SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3996

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3996

Security update for java-11-openjdk

Type: security

Severity: important

Issued: 2025-11-07

Description:

This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.29+7 (October 2025 CPU):

- CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data (bsc#1252414).
- CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized access to critical data or complete access (bsc#1252417).

Other bug fixes:

- Do not embed rebuild counter (bsc#1246806)

References

CVE: CVE-2025-53066
CVE: CVE-2025-53057
Bugzilla: 1252417 VUL-0: CVE-2025-53066: java-17-openjdk, java-21-openjdk: unauthenticated attacker can achive unauthorized access to critical data or complete access
Bugzilla: 1252414 VUL-0: CVE-2025-53057: java-17-openjdk, java-21-openjdk: unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data
Bugzilla: 1246806 trackerbug: packages embed rebuild-counter

Packages

java-11-openjdk-11.0.29.0-150000.3.132.2