Ubuntu 12.04 LTS USN-2972-1 Critical: OpenJDK 6 Denial of Service
May 10, 2016
•
LinuxSecurity Advisories
1 - 2 min read
Several security issues were fixed in OpenJDK 6.
=========================================================================Ubuntu Security Notice USN-2972-1 May 10, 2016 openjdk-6 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Several security issues were fixed in OpenJDK 6. Software Description: - openjdk-6: Open Source Java implementation Details: Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687, CVE-2016-3427) A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b39-1.13.11-0ubuntu0.12.04.1 icedtea-6-jre-jamvm 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jdk 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-headless 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-lib 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-zero 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-source 6b39-1.13.11-0ubuntu0.12.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2972-1 CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427 Package Information: https://launchpad.net/ubuntu/+source/openjdk-6/6b39-1.13.11-0ubuntu0.12.04.1
PREVIOUS
NEXT
Ubuntu 12.04 LTS USN-2972-1 Critical: OpenJDK 6 Denial of Service
ubuntu
May 10, 2016
Several security issues were fixed in OpenJDK 6.
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b39-1.13.11-0ubuntu0.12.04.1 icedtea-6-jre-jamvm 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jdk 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-headless 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-lib 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-jre-zero 6b39-1.13.11-0ubuntu0.12.04.1 openjdk-6-source 6b39-1.13.11-0ubuntu0.12.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-2972-1
CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425,
CVE-2016-3427
Severity
critical
Lowest
Low
Medium
High
Critical
May 10, 2016
Package Information
https://launchpad.net/ubuntu/+source/openjdk-6/6b39-1.13.11-0ubuntu0.12.04.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!