Security update for java-21-openjdk SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0363-1 Final 1 1 2026-02-03T09:39:18Z current 2026-02-03T09:39:18Z 2026-02-03T09:39:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-21-openjdk This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.10+7 (January 2026 CPU) Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034). - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036). - CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037). - CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038). Other fixes: - Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15217). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-363,SUSE-SLE-Module-Basesystem-15-SP7-2026-363,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-363,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-363,openSUSE-SLE-15.6-2026-363 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260363-1/ Link for SUSE-SU-2026:0363-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024035.html E-Mail link for SUSE-SU-2026:0363-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1257034 SUSE Bug 1257034 https://bugzilla.suse.com/1257036 SUSE Bug 1257036 https://bugzilla.suse.com/1257037 SUSE Bug 1257037 https://bugzilla.suse.com/1257038 SUSE Bug 1257038 https://www.suse.com/security/cve/CVE-2026-21925/ SUSE CVE CVE-2026-21925 page https://www.suse.com/security/cve/CVE-2026-21932/ SUSE CVE CVE-2026-21932 page https://www.suse.com/security/cve/CVE-2026-21933/ SUSE CVE CVE-2026-21933 page https://www.suse.com/security/cve/CVE-2026-21945/ SUSE CVE CVE-2026-21945 page SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 15 SP6-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP6 openSUSE Leap 15.6 java-21-openjdk-21.0.10.0-150600.3.23.1 java-21-openjdk-demo-21.0.10.0-150600.3.23.1 java-21-openjdk-devel-21.0.10.0-150600.3.23.1 java-21-openjdk-headless-21.0.10.0-150600.3.23.1 java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 java-21-openjdk-src-21.0.10.0-150600.3.23.1 java-21-openjdk-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 java-21-openjdk-demo-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 java-21-openjdk-devel-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 java-21-openjdk-headless-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 java-21-openjdk-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS java-21-openjdk-demo-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS java-21-openjdk-devel-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS java-21-openjdk-headless-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS java-21-openjdk-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 java-21-openjdk-demo-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 java-21-openjdk-devel-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 java-21-openjdk-headless-21.0.10.0-150600.3.23.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP6 java-21-openjdk-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-demo-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-devel-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-headless-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 java-21-openjdk-src-21.0.10.0-150600.3.23.1 as a component of openSUSE Leap 15.6 unknown CVE-2026-21925 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-src-21.0.10.0-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260363-1/ https://www.suse.com/security/cve/CVE-2026-21925.html CVE-2026-21925 https://bugzilla.suse.com/1257034 SUSE Bug 1257034 unknown CVE-2026-21932 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-src-21.0.10.0-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260363-1/ https://www.suse.com/security/cve/CVE-2026-21932.html CVE-2026-21932 https://bugzilla.suse.com/1257036 SUSE Bug 1257036 unknown CVE-2026-21933 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-src-21.0.10.0-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260363-1/ https://www.suse.com/security/cve/CVE-2026-21933.html CVE-2026-21933 https://bugzilla.suse.com/1257037 SUSE Bug 1257037 unknown CVE-2026-21945 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server 15 SP6-LTSS:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 SUSE Linux Enterprise Server for SAP Applications 15 SP6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-demo-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-devel-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-headless-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-javadoc-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-jmods-21.0.10.0-150600.3.23.1 openSUSE Leap 15.6:java-21-openjdk-src-21.0.10.0-150600.3.23.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260363-1/ https://www.suse.com/security/cve/CVE-2026-21945.html CVE-2026-21945 https://bugzilla.suse.com/1257038 SUSE Bug 1257038