SUSE 5233 Published by

SUSE Linux has announced the release of multiple security updates, which include significant updates for nginx, java-21-openjdk, amazon-ssm-agent, openvpn, go1.23, go1.22, corepack22-22.13.0-1.1, apache2-mod_security, kernel-devel-longterm, owasp-modsecurity-crs, openvpn-2.6.10-5.1, nginx, nodejs22, go1.24, and iperf:

SUSE-SU-2025:0282-1: important: Security update for nginx
SUSE-SU-2025:0279-1: moderate: Security update for java-21-openjdk
SUSE-SU-2025:0277-1: important: Security update for amazon-ssm-agent
SUSE-SU-2025:0278-1: moderate: Security update for openvpn
SUSE-SU-2025:0280-1: important: Security update for go1.23
SUSE-SU-2025:0281-1: important: Security update for go1.22
openSUSE-SU-2025:14706-1: moderate: corepack22-22.13.0-1.1 on GA media
openSUSE-SU-2025:14703-1: moderate: apache2-mod_security2-2.9.8-2.1 on GA media
openSUSE-SU-2025:14705-1: moderate: kernel-devel-longterm-6.12.11-1.1 on GA media
openSUSE-SU-2025:14708-1: moderate: owasp-modsecurity-crs-4.9.0-1.1 on GA media
openSUSE-SU-2025:14707-1: moderate: openvpn-2.6.10-5.1 on GA media
SUSE-SU-2025:0283-1: important: Security update for nginx
SUSE-SU-2025:0284-1: important: Security update for nodejs22
SUSE-SU-2025:0285-1: important: Security update for go1.24
SUSE-SU-2025:0291-1: moderate: Security update for iperf




SUSE-SU-2025:0282-1: important: Security update for nginx


# Security update for nginx

Announcement ID: SUSE-SU-2025:0282-1
Release Date: 2025-01-29T08:04:15Z
Rating: important
References:

* bsc#1216171
* bsc#1229155

Cross-References:

* CVE-2023-44487
* CVE-2024-7347

CVSS scores:

* CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-7347 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-7347 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-7347 ( NVD ): 5.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for nginx fixes the following issues:

* CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack (bsc#1216171)
* CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing
invalid chunk information (bsc#1229155)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-282=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-282=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-282=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-282=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-282=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-282=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-282=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-282=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-282=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-282=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-282=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-282=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* openSUSE Leap 15.4 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Manager Proxy 4.3 (x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Manager Proxy 4.3 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* nginx-source-1.21.5-150400.3.6.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* nginx-1.21.5-150400.3.6.1
* nginx-debuginfo-1.21.5-150400.3.6.1
* nginx-debugsource-1.21.5-150400.3.6.1
* SUSE Manager Server 4.3 (noarch)
* nginx-source-1.21.5-150400.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2023-44487.html
* https://www.suse.com/security/cve/CVE-2024-7347.html
* https://bugzilla.suse.com/show_bug.cgi?id=1216171
* https://bugzilla.suse.com/show_bug.cgi?id=1229155



SUSE-SU-2025:0279-1: moderate: Security update for java-21-openjdk


# Security update for java-21-openjdk

Announcement ID: SUSE-SU-2025:0279-1
Release Date: 2025-01-28T23:47:05Z
Rating: moderate
References:

* bsc#1236278

Cross-References:

* CVE-2025-21502

CVSS scores:

* CVE-2025-21502 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for java-21-openjdk fixes the following issues:

Upgrade to upstream tag jdk-21.0.6+7 (January 2025 CPU)

Security fixes:

* CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

* JDK-6942632: Hotspot should be able to use more than 64 logical processors
on Windows
* JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is
incorrect
* JDK-8195675: Call to insertText with single character from custom Input
Method ignored
* JDK-8207908: JMXStatusTest.java fails assertion intermittently
* JDK-8225220: When the Tab Policy is checked,the scroll button direction
displayed incorrectly.
* JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully
stopped without starting listening"
* JDK-8283214: [macos] Screen magnifier does not show the magnified text for
JComboBox
* JDK-8296787: Unify debug printing format of X.509 cert serial numbers
* JDK-8296972: [macos13]
java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java:
getExtendedState() != 6 as expected.
* JDK-8306446: java/lang/management/ThreadMXBean/Locks.java transient failures
* JDK-8308429: jvmti/StopThread/stopthrd007 failed with "NoClassDefFoundError:
Could not initialize class jdk.internal.misc.VirtualThreads"
* JDK-8309218: java/util/concurrent/locks/Lock/OOMEInAQS.java still times out
with ZGC, Generational ZGC, and SerialGC
* JDK-8311301: MethodExitTest may fail with stack buffer overrun
* JDK-8311656: Shenandoah: Unused
ShenandoahSATBAndRemarkThreadsClosure::_claim_token
* JDK-8312518: [macos13] setFullScreenWindow() shows black screen on macOS 13
& above
* JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds
* JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le
* JDK-8315701: [macos] Regression: KeyEvent has different keycode on different
keyboard layouts
* JDK-8316428: G1: Nmethod count statistics only count last code root set
iterated
* JDK-8316893: Compile without -fno-delete-null-pointer-checks
* JDK-8316895: SeenThread::print_action_queue called on a null pointer
* JDK-8316907: Fix nonnull-compare warnings
* JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame
* JDK-8317575: AArch64: C2_MacroAssembler::fast_lock uses rscratch1 for
cmpxchg result
* JDK-8318105: [jmh] the test java.security.HSS failed with 2 active threads
* JDK-8318442: java/net/httpclient/ManyRequests2.java fails intermittently on
Linux
* JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not
conform to the javadoc and may leak DateTimeException
* JDK-8319673: Few security tests ignore VM flags
* JDK-8319678: Several tests from corelibs areas ignore VM flags
* JDK-8319960: RISC-V: compiler/intrinsics/TestInteger/LongUnsignedDivMod.java
failed with "counts: Graph contains wrong number of nodes"
* JDK-8319970: AArch64: enable tests
compiler/intrinsics/Test(Long|Integer)UnsignedDivMod.java on aarch64
* JDK-8319973: AArch64: Save and restore FPCR in the call stub
* JDK-8320192: SHAKE256 does not work correctly if n >= 137
* JDK-8320397: RISC-V: Avoid passing t0 as temp register to MacroAssembler::
cmpxchg_obj_header/cmpxchgptr
* JDK-8320575: generic type information lost on mandated parameters of
record's compact constructors
* JDK-8320586: update manual test/jdk/TEST.groups
* JDK-8320665: update jdk_core at open/test/jdk/TEST.groups
* JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple
instructions
* JDK-8320682: [AArch64] C1 compilation fails with "Field too big for insn"
* JDK-8320892: AArch64: Restore FPU control state after JNI
* JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably
trigger class unloading
* JDK-8321470: ThreadLocal.nextHashCode can be static final
* JDK-8321474: TestAutoCreateSharedArchiveUpgrade.java should be updated with
JDK 21
* JDK-8321543: Update NSS to version 3.96
* JDK-8321550: Update several runtime/cds tests to use vm flags or mark as
flagless
* JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile
* JDK-8321940: Improve CDSHeapVerifier in handling of interned strings
* JDK-8322166: Files.isReadable/isWritable/isExecutable expensive when file
does not exist
* JDK-8322754: click JComboBox when dialog about to close causes
IllegalComponentStateException
* JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not
match the order
* JDK-8322830: Add test case for ZipFile opening a ZIP with no entries
* JDK-8323562: SaslInputStream.read() may return wrong value
* JDK-8323688: C2: Fix UB of jlong overflow in
PhaseIdealLoop::is_counted_loop()
* JDK-8324841: PKCS11 tests still skip execution
* JDK-8324861: Exceptions::wrap_dynamic_exception() doesn't have ResourceMark
* JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with
UseLargePages
* JDK-8325399: Add tests for virtual threads doing Selector operations
* JDK-8325506: Ensure randomness is only read from provided SecureRandom
object
* JDK-8325525: Create jtreg test case for JDK-8325203
* JDK-8325610: CTW: Add StressIncrementalInlining to stress options
* JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java
* JDK-8325851: Hide PassFailJFrame.Builder constructor
* JDK-8325906: Problemlist
vmTestbase/vm/mlvm/meth/stress/compiler/deoptimize/Test.java#id1 until
JDK-8320865 is fixed
* JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten
instead of Deflater.getTotalOut
* JDK-8326121:
vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl
failed with Full gc happened. Test was useless.
* JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests
* JDK-8326898: NSK tests should listen on loopback addresses only
* JDK-8327924: Simplify TrayIconScalingTest.java
* JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html
to main program
* JDK-8328242: Add a log area to the PassFailJFrame
* JDK-8328303: 3 JDI tests timed out with UT enabled
* JDK-8328379: Convert URLDragTest.html applet test to main
* JDK-8328402: Implement pausing functionality for the PassFailJFrame
* JDK-8328619:
sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed
with BindException: Address already in use
* JDK-8328665: serviceability/jvmti/vthread/PopFrameTest failed with a timeout
