openSUSE-SU-2026:20126-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2026:20126-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2026:20126-1
- Upstream
- Related
- Published
- 2026-01-28T16:43:12Z
- Modified
- 2026-03-12T02:08:07.257824Z
- Summary
- Security update for java-21-openjdk
- Details
-
This update for java-21-openjdk fixes the following issues:
Update to upstream tag jdk-21.0.10+7 (January 2026 CPU)
Security fixes:
- CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034).
- CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036).
- CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037).
- CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038).
Other fixes:
- Do not depend on update-desktop-files (jsc#PED-14507, jsc#PED-15217).
- References
-
- https://bugzilla.suse.com/1257034
- https://bugzilla.suse.com/1257036
- https://bugzilla.suse.com/1257037
- https://bugzilla.suse.com/1257038
- https://www.suse.com/security/cve/CVE-2026-21925
- https://www.suse.com/security/cve/CVE-2026-21932
- https://www.suse.com/security/cve/CVE-2026-21933
- https://www.suse.com/security/cve/CVE-2026-21945
Affected packages
openSUSE:Leap 16.0 / java-21-openjdk
Package
- Name
- java-21-openjdk
- Purl
- pkg:rpm/opensuse/java-21-openjdk&distro=openSUSE%20Leap%2016.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed21.0.10.0-160000.1.1
Ecosystem specific
{
"binaries": [
{
"java-21-openjdk-headless": "21.0.10.0-160000.1.1",
"java-21-openjdk-devel": "21.0.10.0-160000.1.1",
"java-21-openjdk-jmods": "21.0.10.0-160000.1.1",
"java-21-openjdk-javadoc": "21.0.10.0-160000.1.1",
"java-21-openjdk-demo": "21.0.10.0-160000.1.1",
"java-21-openjdk-src": "21.0.10.0-160000.1.1",
"java-21-openjdk": "21.0.10.0-160000.1.1"
}
]
}