Security updates have been issued for various packages, including the Linux Kernel and Java. The most critical updates are for the Linux Kernel with live patches 13 and 5 for SLE 15 SP6, which address important security vulnerabilities. Other notable updates include fixes for ImageMagick, gpg2, Erlang, and multiple versions of OpenJDK Java software.

SUSE-SU-2025:3983-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)
SUSE-SU-2025:3985-1: moderate: Security update for ImageMagick
SUSE-SU-2025:3986-1: low: Security update for gpg2
SUSE-SU-2025:4000-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
openSUSE-SU-2025:15706-1: moderate: erlang-28.1.1-1.1 on GA media
SUSE-SU-2025:3996-1: important: Security update for java-11-openjdk
SUSE-SU-2025:3997-1: important: Security update for java-17-openjdk

SUSE-SU-2025:3983-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

# Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:3983-1
Release Date: 2025-11-06T21:33:47Z
Rating: important
References:

* bsc#1248631
* bsc#1249207
* bsc#1249208

Cross-References:

* CVE-2025-38617
* CVE-2025-38618
* CVE-2025-38664

CVSS scores:

* CVE-2025-38617 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38617 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38618 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38618 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38664 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_60 fixes several issues.

The following security issues were fixed:

* CVE-2025-38664: ice: Fix a null pointer dereference in
ice_copy_and_init_pkg() (bsc#1248631).
* CVE-2025-38617: net/packet: fix a race in packet_set_ring() and
packet_notifier() (bsc#1249208).
* CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY
(bsc#1249207).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-3984=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-3983=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-3983=1 SUSE-2025-3984=1

## Package List:

* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_13-debugsource-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-8-150600.2.1
* kernel-livepatch-6_4_0-150600_23_60-default-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_50-default-8-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_11-debugsource-8-150600.2.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_13-debugsource-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-8-150600.2.1
* kernel-livepatch-6_4_0-150600_23_60-default-7-150600.4.1
* kernel-livepatch-6_4_0-150600_23_50-default-8-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_11-debugsource-8-150600.2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-38617.html
* https://www.suse.com/security/cve/CVE-2025-38618.html
* https://www.suse.com/security/cve/CVE-2025-38664.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248631
* https://bugzilla.suse.com/show_bug.cgi?id=1249207
* https://bugzilla.suse.com/show_bug.cgi?id=1249208

SUSE-SU-2025:3985-1: moderate: Security update for ImageMagick

# Security update for ImageMagick

Announcement ID: SUSE-SU-2025:3985-1
Release Date: 2025-11-07T10:30:54Z
Rating: moderate
References:

* bsc#1252749

Cross-References:

* CVE-2025-62594

CVSS scores:

* CVE-2025-62594 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-62594 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
* CVE-2025-62594 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-62594 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for ImageMagick fixes the following issues:

* CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead
to OOB pointer arithmetic and process crash. (bsc#1252749)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3985=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3985=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3985=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.51.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
* ImageMagick-7.1.0.9-150400.6.51.1
* ImageMagick-debugsource-7.1.0.9-150400.6.51.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.51.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.51.1
* libMagick++-devel-7.1.0.9-150400.6.51.1
* ImageMagick-extra-7.1.0.9-150400.6.51.1
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.51.1
* perl-PerlMagick-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.51.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.51.1
* ImageMagick-devel-7.1.0.9-150400.6.51.1
* ImageMagick-extra-debuginfo-7.1.0.9-150400.6.51.1
* openSUSE Leap 15.4 (x86_64)
* libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.51.1
* ImageMagick-devel-32bit-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagick++-devel-32bit-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.51.1
* openSUSE Leap 15.4 (noarch)
* ImageMagick-doc-7.1.0.9-150400.6.51.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.0.9-150400.6.51.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.0.9-150400.6.51.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.0.9-150400.6.51.1
* libMagick++-devel-64bit-7.1.0.9-150400.6.51.1
* libMagick++-7_Q16HDRI5-64bit-7.1.0.9-150400.6.51.1
* ImageMagick-devel-64bit-7.1.0.9-150400.6.51.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
* ImageMagick-debugsource-7.1.0.9-150400.6.51.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.51.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
* ImageMagick-debugsource-7.1.0.9-150400.6.51.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.51.1

## References:

* https://www.suse.com/security/cve/CVE-2025-62594.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252749

