{"affected":[{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Legacy 15 SP6","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk-javadoc":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP4-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP4","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.3","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Manager%20Proxy%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.3","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Manager%20Server%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"java-11-openjdk","purl":"pkg:rpm/suse/java-11-openjdk&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"java-11-openjdk":"11.0.26.0-150000.3.122.1","java-11-openjdk-demo":"11.0.26.0-150000.3.122.1","java-11-openjdk-devel":"11.0.26.0-150000.3.122.1","java-11-openjdk-headless":"11.0.26.0-150000.3.122.1","java-11-openjdk-javadoc":"11.0.26.0-150000.3.122.1","java-11-openjdk-jmods":"11.0.26.0-150000.3.122.1","java-11-openjdk-src":"11.0.26.0-150000.3.122.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"java-11-openjdk","purl":"pkg:rpm/opensuse/java-11-openjdk&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.0.26.0-150000.3.122.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for java-11-openjdk fixes the following issues:\n\nUpgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU)\n\nSecurity fixes:\n\n- CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)\n\nOther changes:\n\n- JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts\n- JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java fails on linux-x64\n- JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only\n- JDK-8247706: Unintentional use of new Date(year...) with absolute year\n- JDK-8299254: Support dealing with standard assert macro\n- JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test\n- JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test\n- JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak\n- JDK-8328300: Convert PrintDialogsTest.java from Applet to main program\n- JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main\n- JDK-8334332: TestIOException.java fails if run by root\n- JDK-8335428: Enhanced Building of Processes\n- JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings\n- JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files\n- JDK-8336564: Enhance mask blit functionality redux\n- JDK-8338402: GHA: some of bundles may not get removed\n- JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26\n- JDK-8339180: Enhanced Building of Processes: Follow-on Issue\n- JDK-8339470: [17u] More defensive fix for 8163921\n- JDK-8339637: (tz) Update Timezone Data to 2024b\n- JDK-8339644: Improve parsing of Day/Month in tzdata rules\n- JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files\n- JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names\n- JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1\n- JDK-8340815: Add SECURITY.md file\n- JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compile fails\n- JDK-8342629: [11u] Properly message out that shenandoah is disabled\n- JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.26\n\n","id":"SUSE-SU-2025:0338-1","modified":"2025-02-03T15:12:44Z","published":"2025-02-03T15:12:44Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250338-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236278"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21502"}],"related":["CVE-2025-21502"],"summary":"Security update for java-11-openjdk","upstream":["CVE-2025-21502"]}