Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3144-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
http://www.debian.org/security/                        Moritz Muehlenhoff
January 29, 2015                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-7
CVE ID         : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 
                 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395
                 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, information disclosure or denial of service.

For the stable distribution (wheezy), these problems have been fixed in
version 7u75-2.5.4-1~deb7u1.

For the upcoming stable distribution (jessie), these problems will be
fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 7u75-2.5.4-1.

We recommend that you upgrade your openjdk-7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.