- Detalji os-a: LUB
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-2942-1
March 24, 2016
openjdk-7 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.10
– Ubuntu 14.04 LTS
Summary:
OpenJDK could be made to crash or run programs as your login if it received
specially crafted input.
Software Description:
– openjdk-7: Open Source Java implementation
Details:
A vulnerability was discovered in the JRE related to information
disclosure, data integrity, and availability. An attacker could exploit
these to cause a denial of service, expose sensitive data over the network,
or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
icedtea-7-jre-jamvm 7u95-2.6.4-0ubuntu0.15.10.2
openjdk-7-jre 7u95-2.6.4-0ubuntu0.15.10.2
openjdk-7-jre-headless 7u95-2.6.4-0ubuntu0.15.10.2
openjdk-7-jre-lib 7u95-2.6.4-0ubuntu0.15.10.2
openjdk-7-jre-zero 7u95-2.6.4-0ubuntu0.15.10.2
Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u95-2.6.4-0ubuntu0.14.04.2
openjdk-7-jdk 7u95-2.6.4-0ubuntu0.14.04.2
openjdk-7-jre 7u95-2.6.4-0ubuntu0.14.04.2
openjdk-7-jre-headless 7u95-2.6.4-0ubuntu0.14.04.2
openjdk-7-jre-lib 7u95-2.6.4-0ubuntu0.14.04.2
openjdk-7-jre-zero 7u95-2.6.4-0ubuntu0.14.04.2
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2942-1
CVE-2016-0636
Package Information:
https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.15.10.2
https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.14.04.2
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCgAGBQJW9JATAAoJEFHb3FjMVZVzyGEQAI02+qceTMf7Z1fZ5r72Nemj
o3h3NNTaTLLNA4tvu6JqO9WQacMb1yyuF+tRbuwOcIFbNdJNrHqC4nwxgTpidGL9
kxAnc8I2O52eHLNx1a3eVPo/NDlftPRc6nJ1ad8BHKXaMsOaZGHim3R/HCQYBkNz
koYp3PZJx1Gu56VKh6XEKnqyXNjAV+9tqptL7DjfH1mZJEzcOEqLDZM4T9wguGs8
IP4t/aBUUx3bksPsEX9FTepXwhgkOBObo2UJ06H5WyJTO/RfrLNDfLHgJzpsRr7X
P+fQIYOyhONTSxOAB017IJ4IRoCF1NQo9Iw6a8Xq/LVCNtFJMiKQ6Ma2hQmJTuuS
qRmEP5PCE/Pndbesp8WQ6hncHzwU6SSO/sK3xML18FoFq2Ofse11hQIblKc8gh9L
A/KIS8466QqnEBkyb2R1sEHVv7HCe8NsyR3t2BHrXO07VRy7pbv3heAn7ID3aKfA
xIGR0iETEkdkBbHsjzNrtY2SSuFW9eP4OqyJswK92UEcq1AEFNSFK3ePtA2165ZX
dBzCLK85lR4i6SbZ23MFUSuN5jNJGKLd1pyXFMJE2Ev8UzAw6Lf3BlgIkmHmOqYR
GRyDU3sdD382S+bIMlvEVEetwkLvCy+T++7d4hnY2NHvEK0tarlAWeJa9L5h4nCi
WTOAPCT83/QEj4L7Hg8G
=1FKu
—–END PGP SIGNATURE—–
—
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2016-03-0041-ADV |
| Cve | CVE-2016-0636 |
| ID izvornika | USN-2942-1 |
| Proizvod | openjdk-7 |
| Izvor | http://www.ubuntu.com |
