==========================================================================
Ubuntu Security Notice USN-2885-1
February 01, 2016

openjdk-6 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in OpenJDK 6.

Software Description:
– openjdk-6: Open Source Java implementation

Details:

Multiple vulnerabilities were discovered in the OpenJDK JRE related
to information disclosure, data integrity, and availability. An
attacker could exploit these to cause a denial of service, expose
sensitive data over the network, or possibly execute arbitrary code.
(CVE-2016-0483, CVE-2016-0494)

A vulnerability was discovered in the OpenJDK JRE related to data
integrity. An attacker could exploit this to expose sensitive data
over the network or possibly execute arbitrary code. (CVE-2016-0402)

A vulnerability was discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit this to expose
sensitive data over the network. (CVE-2016-0448)

A vulnerability was discovered in the OpenJDK JRE related to
availability. An attacker could exploit this to cause a denial of
service. (CVE-2016-0466)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b38-1.13.10-0ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-headless 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-lib 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-zero 6b38-1.13.10-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2885-1
CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483,
CVE-2016-0494

Package Information:
https://launchpad.net/ubuntu/+source/openjdk-6/6b38-1.13.10-0ubuntu0.12.04.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJWr8hkAAoJEC8Jno0AXoH0XT4P/2OC237BYX+VBLPA07zdLerr
47yB8nkoOrh2g4+XMmFaHCLrZwg+Pdwi7hewgxKHg1TZoNK64tRN2Qex4azvrxGD
druWtD63KRryML9tsN5uD/HbwFRXqoAkNpKYZQm5TzQDy4zF9qV33Xz9O+9/9q/n
nDqfN/MVBuKbkaS2OXRWdqSyiLLZtOUC8ByYCewP11L53ukvNnqiOzXq9lMHSO0h
Y9jGNWLpM7WwmmrwdBnT20Pnn4nM7lcHHzOrqBhI8NDvDWGzb1yVSrkDRy1wjQxR
AgH5xpuoyXH55QI3kXp21xQ41EzOd4koEXSw34E70/P1x65vW8M7OhhH9+2CnYig
2wUaMOQ2Q410ZwS60ozKl679OBCf+b/pJCZY0pqMqLClcJyoc9MmZpLtXOXtNf8J
W44wqc7WctA4wZY/7aQGta7pwfyo89waz4EJr/O3gwsBAIHKp9NMoIPXnUROZBAc
3MWls6mV2mMDCdLNkgpM0li5N0zNo25pD8K2i1oC0Pi1SfPAaqI04/Z0woNDfQqG
UJeGcRRFTIkQAdspG84Dm8bQYnwNp8wqahWmMekXe68YuihzfOEyGNFymwI1IEW2
F8UJR3xmmaE3DCCb7n5QNv2NdwFrr6B2eLWioWSNrijk0F+nIQYQHkJfy5km+c6Q
DA8Ong47nxHmWAxdl4oX
=pr1q
—–END PGP SIGNATURE—–
—