RedHat has issued an advisory today (January 21): https://rhn.redhat.com/errata/RHSA-2015-0069.html Our Cauldron package is synced with Fedora Rawhide (currently synced in SVN as of January 9), which has not yet been updated for these security issues. This corresponds to the latest Oracle Critical Patch Update: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Reproducible: Steps to Reproduce:
Blocks: (none) => 14674
Fixed in java-1.8.0-openjdk-1.8.0.40-5.b25.1.mga5.
Status: NEW => RESOLVEDResolution: (none) => FIXED
Blocks: 14674 => (none)