SUSE-SU-2025:3986-1: low: Security update for gpg2

# Security update for gpg2

Announcement ID: SUSE-SU-2025:3986-1
Release Date: 2025-11-07T10:31:14Z
Rating: low
References:

* bsc#1239119

Cross-References:

* CVE-2025-30258

CVSS scores:

* CVE-2025-30258 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-30258 ( SUSE ): 2.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L
* CVE-2025-30258 ( NVD ): 2.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L
* CVE-2025-30258 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for gpg2 fixes the following issues:

* CVE-2025-30258: fixed a verification denial of service due to a malicious
subkey in the keyring (bsc#1239119)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3986=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3986=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-3986=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3986=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-3986=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3986=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-3986=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-3986=1

## Package List:

* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* dirmngr-2.2.27-150300.3.13.1
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* dirmngr-debuginfo-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* openSUSE Leap 15.3 (noarch)
* gpg2-lang-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* gpg2-debuginfo-2.2.27-150300.3.13.1
* gpg2-debugsource-2.2.27-150300.3.13.1
* gpg2-2.2.27-150300.3.13.1

## References:

* https://www.suse.com/security/cve/CVE-2025-30258.html
* https://bugzilla.suse.com/show_bug.cgi?id=1239119

SUSE-SU-2025:4000-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:4000-1
Release Date: 2025-11-07T17:04:40Z
Rating: important
References:

* bsc#1246019
* bsc#1248631
* bsc#1249207
* bsc#1249208

Cross-References:

* CVE-2024-53164
* CVE-2025-38617
* CVE-2025-38618
* CVE-2025-38664

CVSS scores:

* CVE-2024-53164 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53164 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38617 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38617 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38618 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38618 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38664 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues.

The following security issues were fixed:

* CVE-2025-38664: ice: Fix a null pointer dereference in
ice_copy_and_init_pkg() (bsc#1248631).
* CVE-2025-38617: net/packet: fix a race in packet_set_ring() and
packet_notifier() (bsc#1249208).
* CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY
(bsc#1249207).
* CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4000=1

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-4000=1

## Package List:

* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_25-default-19-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_5-debugsource-19-150600.2.1
* kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-19-150600.2.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_25-default-19-150600.2.1
* kernel-livepatch-SLE15-SP6_Update_5-debugsource-19-150600.2.1
* kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-19-150600.2.1

## References:

* https://www.suse.com/security/cve/CVE-2024-53164.html
* https://www.suse.com/security/cve/CVE-2025-38617.html
* https://www.suse.com/security/cve/CVE-2025-38618.html
* https://www.suse.com/security/cve/CVE-2025-38664.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246019
* https://bugzilla.suse.com/show_bug.cgi?id=1248631
* https://bugzilla.suse.com/show_bug.cgi?id=1249207
* https://bugzilla.suse.com/show_bug.cgi?id=1249208

openSUSE-SU-2025:15706-1: moderate: erlang-28.1.1-1.1 on GA media

# erlang-28.1.1-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15706-1
Rating: moderate

Cross-References:

* CVE-2016-1000107

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the erlang-28.1.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* erlang 28.1.1-1.1
* erlang-debugger 28.1.1-1.1
* erlang-debugger-src 28.1.1-1.1
* erlang-dialyzer 28.1.1-1.1
* erlang-dialyzer-src 28.1.1-1.1
* erlang-diameter 28.1.1-1.1
* erlang-diameter-src 28.1.1-1.1
* erlang-doc 28.1.1-1.1
* erlang-epmd 28.1.1-1.1
* erlang-et 28.1.1-1.1
* erlang-et-src 28.1.1-1.1
* erlang-jinterface 28.1.1-1.1
* erlang-jinterface-src 28.1.1-1.1
* erlang-observer 28.1.1-1.1
* erlang-observer-src 28.1.1-1.1
* erlang-reltool 28.1.1-1.1
* erlang-reltool-src 28.1.1-1.1
* erlang-src 28.1.1-1.1
* erlang-wx 28.1.1-1.1
* erlang-wx-src 28.1.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2016-1000107.html

SUSE-SU-2025:3996-1: important: Security update for java-11-openjdk

# Security update for java-11-openjdk

Announcement ID: SUSE-SU-2025:3996-1
Release Date: 2025-11-07T15:49:28Z
Rating: important
References:

* bsc#1246806
* bsc#1252414
* bsc#1252417

Cross-References:

* CVE-2025-53057
* CVE-2025-53066

CVSS scores:

* CVE-2025-53057 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-53057 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-53057 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-53066 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-53066 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-53066 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Legacy Module 15-SP6
* Legacy Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.29+7 (October 2025 CPU):

* CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized
creation, deletion or modification access to critical data (bsc#1252414).
* CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized
access to critical data or complete access (bsc#1252417).

