Univention Bugzilla – Bug 36985
openjdk-7: Multiple issues (4.0)
Last modified: 2017-10-26 13:54:46 CEST
New issues from http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html : TLS/SSL handshake attack (CVE-2014-6457) Insecure logging (CVE-2014-6502) Information disclosure in Hotspot (CVE-2014-6504) Insufficient permission checks in system logging (CVE-2014-6506) Information disclosure in ICU/2D (CVE-2014-6511) Missing source checks in datagram sockets (CVE-2014-6512) XEE in the Stax parser (CVE-2014-6517) Memory corruption in the JVM (CVE-2014-6519) Insufficient name checks for resource bundles (CVE-2014-6531) Incorrect exception handling in CipherInputStream (CVE-2014-6558)
Lovely build failure, starting with New Year's Eve 2014 FTBFS: Error: time is more than 10 years from present: 1104530400000 java.lang.RuntimeException: time is more than 10 years from present: 1104530400000 at build.tools.generatecurrencydata.GenerateCurrencyData.makeSpecialCaseEntry(GenerateCurrencyData.java:285) at build.tools.generatecurrencydata.GenerateCurrencyData.buildMainAndSpecialCaseTables(GenerateCurrencyData.java:225) at build.tools.generatecurrencydata.GenerateCurrencyData.main(GenerateCurrencyData.java:154) make[6]: *** [/var/build/temp/tmp.9tc8lG9MGt/4.0-0-0-errata4.0-0/openjdk-7/openjdk-7-7u71-2.5.3/build/openjdk.build-boot/lib/currency.data] Error 1 Patch at https://bugs.gentoo.org/show_bug.cgi?id=534118
A fixed package has been built. The patch for the FTBFS error has been forwarded to Debian in #775044 Tests with SEP Sesam and Open-Xchanges were fine. Please additionally test Agorum Core during the QA. YAML: 2015-01-13-openjdk-7.yaml
Tests: OK (In reply to Moritz Muehlenhoff from comment #2) > Please additionally test > Agorum Core during the QA. Agorum Core app does not work as of now, it will be released after this update an tested with it before the release. > YAML: 2015-01-13-openjdk-7.yaml OK
<http://errata.univention.de/ucs/4.0/33.html>