Univention Bugzilla – Bug 37577
openjdk-7: Multiple issues (4.0)
Last modified: 2015-02-04 15:56:51 CET
Sandbox bypass in the Hotspot JVM (CVE-2014-6601, CVE-2015-0395) Sandbox bypass in JAX-WS (CVE-2015-0412) Sandbox bypass in RMI (CVE-2015-0408) Insecure temporary files in Hostspot performance logging (CVE-2015-0383) Information leak in the file chooser dialogue in Swing (CVE-2015-0407) Denial of service in processing DER data (CVE-2015-0410) Sandbox bypass in multicast socket handling (CVE-2014-6587) Disable SSLv3 to address protocol flaws like POODLE (CVE-2014-3566) Incorrect cipher negotiation in JSSE (CVE-2014-6593) Information disclosure in ICU (CVE-2014-6585) Sandbox bypass in ICU (CVE-2014-6591)
03_fix-2015-ftbfs.patch was dropped, it was fixed in the IcedTead 2.5.4 release (see #775044)
The package has been built and tested with SEP Sesam and OX. (I had previously released the DSA) YAML file: 2015-02-03-openjdk-7.yaml
Tests: OK Advisory: OK
<http://errata.univention.de/ucs/4.0/75.html>