Univention Bugzilla – Bug 40482
openjdk-7: Multiple issues (4.0)
Last modified: 2016-06-01 17:28:08 CEST
New issues fixed in Debian package version 7u95-2.6.4-1: - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH)
Package version in wheezy: 7u95-2.6.4-1~deb7u1
dtroeder@dimma:~$ repo_admin.py -U -r 4.0-0-0 -s errata4.0-4 -d wheezy -p openjdk-7 dtroeder@dimma:~$ repo_stat.py openjdk-7 7u95-2.6.4-1~deb7u1 imported on 2016-02-05 12:34:15.794837 Included in scope errata4.0-4 for release tag 4.0-0-0 (77864) dtroeder@dimma:~$ b40-scope errata4.0-4 openjdk-7 The following patches will be applied: 00_hardcode-debian-settings-in-lsb-detection.patch Advisory: 67256
see Bug #40483
'java7-jdk' has been added to the 'Provides' field of openjdk-7-jdk (r15872). i386 has been built, amd64 is in the making.
New issues fixed in Debian package version 7u101-2.6.6-2~deb7u1: * S8129952, CVE-2016-0686: Ensure thread consistency (Serialization) S8132051, CVE-2016-0687: Better byte behavior (Hotspot) S8138593, CVE-2016-0695: Make DSA more fair (Security Sub-component) S8139008: Better state table management S8143167, CVE-2016-3425: Better buffering of XML strings (JAXP) S8144430, CVE-2016-3427: Improve JMX connections (JMX) S8152335, CVE-2016-0636: Improve MethodHandle consistency (Hotspot) For details see http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Additionally the openjdk-7.yaml needs to be updated for ucs4.1-1
openjdk-7 package version 7u101-2.6.6-2~deb7u1 was built in scope ucs_4.0-0-errata4.0-5 and the advisory moved and updated in r69180.
Note: 7u101-2.6.6-2~deb7u1 corresponds to JDK 7u101: https://blogs.oracle.com/thejavatutorials/entry/jdk_8u91_8u92_7u101_and root@master50:~# java -version java version "1.7.0_101" OpenJDK Runtime Environment (IcedTea 2.6.6) (7u101-2.6.6-2.29.201605040859) OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode) Advisory updated accordingly. I also remove the point about IcedTea 2.6.6 because that can easily be confused with the IcedTea-Web browser plugin, which still shows 1.4-3.7.201411012253 (don't ask). The binary packages are updatable and basic Java application testing worked.
<http://errata.software-univention.de/ucs/4.0/434.html>