Security update for java-1_8_0-openjdk SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:2786-1 Final 1 1 2024-08-06T13:00:18Z current 2024-08-06T13:00:18Z 2024-08-06T13:00:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-1_8_0-openjdk This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u422 (icedtea-3.32.0): * Security fixes + JDK-8314794, CVE-2024-21131, bsc#1228046: Improve UTF8 String supports + JDK-8319859, CVE-2024-21138, bsc#1228047: Better symbol storage + JDK-8320097: Improve Image transformations + JDK-8320548, CVE-2024-21140, bsc#1228048: Improved loop handling + JDK-8322106, CVE-2024-21144, bsc#1228050: Enhance Pack 200 loading + JDK-8323231, CVE-2024-21147, bsc#1228052: Improve array management + JDK-8323390: Enhance mask blit functionality + JDK-8324559, CVE-2024-21145, bsc#1228051: Improve 2D image handling + JDK-8325600: Better symbol storage * Import of OpenJDK 8 u422 build 05 + JDK-8025439: [TEST BUG] [macosx] PrintServiceLookup.lookupPrintServices doesn't work properly since jdk8b105 + JDK-8069389: CompilerOracle prefix wildcarding is broken for long strings + JDK-8159454: [TEST_BUG] javax/swing/ToolTipManager/7123767/ /bug7123767.java: number of checked graphics configurations should be limited + JDK-8198321: javax/swing/JEditorPane/5076514/bug5076514.java fails + JDK-8203691: [TESTBUG] Test /runtime/containers/cgroup/PlainRead.java fails + JDK-8205407: [windows, vs<2017] C4800 after 8203197 + JDK-8235834: IBM-943 charset encoder needs updating + JDK-8239965: XMLEncoder/Test4625418.java fails due to 'Error: Cp943 - can't read properly' + JDK-8240756: [macos] SwingSet2:TableDemo:Printed Japanese characters were garbled + JDK-8256152: tests fail because of ambiguous method resolution + JDK-8258855: Two tests sun/security/krb5/auto/ /ReplayCacheTestProc.java and ReplayCacheTestProcWithMD5.java failed on OL8.3 + JDK-8262017: C2: assert(n != __null) failed: Bad immediate dominator info. + JDK-8268916: Tests for AffirmTrust roots + JDK-8278067: Make HttpURLConnection default keep alive timeout configurable + JDK-8291226: Create Test Cases to cover scenarios for JDK-8278067 + JDK-8291637: HttpClient default keep alive timeout not followed if server sends invalid value + JDK-8291638: Keep-Alive timeout of 0 should close connection immediately + JDK-8293562: KeepAliveCache Blocks Threads while Closing Connections + JDK-8303466: C2: failed: malformed control flow. Limit type made precise with MaxL/MinL + JDK-8304074: [JMX] Add an approximation of total bytes allocated on the Java heap by the JVM + JDK-8313081: MonitoringSupport_lock should be unconditionally initialized after 8304074 + JDK-8315020: The macro definition for LoongArch64 zero build is not accurate. + JDK-8316138: Add GlobalSign 2 TLS root certificates + JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows + JDK-8320005: Allow loading of shared objects with .a extension on AIX + JDK-8324185: [8u] Accept Xcode 12+ builds on macOS + JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing + JDK-8325927: [8u] Backport of JDK-8170552 missed part of the test + JDK-8326686: Bump update version of OpenJDK: 8u422 + JDK-8327440: Fix 'bad source file' error during beaninfo generation + JDK-8328809: [8u] Problem list some CA tests + JDK-8328825: Google CAInterop test failures + JDK-8329544: [8u] sun/security/krb5/auto/ /ReplayCacheTestProc.java cannot find the testlibrary + JDK-8331791: [8u] AIX build break from JDK-8320005 backport + JDK-8331980: [8u] Problem list CAInterop.java#certignarootca test + JDK-8335552: [8u] JDK-8303466 backport to 8u requires 3 ::Identity signature fixes * Bug fixes + JDK-8331730: [8u] GHA: update sysroot for cross builds to Debian bullseye + JDK-8333669: [8u] GHA: Dead VS2010 download link + JDK-8318039: GHA: Bump macOS and Xcode versions The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container containers/apache-tomcat:9-openjdk8-2024-2786,Image tomcat_15_6-2024-2786,SUSE-2024-2786,SUSE-SLE-Module-Legacy-15-SP5-2024-2786,SUSE-SLE-Module-Legacy-15-SP6-2024-2786,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2786,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2786,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2786,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2786,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2786,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2786,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2786,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2786,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2786,SUSE-Storage-7.1-2024-2786,openSUSE-SLE-15.5-2024-2786,openSUSE-SLE-15.6-2024-2786 