Bug 15703

Summary: java-1.8.0-openjdk new security issues
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/640410/
Whiteboard:
Source RPM: java-1.8.0-openjdk-1.8.0.40-5.b25.1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-04-15 15:11:33 CEST 
RedHat has issued an advisory on April 14:
https://rhn.redhat.com/errata/RHSA-2015-0809.html

This corresponds to the latest Oracle Critical Patch Update:
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

Updated checked into Cauldron SVN.  Freeze push requested.

Reproducible: 

Steps to Reproduce:
David Walser 2015-04-15 15:12:01 CEST

Blocks: (none) => 14674
Whiteboard: (none) => MGA5TOO

Comment 1 David Walser 2015-04-15 18:20:30 CEST 
Fixed in java-1.8.0-openjdk-1.8.0.45-6.b13.1.mga5.

Status: NEW => RESOLVED
Blocks: 14674 => (none)
Resolution: (none) => FIXED
Whiteboard: MGA5TOO => (none)

David Walser 2015-04-15 18:49:01 CEST

URL: (none) => http://lwn.net/Vulnerabilities/640410/

Comment 2 David Walser 2015-04-16 16:55:44 CEST 
LWN reference for one CVE only affecting java8:
http://lwn.net/Vulnerabilities/640607/