Univention Bugzilla – Full Text Bug Listing |
Summary: | openjdk-7: Multiple issues (4.0) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Daniel Tröder <troeder> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P3 | CC: | botner, gohmann |
Version: | UCS 4.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.0-5-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
URL: | http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: | |||
Bug Depends on: | 40483 | ||
Bug Blocks: |
Description
Arvid Requate
2016-01-21 18:40:28 CET
Package version in wheezy: 7u95-2.6.4-1~deb7u1 dtroeder@dimma:~$ repo_admin.py -U -r 4.0-0-0 -s errata4.0-4 -d wheezy -p openjdk-7 dtroeder@dimma:~$ repo_stat.py openjdk-7 7u95-2.6.4-1~deb7u1 imported on 2016-02-05 12:34:15.794837 Included in scope errata4.0-4 for release tag 4.0-0-0 (77864) dtroeder@dimma:~$ b40-scope errata4.0-4 openjdk-7 The following patches will be applied: 00_hardcode-debian-settings-in-lsb-detection.patch Advisory: 67256 see Bug #40483 'java7-jdk' has been added to the 'Provides' field of openjdk-7-jdk (r15872). i386 has been built, amd64 is in the making. New issues fixed in Debian package version 7u101-2.6.6-2~deb7u1: * S8129952, CVE-2016-0686: Ensure thread consistency (Serialization) S8132051, CVE-2016-0687: Better byte behavior (Hotspot) S8138593, CVE-2016-0695: Make DSA more fair (Security Sub-component) S8139008: Better state table management S8143167, CVE-2016-3425: Better buffering of XML strings (JAXP) S8144430, CVE-2016-3427: Improve JMX connections (JMX) S8152335, CVE-2016-0636: Improve MethodHandle consistency (Hotspot) For details see http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Additionally the openjdk-7.yaml needs to be updated for ucs4.1-1 openjdk-7 package version 7u101-2.6.6-2~deb7u1 was built in scope ucs_4.0-0-errata4.0-5 and the advisory moved and updated in r69180. Note: 7u101-2.6.6-2~deb7u1 corresponds to JDK 7u101: https://blogs.oracle.com/thejavatutorials/entry/jdk_8u91_8u92_7u101_and root@master50:~# java -version java version "1.7.0_101" OpenJDK Runtime Environment (IcedTea 2.6.6) (7u101-2.6.6-2.29.201605040859) OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode) Advisory updated accordingly. I also remove the point about IcedTea 2.6.6 because that can easily be confused with the IcedTea-Web browser plugin, which still shows 1.4-3.7.201411012253 (don't ask). The binary packages are updatable and basic Java application testing worked. |