lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20150725101347.GA20041@pisco.westfalen.local>
Date: Sat, 25 Jul 2015 12:13:47 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3316-1] openjdk-7 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3316-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 25, 2015                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-7
CVE ID         : CVE-2014-8873 CVE-2015-0460 CVE-2015-0469 CVE-2015-0470 
                 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488
                 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621
                 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808
                 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733
                 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure,
denial of service or insecure cryptography.

For the oldstable distribution (wheezy), these problems have been fixed
in version 7u79-2.5.6-1~deb7u1.

For the stable distribution (jessie), these problems have been fixed in
version 7u79-2.5.6-1~deb8u1.

For the unstable distribution (sid), these problems have been fixed in
version 7u79-2.5.6-1.

We recommend that you upgrade your openjdk-7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVs2DrAAoJEBDCk7bDfE42DG8QAJXbD/hks9A+ytcoVAQe0Aq0
2xoZwEuSn8QyKiC8uP49jMWreR7SQ8eRpoNZzQ13iZjQE0aRGPMEOd0rA20EEXk8
BPzuvpctAmSbfchFLd+1pAAuXX/a2VC3aw+zIFvRnH2GQPFpZjWm7KczxXrsLyGK
jpowbTtSYJBcZCg6Cs1S1A3bFg/BKFxaJzrDqndYFPXQwW8tDQlT9I/Sx8tpigDH
cqW0sbjmHvxJAr61pxcUIrd2WJ2PhjMsRXlucC57DwzjLULZ11WrATLgVLkQUhea
shMXEp77uCRJJyf/TPJJVvMDqBdfUQY5LwllW+liAQylHCq0YW4XACvkUVDRdwS5
FHjtu90Sd7AOOF8LhwzQ6bSWZPXrtYpQYykAFSdqBCU+8wOlz1fFNq7Ne74B/n5f
vjqeYWMuf3/Fg/tNNlrx4jJlZzIwnERuAbbT+R9EytcInTTJhsdUYdCWRQi1JXtD
pkjDtKx6gauIxaR9J1z6vE3EBAebhQwZrkieXHtJyrt2Ywls+b7fsf0QvM/qXN26
7LabsuQHCphsE/xf9tv0xPoQK9Q0GfLWDC/l/S+0mzIru3o0eSn5/63xY1a/vuQt
q4mF4AZnlvNeUG8liYzbfSEmQNQ+cCNZF2CRkBzU95pjTASKQIm+hCbno2Zk9ky9
solb6saRbLOtnTNRQYnL
=aOkr
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