Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in OpenJDK
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in OpenJDK
ID: USN-2942-1
Distribution: Ubuntu
Plattformen: Ubuntu 14.04 LTS, Ubuntu 15.10
Datum: Fr, 25. März 2016, 11:24
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0636

Originalnachricht


--===============0212265951949626686==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-Yb7DwXzTMqNegUc46J6a"


--=-Yb7DwXzTMqNegUc46J6a
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2942-1
March 24, 2016

openjdk-7 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 14.04 LTS

Summary:

OpenJDK could be made to crash or run programs as your login if it received
specially crafted input.

Software Description:
- openjdk-7: Open Source Java implementation

Details:

A vulnerability was discovered in the JRE related to information
disclosure, data integrity, and availability. An attacker could exploit
these to cause a denial of service, expose sensitive data over the network,
or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
  icedtea-7-jre-jamvm             7u95-2.6.4-0ubuntu0.15.10.2
 
openjdk-7-jre                   7u95-2.6.4-0ubuntu0.15.10.2
  openjdk-7-jre-headless          7u95-2.6.4-0ubuntu0.15.10.2
  openjdk-7-jre-lib               7u95-2.6.4-0ubuntu0.15.10.2
  openjdk-7-jre-zero              7u95-2.6.4-0ubuntu0.15.10.2

Ubuntu 14.04 LTS:
  icedtea-7-jre-jamvm             7u95-2.6.4-0ubuntu0.14.04.2
 
openjdk-7-jdk                   7u95-2.6.4-0ubuntu0.14.04.2
 
openjdk-7-jre                   7u95-2.6.4-0ubuntu0.14.04.2
  openjdk-7-jre-headless          7u95-2.6.4-0ubuntu0.14.04.2
  openjdk-7-jre-lib               7u95-2.6.4-0ubuntu0.14.04.2
  openjdk-7-jre-zero              7u95-2.6.4-0ubuntu0.14.04.2

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-2942-1
  CVE-2016-0636

Package Information:
  https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.15.10.2
  https://launchpad.net/ubuntu/+source/openjdk-7/7u95-2.6.4-0ubuntu0.14.04.2

--Òb7DwXzTMqNegUc46J6a
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCgAGBQJW9JATAAoJEFHb3FjMVZVzyGEQAI02+qceTMf7Z1fZ5r72Nemj
o3h3NNTaTLLNA4tvu6JqO9WQacMb1yyuF+tRbuwOcIFbNdJNrHqC4nwxgTpidGL9
kxAnc8I2O52eHLNx1a3eVPo/NDlftPRc6nJ1ad8BHKXaMsOaZGHim3R/HCQYBkNz
koYp3PZJx1Gu56VKh6XEKnqyXNjAV+9tqptL7DjfH1mZJEzcOEqLDZM4T9wguGs8
IP4t/aBUUx3bksPsEX9FTepXwhgkOBObo2UJ06H5WyJTO/RfrLNDfLHgJzpsRr7X
P+fQIYOyhONTSxOAB017IJ4IRoCF1NQo9Iw6a8Xq/LVCNtFJMiKQ6Ma2hQmJTuuS
qRmEP5PCE/Pndbesp8WQ6hncHzwU6SSO/sK3xML18FoFq2Ofse11hQIblKc8gh9L
A/KIS8466QqnEBkyb2R1sEHVv7HCe8NsyR3t2BHrXO07VRy7pbv3heAn7ID3aKfA
xIGR0iETEkdkBbHsjzNrtY2SSuFW9eP4OqyJswK92UEcq1AEFNSFK3ePtA2165ZX
dBzCLK85lR4i6SbZ23MFUSuN5jNJGKLd1pyXFMJE2Ev8UzAw6Lf3BlgIkmHmOqYR
GRyDU3sdD382S+bIMlvEVEetwkLvCy+T++7d4hnY2NHvEK0tarlAWeJa9L5h4nCi
WTOAPCT83/QEj4L7Hg8G
=1FKu
-----END PGP SIGNATURE-----

--=-Yb7DwXzTMqNegUc46J6a--



--===============0212265951949626686==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0212265951949626686==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung