Security update for java-25-openjdk SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:20143-1 Final 1 1 2026-01-30T15:55:47Z current 2026-01-30T15:55:47Z 2026-01-30T15:55:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-25-openjdk This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.2+10 (January 2026 CPU) Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). - CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). - CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: - Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15221). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Leap-16.0-228 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1257034 SUSE Bug 1257034 https://bugzilla.suse.com/1257036 SUSE Bug 1257036 https://bugzilla.suse.com/1257037 SUSE Bug 1257037 https://bugzilla.suse.com/1257038 SUSE Bug 1257038 https://www.suse.com/security/cve/CVE-2026-21925/ SUSE CVE CVE-2026-21925 page https://www.suse.com/security/cve/CVE-2026-21932/ SUSE CVE CVE-2026-21932 page https://www.suse.com/security/cve/CVE-2026-21933/ SUSE CVE CVE-2026-21933 page https://www.suse.com/security/cve/CVE-2026-21945/ SUSE CVE CVE-2026-21945 page openSUSE Leap 16.0 java-25-openjdk-25.0.2.0-160000.1.1 java-25-openjdk-demo-25.0.2.0-160000.1.1 java-25-openjdk-devel-25.0.2.0-160000.1.1 java-25-openjdk-headless-25.0.2.0-160000.1.1 java-25-openjdk-javadoc-25.0.2.0-160000.1.1 java-25-openjdk-jmods-25.0.2.0-160000.1.1 java-25-openjdk-src-25.0.2.0-160000.1.1 java-25-openjdk-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-demo-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-devel-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-headless-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-javadoc-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-jmods-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 java-25-openjdk-src-25.0.2.0-160000.1.1 as a component of openSUSE Leap 16.0 unknown CVE-2026-21925 openSUSE Leap 16.0:java-25-openjdk-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-demo-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-devel-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-headless-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-javadoc-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-jmods-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-src-25.0.2.0-160000.1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-21925.html CVE-2026-21925 https://bugzilla.suse.com/1257034 SUSE Bug 1257034 unknown CVE-2026-21932 openSUSE Leap 16.0:java-25-openjdk-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-demo-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-devel-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-headless-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-javadoc-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-jmods-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-src-25.0.2.0-160000.1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-21932.html CVE-2026-21932 https://bugzilla.suse.com/1257036 SUSE Bug 1257036 unknown CVE-2026-21933 openSUSE Leap 16.0:java-25-openjdk-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-demo-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-devel-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-headless-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-javadoc-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-jmods-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-src-25.0.2.0-160000.1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-21933.html CVE-2026-21933 https://bugzilla.suse.com/1257037 SUSE Bug 1257037 unknown CVE-2026-21945 openSUSE Leap 16.0:java-25-openjdk-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-demo-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-devel-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-headless-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-javadoc-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-jmods-25.0.2.0-160000.1.1 openSUSE Leap 16.0:java-25-openjdk-src-25.0.2.0-160000.1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-21945.html CVE-2026-21945 https://bugzilla.suse.com/1257038 SUSE Bug 1257038