* JDK-8328723: IP Address error when client enables HTTPS endpoint check on
server socket
* JDK-8329353: ResolvedReferencesNotNullTest.java failed with Incorrect
resolved references array, quxString should not be archived
* JDK-8329533: TestCDSVMCrash fails on libgraal
* JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address
* JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess
* JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts
method for essential options
* JDK-8331393: AArch64: u32 _partial_subtype_ctr loaded/stored as 64
* JDK-8331864: Update Public Suffix List to 1cbd6e7
* JDK-8332112: Update nsk.share.Log to don't print summary during VM shutdown
hook
* JDK-8332340: Add JavacBench as a test case for CDS
* JDK-8332461: ubsan : dependencies.cpp:906:3: runtime error: load of value
4294967295, which is not a valid value for type 'DepType'
* JDK-8332724: x86 MacroAssembler may over-align code
* JDK-8332777: Update JCStress test suite
* JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
* JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on
macOS
* JDK-8333098: ubsan: bytecodeInfo.cpp:318:59: runtime error: division by zero
* JDK-8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use
finalization
* JDK-8333144: docker tests do not work when ubsan is configured
* JDK-8333235: vmTestbase/nsk/jdb/kill/kill001/kill001.java fails with C1
* JDK-8333248: VectorGatherMaskFoldingTest.java failed when maximum vector
bits is 64
* JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java
failed with: Invalid ECDH ServerKeyExchange signature
* JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java is failing on
Japanese Windows
* JDK-8333728: ubsan: shenandoahFreeSet.cpp:1347:24: runtime error: division
by zero
* JDK-8333754: Add a Test against ECDSA and ECDH NIST Test vector
* JDK-8333824: Unused ClassValue in VarHandles
* JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts
* JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed
in testWakeupDuringSelect
* JDK-8334475: UnsafeIntrinsicsTest.java#ZGenerationalDebug
assert(!assert_on_failure) failed: Has low-order bits set
* JDK-8334560: [PPC64]: postalloc_expand_java_dynamic_call_sched does not copy
all fields
* JDK-8334562: Automate
com/sun/security/auth/callback/TextCallbackHandler/Default.java test
* JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling
* JDK-8334719: (se) Deferred close of SelectableChannel may result in a
Selector doing the final close before concurrent I/O on channel has
completed
* JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times
out with -Xcomp
* JDK-8335172: Add manual steps to run
security/auth/callback/TextCallbackHandler/Password.java test
* JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder
* JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to
compile
* JDK-8335428: Enhanced Building of Processes
* JDK-8335449: runtime/cds/DeterministicDump.java fails with File content
different at byte ...
* JDK-8335530: Java file extension missing in AuthenticatorTest
* JDK-8335664: Parsing jsr broken: assert(bci>= 0 && bci <
c->method()->code_size()) failed: index out of bounds
* JDK-8335709: C2: assert(!loop->is_member(get_loop(useblock))) failed: must
be outside loop
* JDK-8335912, JDK-8337499: Add an operation mode to the jar command when
extracting to not overwriting existing files
* JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java
fails with java.lang.ArithmeticException
* JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app
name
* JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check
is calculator process is alive
* JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and
GdkPixbuf
* JDK-8336564: Enhance mask blit functionality redux
* JDK-8336640: Shenandoah: Parallel worker use in parallel_heap_region_iterate
* JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with
/manual and /timeout
* JDK-8336911: ZGC: Division by zero in heuristics after JDK-8332717
* JDK-8337066: Repeated call of StringBuffer.reverse with double byte string
returns wrong result
* JDK-8337067: Test runtime/classFileParserBug/Bad_NCDFE_Msg.java won't
compile
* JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland
* JDK-8337331: crash: pinned virtual thread will lead to jvm crash when
running with the javaagent option
* JDK-8337410: The makefiles should set problemlist and adjust timeout basing
on the given VM flags
* JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS
* JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on
Windows
* JDK-8337826: Improve logging in OCSPTimeout and SimpleOCSPResponder to help
diagnose JDK-8309754
* JDK-8337851: Some tests have name which confuse jtreg
* JDK-8337876: [IR Framework] Add support for IR tests with @Stable
* JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on
older docker releases
* JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion
* JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned
after JDK-8338058
* JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate
in ProblemList
* JDK-8338110: Exclude Fingerprinter::do_type from ubsan checks
* JDK-8338112: Test
testlibrary_tests/ir_framework/tests/TestPrivilegedMode.java fails with
release build
* JDK-8338344: Test TestPrivilegedMode.java intermittent fails
java.lang.NoClassDefFoundError: jdk/test/lib/Platform
* JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface
to listen for connections
* JDK-8338389: [JFR] Long strings should be added to the string pool
* JDK-8338402: GHA: some of bundles may not get removed
* JDK-8338449: ubsan: division by zero in sharedRuntimeTrans.cpp
* JDK-8338550: Do libubsan1 installation in test container only if requested
* JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find
symbol after JDK-8299813
* JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2
* JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java
* JDK-8338924: C1: assert(0