +
JDK-8313816: Accessing jmethodID might lead to spurious crashes + JDK-8314144:
gc/g1/ihop/TestIHOPStatic.java fails due to extra concurrent mark with -Xcomp +
JDK-8314164: java/net/HttpURLConnection/ /
HttpURLConnectionExpectContinueTest.java fails intermittently in timeout +
JDK-8314883: Java_java_util_prefs_FileSystemPreferences_lockFile0 write result
errno in missing case + JDK-8315034: File.mkdirs() occasionally fails to create
folders on Windows shared folder + JDK-8315042: NPE in PKCS7.parseOldSignedData
+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some cases +
JDK-8315499: build using devkit on Linux ppc64le RHEL puts path to devkit into
libsplashscreen + JDK-8315594: Open source few headless Swing misc tests +
JDK-8315600: Open source few more headless Swing misc tests + JDK-8315602: Open
source swing security manager test + JDK-8315606: Open source few swing text/
html tests + JDK-8315611: Open source swing text/html and tree test +
JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch +
JDK-8315731: Open source several Swing Text related tests + JDK-8315761: Open
source few swing JList and JMenuBar tests + JDK-8315986: [macos14] javax/swing/
JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to
determine its location + JDK-8316001: GC: Make TestArrayAllocatorMallocLimit
use createTestJvm + JDK-8316028: Update FreeType to 2.13.2 + JDK-8316030:
Update Libpng to 1.6.40 + JDK-8316106: Open source few swing JInternalFrame and
JMenuBar tests + JDK-8316461: Fix: make test outputs TEST SUCCESS after
unsuccessful exit + JDK-8316947: Write a test to check textArea triggers
MouseEntered/MouseExited events properly + JDK-8317307: test/jdk/com/sun/jndi/
ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed
out: no further information + JDK-8317327: Remove JT_JAVA dead code in
jib-profiles.js + JDK-8318154: Improve stability of WheelModifier.java test +
JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh
fails on Japanese Windows + JDK-8318468: compiler/tiered/
LevelTransitionTest.java fails with -XX:CompileThreshold=100
-XX:TieredStopAtLevel=1 + JDK-8318603: Parallelize sun/java2d/marlin/
ClipShapeTest.java + JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/
jni tests + JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads
tests + JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with "transport
error 202: bind failed: Address already in use" + JDK-8318889: C2: add bailout
after assert Bad graph detected in build_loop_late + JDK-8318951: Additional
negative value check in JPEG decoding + JDK-8318955: Add
ReleaseIntArrayElements in Java_sun_awt_X11_XlibWrapper_SetBitmapShape
XlbWrapper.c to early return + JDK-8318971: Better Error Handling for Jar Tool
When Processing Non-existent Files + JDK-8318983: Fix comment typo in
PKCS12Passwd.java + JDK-8319124: Update XML Security for Java to 3.0.3 +
JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|
Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes +
JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh + JDK-8320001:
javac crashes while adding type annotations to the return type of a constructor
+ JDK-8320208: Update Public Suffix List to b5bf572 + JDK-8320363: ppc64
TypeEntries::type_unknown logic looks wrong, missed optimization opportunity +
JDK-8320597: RSA signature verification fails on signed data that does not
encode params correctly + JDK-8320798: Console read line with zero out should
zero out underlying buffer + JDK-8320884: Bump update version for OpenJDK:
jdk-11.0.23 + JDK-8320937: support latest VS2022 MSC_VER in
abstract_vm_version.cpp + JDK-8321151: JDK-8294427 breaks Windows L&F on all
older Windows versions + JDK-8321215: Incorrect x86 instruction encoding for
VSIB addressing mode + JDK-8321408: Add Certainly roots R1 and E1 +
JDK-8321480: ISO 4217 Amendment 176 Update + JDK-8322178: Error. can't find
jdk.testlibrary .SimpleSSLContext in test directory or libraries + JDK-8322417:
Console read line with zero out should zero out when throwing exception +
JDK-8322725: (tz) Update Timezone Data to 2023d + JDK-8322750: Test "api/
java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is
added outside of the system tray + JDK-8322752: [11u]
GetStackTraceAndRetransformTest.java is failing assert + JDK-8322772: Clean up
code after JDK-8322417 + JDK-8323008: filter out harmful -std flags added by
autoconf from CXX + JDK-8323243: JNI invocation of an abstract instance method
corrupts the stack + JDK-8323515: Create test alias "all" for all test roots +
JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/
TestDockerMemoryMetrics.java always fail because OOM killed + JDK-8324184:
Windows VS2010 build failed with "error C2275: 'int64_t'" + JDK-8324307: [11u]
hotspot fails to build with GCC 12 and newer (non-static data member
initializers) + JDK-8324347: Enable "maybe-uninitialized" warning for FreeType
2.13.1 + JDK-8324659: GHA: Generic jtreg errors are not reported + JDK-8325096:
Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is
failing + JDK-8325150: (tz) Update Timezone Data to 2024a + JDK-8326109: GCC 13
reports maybe-uninitialized warnings for jni.cpp with dtrace enabled +
JDK-8326503: [11u] java/net/HttpURLConnection/ /
HttpURLConnectionExpectContinueTest.java fail because of package
org.junit.jupiter.api does not exist + JDK-8327391: Add SipHash attribution
file + JDK-8329837: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for
release 11.0.23
o Removed the possibility to use the system timezone-java (bsc#1213470).
Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1
o SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1
o SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1
Package List:
o SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
java-11-openjdk-debuginfo-11.0.23.0-3.75.1
java-11-openjdk-devel-11.0.23.0-3.75.1
java-11-openjdk-debugsource-11.0.23.0-3.75.1
java-11-openjdk-demo-11.0.23.0-3.75.1
java-11-openjdk-11.0.23.0-3.75.1
java-11-openjdk-headless-11.0.23.0-3.75.1
o SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
java-11-openjdk-debuginfo-11.0.23.0-3.75.1
java-11-openjdk-devel-11.0.23.0-3.75.1
java-11-openjdk-debugsource-11.0.23.0-3.75.1
java-11-openjdk-demo-11.0.23.0-3.75.1
java-11-openjdk-11.0.23.0-3.75.1
java-11-openjdk-headless-11.0.23.0-3.75.1
o SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
java-11-openjdk-debuginfo-11.0.23.0-3.75.1
java-11-openjdk-devel-11.0.23.0-3.75.1
java-11-openjdk-debugsource-11.0.23.0-3.75.1
java-11-openjdk-demo-11.0.23.0-3.75.1
java-11-openjdk-11.0.23.0-3.75.1
java-11-openjdk-headless-11.0.23.0-3.75.1
References:
o https://www.suse.com/security/cve/CVE-2024-21011.html
o https://www.suse.com/security/cve/CVE-2024-21012.html
o https://www.suse.com/security/cve/CVE-2024-21068.html
o https://www.suse.com/security/cve/CVE-2024-21085.html
o https://www.suse.com/security/cve/CVE-2024-21094.html
o https://bugzilla.suse.com/show_bug.cgi?id=1213470
o https://bugzilla.suse.com/show_bug.cgi?id=1222979
o https://bugzilla.suse.com/show_bug.cgi?id=1222983
o https://bugzilla.suse.com/show_bug.cgi?id=1222984
o https://bugzilla.suse.com/show_bug.cgi?id=1222986
o https://bugzilla.suse.com/show_bug.cgi?id=1222987
- --------------------------END INCLUDED TEXT----------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================