openSUSE-SU-2025:20123-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:20123-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2025:20123-1
- Upstream
- Related
- Published
- 2025-11-28T09:35:08Z
- Modified
- 2026-03-23T04:54:17.714972Z
- Summary
- Security update for java-21-openjdk
- Details
-
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.9+10 (October 2025 CPU):
- CVE-2025-53066: Fixed enhance path factories (bsc#1252417).
- CVE-2025-61748: Fixed enhance string handling (bsc#1252418).
- CVE-2025-53057: Fixed enhance certificate handling (bsc#1252414).
Other bug fixes:
- Do not embed rebuild counter (bsc#1246806)
- References
Affected packages
openSUSE:Leap 16.0 / java-21-openjdk
Package
- Name
- java-21-openjdk
- Purl
- pkg:rpm/opensuse/java-21-openjdk&distro=openSUSE%20Leap%2016.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed21.0.9.0-160000.1.1
Ecosystem specific
{
"binaries": [
{
"java-21-openjdk": "21.0.9.0-160000.1.1",
"java-21-openjdk-jmods": "21.0.9.0-160000.1.1",
"java-21-openjdk-demo": "21.0.9.0-160000.1.1",
"java-21-openjdk-src": "21.0.9.0-160000.1.1",
"java-21-openjdk-javadoc": "21.0.9.0-160000.1.1",
"java-21-openjdk-devel": "21.0.9.0-160000.1.1",
"java-21-openjdk-headless": "21.0.9.0-160000.1.1"
}
]
}