15703 – java-1.8.0-openjdk new security issues

Bug 15703 - java-1.8.0-openjdk new security issues

Summary: java-1.8.0-openjdk new security issues

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/640410/
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-04-15 15:11 CEST by David Walser
Modified:	2015-04-16 16:55 CEST (History)
CC List:	0 users

See Also:
Source RPM:	java-1.8.0-openjdk-1.8.0.40-5.b25.1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-04-15 15:11:33 CEST

RedHat has issued an advisory on April 14:
https://rhn.redhat.com/errata/RHSA-2015-0809.html

This corresponds to the latest Oracle Critical Patch Update:
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

Updated checked into Cauldron SVN.  Freeze push requested.

Reproducible: 

Steps to Reproduce:

David Walser 2015-04-15 15:12:01 CEST

Blocks: (none) => 14674
Whiteboard: (none) => MGA5TOO

Comment 1 David Walser 2015-04-15 18:20:30 CEST

Fixed in java-1.8.0-openjdk-1.8.0.45-6.b13.1.mga5.

Status: NEW => RESOLVED
Blocks: 14674 => (none)
Resolution: (none) => FIXED
Whiteboard: MGA5TOO => (none)

David Walser 2015-04-15 18:49:01 CEST

URL: (none) => http://lwn.net/Vulnerabilities/640410/

Comment 2 David Walser 2015-04-16 16:55:44 CEST

LWN reference for one CVE only affecting java8:
http://lwn.net/Vulnerabilities/640607/

Note You need to log in before you can comment on or make changes to this bug.