Security update for java-17-openjdk SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:2110-1 Final 1 1 2023-05-05T12:10:31Z current 2023-05-05T12:10:31Z 2023-05-05T12:10:31Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for java-17-openjdk This update for java-17-openjdk fixes the following issues: Update to upstrem tag jdk-17.0.7+7 (April 2023 CPU) Security fixes: - CVE-2023-21930: Fixed AES support (bsc#1210628). - CVE-2023-21937: Fixed String platform support (bsc#1210631). - CVE-2023-21938: Fixed runtime support (bsc#1210632). - CVE-2023-21939: Fixed Swing platform support (bsc#1210634). - CVE-2023-21954: Fixed object reclamation process (bsc#1210635). - CVE-2023-21967: Fixed TLS session negotiation (bsc#1210636). - CVE-2023-21968: Fixed path handling (bsc#1210637). Other fixes: - Fixed socket setTrafficClass not working for IPv4 connections when IPv6 is enabled (bsc#1209333). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container bci/openjdk-devel:17-2023-2110,Container bci/openjdk-devel:latest-2023-2110,Container bci/openjdk:17-2023-2110,Container bci/openjdk:latest-2023-2110,Container containers/apache-tomcat:10.1-openjdk17-2023-2110,Container containers/apache-tomcat:9-openjdk17-2023-2110,Container suse/manager/5.0/x86_64/server:latest-2023-2110,Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest-2023-2110,Container suse/multi-linux-manager/5.1/x86_64/server:latest-2023-2110,Image server-attestation-image-2023-2110,Image server-image-2023-2110,SUSE-2023-2110,SUSE-SLE-Module-Basesystem-15-SP4-2023-2110,openSUSE-SLE-15.4-2023-2110 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ Link for SUSE-SU-2023:2110-1 https://lists.suse.com/pipermail/sle-security-updates/2023-May/014767.html E-Mail link for SUSE-SU-2023:2110-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1209333 SUSE Bug 1209333 https://bugzilla.suse.com/1210628 SUSE Bug 1210628 https://bugzilla.suse.com/1210631 SUSE Bug 1210631 https://bugzilla.suse.com/1210632 SUSE Bug 1210632 https://bugzilla.suse.com/1210634 SUSE Bug 1210634 https://bugzilla.suse.com/1210635 SUSE Bug 1210635 https://bugzilla.suse.com/1210636 SUSE Bug 1210636 https://bugzilla.suse.com/1210637 SUSE Bug 1210637 https://www.suse.com/security/cve/CVE-2023-21930/ SUSE CVE CVE-2023-21930 page https://www.suse.com/security/cve/CVE-2023-21937/ SUSE CVE CVE-2023-21937 page https://www.suse.com/security/cve/CVE-2023-21938/ SUSE CVE CVE-2023-21938 page https://www.suse.com/security/cve/CVE-2023-21939/ SUSE CVE CVE-2023-21939 page https://www.suse.com/security/cve/CVE-2023-21954/ SUSE CVE CVE-2023-21954 page https://www.suse.com/security/cve/CVE-2023-21967/ SUSE CVE CVE-2023-21967 page https://www.suse.com/security/cve/CVE-2023-21968/ SUSE CVE CVE-2023-21968 page Container bci/openjdk-devel:17 Container bci/openjdk-devel:latest Container bci/openjdk:17 Container bci/openjdk:latest Container containers/apache-tomcat:10.1-openjdk17 Container containers/apache-tomcat:9-openjdk17 Container suse/manager/5.0/x86_64/server:latest Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest Container suse/multi-linux-manager/5.1/x86_64/server:latest Image server-attestation-image Image server-image SUSE Linux Enterprise Module for Basesystem 15 SP4 openSUSE Leap 15.4 java-17-openjdk-17.0.7.0-150400.3.18.2 java-17-openjdk-devel-17.0.7.0-150400.3.18.2 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 java-17-openjdk-demo-17.0.7.0-150400.3.18.2 java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 java-17-openjdk-src-17.0.7.0-150400.3.18.2 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:17 java-17-openjdk-devel-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:17 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:17 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:latest java-17-openjdk-devel-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk-devel:latest java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk:17 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk:17 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container bci/openjdk:latest java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container containers/apache-tomcat:10.1-openjdk17 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container containers/apache-tomcat:10.1-openjdk17 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container containers/apache-tomcat:9-openjdk17 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container containers/apache-tomcat:9-openjdk17 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container suse/manager/5.0/x86_64/server:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container suse/manager/5.0/x86_64/server:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Container suse/multi-linux-manager/5.1/x86_64/server:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Container suse/multi-linux-manager/5.1/x86_64/server:latest java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Image server-attestation-image java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of Image server-image java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of Image server-image java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 java-17-openjdk-demo-17.0.7.0-150400.3.18.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 java-17-openjdk-devel-17.0.7.0-150400.3.18.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 java-17-openjdk-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-demo-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-devel-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-headless-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 java-17-openjdk-src-17.0.7.0-150400.3.18.2 as a component of openSUSE Leap 15.4 unknown CVE-2023-21930 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 important 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21930.html CVE-2023-21930 https://bugzilla.suse.com/1210628 SUSE Bug 1210628 unknown CVE-2023-21937 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 low 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21937.html CVE-2023-21937 https://bugzilla.suse.com/1210631 SUSE Bug 1210631 unknown CVE-2023-21938 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 low 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21938.html CVE-2023-21938 https://bugzilla.suse.com/1210632 SUSE Bug 1210632 unknown CVE-2023-21939 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 moderate 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21939.html CVE-2023-21939 https://bugzilla.suse.com/1210634 SUSE Bug 1210634 unknown CVE-2023-21954 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 moderate 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21954.html CVE-2023-21954 https://bugzilla.suse.com/1210635 SUSE Bug 1210635 unknown CVE-2023-21967 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 moderate 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21967.html CVE-2023-21967 https://bugzilla.suse.com/1210636 SUSE Bug 1210636 unknown CVE-2023-21968 Container bci/openjdk-devel:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 Container bci/openjdk-devel:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container bci/openjdk:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:10.1-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-17.0.7.0-150400.3.18.2 Container containers/apache-tomcat:9-openjdk17:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/manager/5.0/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server-attestation:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-17.0.7.0-150400.3.18.2 Container suse/multi-linux-manager/5.1/x86_64/server:latest:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-attestation-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-17.0.7.0-150400.3.18.2 Image server-image:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 SUSE Linux Enterprise Module for Basesystem 15 SP4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-demo-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-devel-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-headless-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-javadoc-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-jmods-17.0.7.0-150400.3.18.2 openSUSE Leap 15.4:java-17-openjdk-src-17.0.7.0-150400.3.18.2 low 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232110-1/ https://www.suse.com/security/cve/CVE-2023-21968.html CVE-2023-21968 https://bugzilla.suse.com/1210637 SUSE Bug 1210637