Ubuntu 16.04 LTS USN-2963-1 Critical OpenJDK 8 Security Advisory
May 05, 2016
•
LinuxSecurity Advisories
1 - 2 min read
Several security issues were fixed in OpenJDK 8.
=========================================================================Ubuntu Security Notice USN-2963-1 May 05, 2016 openjdk-8 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenJDK 8. Software Description: - openjdk-8: Open Source Java implementation Details: Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687, CVE-2016-3427) Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695, CVE-2016-3426) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: openjdk-8-jdk 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jdk-headless 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-headless 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-jamvm 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-zero 8u91-b14-0ubuntu4~16.04.1 openjdk-8-source 8u91-b14-0ubuntu4~16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2963-1 CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427 Package Information: https://launchpad.net/ubuntu/+source/openjdk-8/8u91-b14-0ubuntu4~16.04.1
PREVIOUS
NEXT
Ubuntu 16.04 LTS USN-2963-1 Critical OpenJDK 8 Security Advisory
ubuntu
May 5, 2016
Several security issues were fixed in OpenJDK 8.
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: openjdk-8-jdk 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jdk-headless 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-headless 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-jamvm 8u91-b14-0ubuntu4~16.04.1 openjdk-8-jre-zero 8u91-b14-0ubuntu4~16.04.1 openjdk-8-source 8u91-b14-0ubuntu4~16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-2963-1
CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425,
CVE-2016-3426, CVE-2016-3427
Severity
critical
Lowest
Low
Medium
High
Critical
May 05, 2016
Package Information
https://launchpad.net/ubuntu/+source/openjdk-8/8u91-b14-0ubuntu4~16.04.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!