[SECURITY] [DSA 2912-1] openjdk-6 security update

Moritz Muehlenhoff <jmm@xxxxxxxxxx> · Thu, 24 Apr 2014 23:38:02 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2912-1                   security@xxxxxxxxxx
http://www.debian.org/security/                        Moritz Muehlenhoff
April 24, 2014                         http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-6
CVE ID         : CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 
                 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458
                 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-0462
                 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403
                 CVE-2014-2405 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421
                 CVE-2014-2423 CVE-2014-2427

Several vulnerabilities have been discovered in OpenJDK, an 
implementation of the Oracle Java platform, resulting in the execution 
of arbitrary code, breakouts of the Java sandbox, information disclosure
or denial of service.

For the oldstable distribution (squeeze), these problems have been fixed
in version 6b31-1.13.3-1~deb6u1.

For the stable distribution (wheezy), these problems have been fixed in
version 6b31-1.13.3-1~deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 6b31-1.13.3-1.

For the unstable distribution (sid), these problems have been fixed in
version 6b31-1.13.3-1.

We recommend that you upgrade your openjdk-6 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTWYPVAAoJEBDCk7bDfE42OQAP/2yIC+GTa/xwYwToxjZwm2BQ
qWcv1oIDcVe/xNT/GO9EOdHfYIUa16a7Y3Th66iW3e8wVZ2bpZjhzh34VCO32tMo
EfU7EAvLbkIFFF/afK3aw6wnKraWQuERKe49lwulhqr3fJ/4jOlzZhjqmupPGzPW
GH8C1VGvuUoIwtAKaZe4SC5QzoqxoFGW7ISnlnBclWbI5JS0LHWbVpRjfZ8L0CI6
5c3zd4/x5HB7kPRRPLE209Aa28+KJICV7eDcBXpPrZ98WUJG6+y6TgOz6fWVaOha
c5nPo1oL5kWJ19SwDqJHDXN6RWi3cXhoFx4AVnzK25Z+sBxmBicbuou0Bm5+h6Nz
8k/jGgQi/QxujzGiNiRhvQCItad0vf8x9WIlJ4xGrt/cg1YJUrWBnH32+O3iI6E5
rJv9ZjhbdI2JVhIkiQ1zXNiqzebMojSOW0FVFf2/I4JsGfSclR1hHXiG11Mxx80n
BXYoSH/80inyT7LauSzOAPfheg/xkb/rU+rYnZn6k8CZ1kN8MKmwo5BXY6f2OMNt
qMeEmYCw6i3o6SWJxnz6Q9ezovk+9zsaxF5AKb2FPqDon6p9mY/BaIW8JLWUdRK0
Ui8B7YSwhaSDEcNXP+F1SbO4ErgL2hnbgj5S36jxSBUlbBHGli5pDb0ipv/lhFYO
FbWpxTxqGaWYeAJMXxFt
=jtHJ
-----END PGP SIGNATURE-----