lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20150819201922.GA11158@pisco.westfalen.local>
Date: Wed, 19 Aug 2015 22:19:22 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3339-1] openjdk-6 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3339-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 19, 2015                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-6
CVE ID         : CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 
                 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808
                 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733
                 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure,
denial of service or insecure cryptography.
                                 
For the oldstable distribution (wheezy), these problems have been fixed
in version 6b36-1.13.8-1~deb7u1.

We recommend that you upgrade your openjdk-6 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJV1ORoAAoJEBDCk7bDfE42zBoP/AscgmbgvoRKFRkxMCjNyDns
iMWVGpvt5Axsv576uHdhqKGnEFhVCUwHEqcFBTNKwn8AAj1sBuH7pK4M6P0aPjLu
7IvSzfIPdQ0PabFhJmeGcrc4CEswRGmumV2HRnfkvvcgxffwF4jJNYwwAr7anWxq
yQSNWxu1HkwW8r/QKlU6D9tTgIgktp0t39St1U6WTxpTrTnI1Po8d6RHNE0HzDQn
XEVtU2LGLqW712WTpP0d0MOZOO+AuxBWxqjfYpIkTVUC6kbQeV+4on44jMenECnI
CyQnQskFTsChLkoYpbTxtV6DAxPWvqj6Ps3IwwNnWksa327CO4Yzwf93+uUby78W
4BM8bYJ0AgN+IdEqJ8EtyaYyCXJmpWTgs+zh8pkRgU1gmsr5qAug/IOttAVApf+g
z731jHSXIjwhEyILwPQCm7/zfpJtOgeBGlJFbD+JEGmK0hJOpiWVUpN/ZN/Bl7km
obLjZD8cfD/DzkIeKYMGdRW5zbVlemz/mGI3xJV7LBq3Isyj3AXopCI4G0U964Xq
gCftCF+UrD+ZAepPz8/b08C3b2vX2bT4FzYY002Bq9qqD/f66OJw6WnGeCFRABlC
/vt+p3wFc1sjzDAXj67oJjBbl/tZeFH2mflKLulCiGwFB3gMx62552pEUYgosFZs
VOYPhnjlH3QVaYnFKmFb
=ng8s
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