lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20160127210048.GB16297@pisco.westfalen.local>
Date: Wed, 27 Jan 2016 22:00:48 +0100
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3458-1] openjdk-7 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3458-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 27, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-7
CVE ID         : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 
                 CVE-2016-0483 CVE-2016-0494

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in breakouts of
the Java sandbox, information disclosur, denial of service and insecure
cryptography.

For the oldstable distribution (wheezy), these problems have been fixed
in version 7u95-2.6.4-1~deb7u1.

For the stable distribution (jessie), these problems have been fixed in
version 7u95-2.6.4-1~deb8u1.

For the unstable distribution (sid), these problems have been fixed in
version 7u95-2.6.4-1.

We recommend that you upgrade your openjdk-7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWqS8DAAoJEBDCk7bDfE422KsQAKmbhTL0mDJIvB8jCQmn7KiV
W3crNxl2k4UrOBy7jbVXlpe90M7ofgv5NkORuGsGUDwgmTLzGHVYPTM8zBEqgfQq
JsPxzd2y/Hgyo+M7GB5t8nYai5nh4xO+/UNCJvw0VciZezSl4MW5iumv1hFKyKpc
/rGtsH1vosVxN55Jj+JRyQ+k3YivFS/qwUCA/S6AkYqXZCnr01BjXz0h4JU+ezZU
06E1HjjleMa0bC8ur/EQnzTVjqka2ut4SCgq1GmeZD6acr12nKxGBFrzejLOhvxR
mk+/2pGMvkHOMiCudugGnturCVpiir6BvIKQD6vyF/Ghsg+nfxcaH/0WDtNd78vX
qmBwTDOaNrdXShO9LUnHBgwjfAntSh4yAL/Vnj09Lj3wJs3raBwfhreroqum9sSI
0Fh8pfz2Z8CJFC2AMnX8xa7kmBGC8EnqIJZl/gKY8a81+a7psjitS6HcIOTSjfk5
b57RCJjmSbXtkEuYYw+TFQWkKRW23a+mqJV34cuEX7f2EZ82QHIhqBX6QeRuKsIF
WYJNsMZNE9GUOVKtxZtjA7cdp9c+sZ1eI4TkyA8Jy8ESVDOtXxwtT8+XGn8DKEwF
I2COwuUXjubf+JH125DbrP68vggXPnd/sD4b/w6eE8sycJ4kCQ6ekTpJM57YMJ9O
uLJOAby48hYWVDLvK1sm
=seG2
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