Bug 5300

Summary: java-1.7.0-openjdk several security issues fixed upstream
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: Normal CC: dmorganec
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: java-1.7.0-openjdk-1.7.0.1-2.0.4.mga2.src.rpm CVE:
Status comment:

Description David Walser 2012-04-09 05:42:03 CEST 
Several CVEs, some of which reportedly are being actively exploited, are fixed in newer versions of IcedTea6/7 (2.0.1 and 2.1) than what we have in Cauldron (2.0).

If the OpenJDK itself has any updates, they should be applied as well.

Upstream announcements:
http://blog.fuseyism.com/index.php/2012/02/15/security-icedtea6-1-8-13-1-9-13-1-10-6-and-icedtea-2-0-1-released/
http://blog.fuseyism.com/index.php/2012/02/15/icedtea-2-1-released-openjdk7-u3-release/

There's some info here too:
https://bugzilla.redhat.com/show_bug.cgi?id=788994
David Walser 2012-04-09 05:42:13 CEST

CC: (none) => dmorganec

David Walser 2012-04-09 05:42:49 CEST

Blocks: (none) => 5046

David Walser 2012-04-11 01:10:18 CEST

Severity: normal => critical

Comment 1 David Walser 2012-04-20 00:23:47 CEST 
Fixed in java-1.7.0-openjdk-1.7.0.3-2.1.1.mga2

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Anne Nicolas 2012-05-05 09:43:30 CEST

Blocks: 5046 => (none)