Re: OpenJDK security updates

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenJDK security updates

From:	Ricardo Wurmus
Subject:	Re: OpenJDK security updates
Date:	Sun, 7 Feb 2016 12:25:47 +0100
User-agent:	mu4e 0.9.13; emacs 24.5.1

Mark H Weaver <address@hidden> writes:

> Can someone familiar with our Java packages please investigate and apply
> any needed security updates?
>
> https://www.debian.org/security/2016/dsa-3465

There hasn’t been any new IcedTea release beyond what we offer in Guix.
According to the release announcements for the two latest IcedTea
releases 1.13.10 and 2.6.4 the vulnerabilities have already been
addressed (and more than those listed in the Debian security advisory).

Here’s the list of the security vulnerabilities listed in the advisory
followed by the version of IcedTea in which they are fixed:

  CVE-2015-7575 (2.6.4)
  CVE-2016-0402 (1.13.10 and 2.6.4)
  CVE-2016-0448 (1.13.10 and 2.6.4)
  CVE-2016-0466 (1.13.10 and 2.6.4)
  CVE-2016-0483 (1.13.10 and 2.6.4)
  CVE-2016-0494 (1.13.10 and 2.6.4)

Only CVE-2015-7575 is not mentioned in the release announcement for
1.13.10.  I don’t know if this affects 1.13.10.

~~ Ricardo

[Prev in Thread]

Current Thread

[Next in Thread]

OpenJDK security updates, Mark H Weaver, 2016/02/06
- Re: OpenJDK security updates, Ricardo Wurmus <=

Prev by Date: Re: [PATCH] gnu: gdk-pixbuf: Disable pixbuf-scale test.
Next by Date: Re: [PATCH] gnu: gdk-pixbuf: Disable pixbuf-scale test.
Previous by thread: OpenJDK security updates
Next by thread: [PATCH] gnu: add lispf4
Index(es):
- Date
- Thread