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ Link for SUSE-SU-2024:2786-1 https://lists.suse.com/pipermail/sle-updates/2024-August/036650.html E-Mail link for SUSE-SU-2024:2786-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1228046 SUSE Bug 1228046 https://bugzilla.suse.com/1228047 SUSE Bug 1228047 https://bugzilla.suse.com/1228048 SUSE Bug 1228048 https://bugzilla.suse.com/1228050 SUSE Bug 1228050 https://bugzilla.suse.com/1228051 SUSE Bug 1228051 https://bugzilla.suse.com/1228052 SUSE Bug 1228052 https://www.suse.com/security/cve/CVE-2024-21131/ SUSE CVE CVE-2024-21131 page https://www.suse.com/security/cve/CVE-2024-21138/ SUSE CVE CVE-2024-21138 page https://www.suse.com/security/cve/CVE-2024-21140/ SUSE CVE CVE-2024-21140 page https://www.suse.com/security/cve/CVE-2024-21144/ SUSE CVE CVE-2024-21144 page https://www.suse.com/security/cve/CVE-2024-21145/ SUSE CVE CVE-2024-21145 page https://www.suse.com/security/cve/CVE-2024-21147/ SUSE CVE CVE-2024-21147 page Container containers/apache-tomcat:9-openjdk8 Image tomcat_15_6 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Module for Legacy 15 SP5 SUSE Linux Enterprise Module for Legacy 15 SP6 SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 openSUSE Leap 15.5 openSUSE Leap 15.6 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of Container containers/apache-tomcat:9-openjdk8 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of Container containers/apache-tomcat:9-openjdk8 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of Image tomcat_15_6 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of Image tomcat_15_6 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Enterprise Storage 7.1 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Enterprise Storage 7.1 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Enterprise Storage 7.1 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Enterprise Storage 7.1 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP5 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP5 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP5 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP5 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP6 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP6 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP6 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP6 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.5 java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 as a component of openSUSE Leap 15.6 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2024-21131 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21131.html CVE-2024-21131 https://bugzilla.suse.com/1228046 SUSE Bug 1228046 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2024-21138 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21138.html CVE-2024-21138 https://bugzilla.suse.com/1228047 SUSE Bug 1228047 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2024-21140 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21140.html CVE-2024-21140 https://bugzilla.suse.com/1228048 SUSE Bug 1228048 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2024-21144 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21144.html CVE-2024-21144 https://bugzilla.suse.com/1228050 SUSE Bug 1228050 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2024-21145 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21145.html CVE-2024-21145 https://bugzilla.suse.com/1228051 SUSE Bug 1228051 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). CVE-2024-21147 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Container containers/apache-tomcat:9-openjdk8:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 Image tomcat_15_6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Enterprise Storage 7.1:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Module for Legacy 15 SP6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server 15 SP4-LTSS:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.5:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-accessibility-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-demo-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-devel-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-headless-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-javadoc-1.8.0.422-150000.3.97.1 openSUSE Leap 15.6:java-1_8_0-openjdk-src-1.8.0.422-150000.3.97.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242786-1/ https://www.suse.com/security/cve/CVE-2024-21147.html CVE-2024-21147 https://bugzilla.suse.com/1228052 SUSE Bug 1228052