Ubuntu Security Notice USN-2942-1
24th March, 2016
openjdk-7 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 14.04 LTS
Summary
OpenJDK could be made to crash or run programs as your login if it received specially crafted input.
Software description
- openjdk-7 - Open Source Java implementation
Details
A vulnerability was discovered in the JRE related to information
disclosure, data integrity, and availability. An attacker could exploit
these to cause a denial of service, expose sensitive data over the network,
or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 15.10:
- openjdk-7-jre-lib 7u95-2.6.4-0ubuntu0.15.10.2
- openjdk-7-jre-zero 7u95-2.6.4-0ubuntu0.15.10.2
- icedtea-7-jre-jamvm 7u95-2.6.4-0ubuntu0.15.10.2
- openjdk-7-jre-headless 7u95-2.6.4-0ubuntu0.15.10.2
- openjdk-7-jre 7u95-2.6.4-0ubuntu0.15.10.2
- Ubuntu 14.04 LTS:
- openjdk-7-jre-zero 7u95-2.6.4-0ubuntu0.14.04.2
- icedtea-7-jre-jamvm 7u95-2.6.4-0ubuntu0.14.04.2
- openjdk-7-jre-lib 7u95-2.6.4-0ubuntu0.14.04.2
- openjdk-7-jdk 7u95-2.6.4-0ubuntu0.14.04.2
- openjdk-7-jre-headless 7u95-2.6.4-0ubuntu0.14.04.2
- openjdk-7-jre 7u95-2.6.4-0ubuntu0.14.04.2
To update your system, please follow these instructions: http://ift.tt/17VXqjU.
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
References
from Ubuntu Security Notices http://ift.tt/1MFmk8m
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.