-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4225-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff June 10, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation. For the oldstable distribution (jessie), these problems have been fixed in version 7u181-2.6.14-1~deb8u1. We recommend that you upgrade your openjdk-7 packages. For the detailed security status of openjdk-7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-7 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlsdfmgACgkQEMKTtsN8 TjYPiRAAjZTDeS/p8tHJ8oqI5pBBtl0PkrxJuVcIFa5gjs0S0iyKhNFfNwbgpJVr f8l6WO76sh8X4IMn1NyiZnMZZL6+KoZQD6oBsCgkJSnjOmwxk5Gx/bZVBulIyjm2 3zAdSmF1MlRvEYExHl0UX3obm53zCsv/7UD3Zp4jjMgCl1yfrfI7NLWX/aLl4Grh nifTwsRQBCW9o8sjo1daNoIrofAAqrscRaRRmqgrKSYPyPjtilh3dkcFSEg5aOyd IAXsLWceMluQxJ5aca6MunV9uQGxdiyR2En4b1Oiao8VCkHm0y3ASUV1k4EfxV3S nA+4ztR//niiGCwqU4oLo735qjLN1IcuG6vJ3ow/RGPegpzK197AoLEurbVyhIHi 8LBjh5TlgrDJl80jlTpVcohULl07DO+4GFXSorql6bCijZ0pwD885qtpi2YFT9AK 4PxPy9OHHcHxXDXDZwC3v4/Jig2KJm4xyHeRPxFJkhuF1efDU5reQ06ZEeMUXBSw ZMmihZoc6WKpAoTLjTysx+yAWyMIi5TwxHIyWgoBfZGUb5ZI6wXbJBBoRLxiodD6 bL5gncS86hyH4fFqkB9octEWji7IF8xPOfJ74q99EBPcJu9yR779Uf3ceWVYCkhY Pk5XlUPLSaFNRT8V2zUoWRhQa3DRN6SXv2KeAULthJ47G8T5r/k= =vlxO -----END PGP SIGNATURE-----