Home / mailingsPDF  

[USN-2942-1] OpenJDK 7 vulnerability

Posted on 27 March 2016
Ubuntu Security

==========================
==========================
========================
Ubuntu Security Notice USN-2942-1
March 24, 2016

openjdk-7 vulnerability
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 14.04 LTS

Summary:

OpenJDK could be made to crash or run programs as your login if it received
specially crafted input.

Software Description:
- openjdk-7: Open Source Java implementation

Details:

A vulnerability was discovered in the JRE related to information
disclosure, data integrity, and availability. An attacker could exploit
these to cause a denial of service, expose sensitive data over the network,
or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
=C2=A0 icedtea-7-jre-jamvm=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.15.10.2
=C2=A0 openjdk-7-jre=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubu=
ntu0.15.10.2
=C2=A0 openjdk-7-jre-headless=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.15.10.2
=C2=A0 openjdk-7-jre-lib=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.15.10.2
=C2=A0 openjdk-7-jre-zero=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.15.10.2

Ubuntu 14.04 LTS:
=C2=A0 icedtea-7-jre-jamvm=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.14.04.2
=C2=A0 openjdk-7-jdk=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubu=
ntu0.14.04.2
=C2=A0 openjdk-7-jre=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubu=
ntu0.14.04.2
=C2=A0 openjdk-7-jre-headless=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.14.04.2
=C2=A0 openjdk-7-jre-lib=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.14.04.2
=C2=A0 openjdk-7-jre-zero=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A07u95-2.6.4-0ubuntu0.14.04.2

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References:
=C2=A0 http://www.ubuntu.com/usn/usn-2942-1
=C2=A0 CVE-2016-0636

Package Information:
=C2=A0 https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.1=
5.10.2
=C2=A0 https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.1=
4.04.2

 

TOP

Mailings :

Exploits :