Other bug fixes:

* Do not embed rebuild counter (bsc#1246806)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3996=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3996=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-3996=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3996=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-3996=1

* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-3996=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3996=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3996=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3996=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3996=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3996=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3996=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3996=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3996=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3996=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3996=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3996=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3996=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3996=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3996=1

## Package List:

* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-src-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-jmods-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* openSUSE Leap 15.6 (noarch)
* java-11-openjdk-javadoc-11.0.29.0-150000.3.132.2
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Package Hub 15 15-SP6 (noarch)
* java-11-openjdk-javadoc-11.0.29.0-150000.3.132.2
* SUSE Package Hub 15 15-SP7 (noarch)
* java-11-openjdk-javadoc-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* java-11-openjdk-debuginfo-11.0.29.0-150000.3.132.2
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* SUSE Manager Proxy 4.3 LTS (x86_64)
* java-11-openjdk-headless-11.0.29.0-150000.3.132.2
* java-11-openjdk-demo-11.0.29.0-150000.3.132.2
* java-11-openjdk-devel-11.0.29.0-150000.3.132.2
* java-11-openjdk-debugsource-11.0.29.0-150000.3.132.2
* java-11-openjdk-11.0.29.0-150000.3.132.2

## References:

* https://www.suse.com/security/cve/CVE-2025-53057.html
* https://www.suse.com/security/cve/CVE-2025-53066.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246806
* https://bugzilla.suse.com/show_bug.cgi?id=1252414
* https://bugzilla.suse.com/show_bug.cgi?id=1252417

SUSE-SU-2025:3997-1: important: Security update for java-17-openjdk

# Security update for java-17-openjdk

Announcement ID: SUSE-SU-2025:3997-1
Release Date: 2025-11-07T15:51:02Z
Rating: important
References:

* bsc#1246806
* bsc#1252414
* bsc#1252417

Cross-References:

* CVE-2025-53057
* CVE-2025-53066

CVSS scores:

* CVE-2025-53057 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-53057 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-53057 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-53066 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-53066 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-53066 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP6
* Legacy Module 15-SP6
* Legacy Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-17-openjdk fixes the following issues:

Upgrade to upstream tag jdk-17.0.17+10 (October 2025 CPU):

* CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized
creation, deletion or modification access to critical data (bsc#1252414).
* CVE-2025-53066: Fixed unauthenticated attacker can achive unauthorized
access to critical data or complete access (bsc#1252417).

Other bug fixes:

* Do not embed rebuild counter (bsc#1246806)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-3997=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3997=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3997=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-3997=1

* Legacy Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-3997=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3997=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3997=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3997=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3997=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3997=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3997=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3997=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3997=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3997=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-3997=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3997=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-src-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-jmods-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* openSUSE Leap 15.4 (noarch)
* java-17-openjdk-javadoc-17.0.17.0-150400.3.60.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-src-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-jmods-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* openSUSE Leap 15.6 (noarch)
* java-17-openjdk-javadoc-17.0.17.0-150400.3.60.2
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Manager Proxy 4.3 LTS (x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* java-17-openjdk-devel-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-17.0.17.0-150400.3.60.2
* java-17-openjdk-17.0.17.0-150400.3.60.2
* java-17-openjdk-demo-17.0.17.0-150400.3.60.2
* java-17-openjdk-headless-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-devel-17.0.17.0-150400.3.60.2
* java-17-openjdk-debuginfo-17.0.17.0-150400.3.60.2
* java-17-openjdk-debugsource-17.0.17.0-150400.3.60.2

## References:

* https://www.suse.com/security/cve/CVE-2025-53057.html
* https://www.suse.com/security/cve/CVE-2025-53066.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246806
* https://bugzilla.suse.com/show_bug.cgi?id=1252414
* https://bugzilla.suse.com/show_bug.cgi?id=1252417