Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in OpenJDK
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in OpenJDK
ID: USN-2885-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS
Datum: Mo, 1. Februar 2016, 22:39
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483

Originalnachricht


--===============8298326989003858424==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="BtmVPk+Smchi6n7w"
Content-Disposition: inline


--BtmVPk+Smchi6n7w
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-2885-1
February 01, 2016

openjdk-6 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in OpenJDK 6.

Software Description:
- openjdk-6: Open Source Java implementation

Details:

Multiple vulnerabilities were discovered in the OpenJDK JRE related
to information disclosure, data integrity, and availability. An
attacker could exploit these to cause a denial of service, expose
sensitive data over the network, or possibly execute arbitrary code.
(CVE-2016-0483, CVE-2016-0494)

A vulnerability was discovered in the OpenJDK JRE related to data
integrity. An attacker could exploit this to expose sensitive data
over the network or possibly execute arbitrary code. (CVE-2016-0402)

A vulnerability was discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit this to expose
sensitive data over the network. (CVE-2016-0448)

A vulnerability was discovered in the OpenJDK JRE related to
availability. An attacker could exploit this to cause a denial of
service. (CVE-2016-0466)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b38-1.13.10-0ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-headless 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-lib 6b38-1.13.10-0ubuntu0.12.04.1
openjdk-6-jre-zero 6b38-1.13.10-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2885-1
CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483,
CVE-2016-0494

Package Information:
https://launchpad.net/ubuntu/+source/openjdk-6/6b38-1.13.10-0ubuntu0.12.04.1


--BtmVPk+Smchi6n7w
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWr8hkAAoJEC8Jno0AXoH0XT4P/2OC237BYX+VBLPA07zdLerr
47yB8nkoOrh2g4+XMmFaHCLrZwg+Pdwi7hewgxKHg1TZoNK64tRN2Qex4azvrxGD
druWtD63KRryML9tsN5uD/HbwFRXqoAkNpKYZQm5TzQDy4zF9qV33Xz9O+9/9q/n
nDqfN/MVBuKbkaS2OXRWdqSyiLLZtOUC8ByYCewP11L53ukvNnqiOzXq9lMHSO0h
Y9jGNWLpM7WwmmrwdBnT20Pnn4nM7lcHHzOrqBhI8NDvDWGzb1yVSrkDRy1wjQxR
AgH5xpuoyXH55QI3kXp21xQ41EzOd4koEXSw34E70/P1x65vW8M7OhhH9+2CnYig
2wUaMOQ2Q410ZwS60ozKl679OBCf+b/pJCZY0pqMqLClcJyoc9MmZpLtXOXtNf8J
W44wqc7WctA4wZY/7aQGta7pwfyo89waz4EJr/O3gwsBAIHKp9NMoIPXnUROZBAc
3MWls6mV2mMDCdLNkgpM0li5N0zNo25pD8K2i1oC0Pi1SfPAaqI04/Z0woNDfQqG
UJeGcRRFTIkQAdspG84Dm8bQYnwNp8wqahWmMekXe68YuihzfOEyGNFymwI1IEW2
F8UJR3xmmaE3DCCb7n5QNv2NdwFrr6B2eLWioWSNrijk0F+nIQYQHkJfy5km+c6Q
DA8Ong47nxHmWAxdl4oX
=pr1q
-----END PGP SIGNATURE-----

--BtmVPk+Smchi6n7w--


--===============8298326989003858424==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8298326989003858424==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung