* OpenJDK security updates
@ 2016-02-06 16:01 Mark H Weaver
2016-02-07 11:25 ` Ricardo Wurmus
0 siblings, 1 reply; 2+ messages in thread
From: Mark H Weaver @ 2016-02-06 16:01 UTC (permalink / raw)
To: guix-devel
Can someone familiar with our Java packages please investigate and apply
any needed security updates?
https://www.debian.org/security/2016/dsa-3465
Mark
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: OpenJDK security updates
2016-02-06 16:01 OpenJDK security updates Mark H Weaver
@ 2016-02-07 11:25 ` Ricardo Wurmus
0 siblings, 0 replies; 2+ messages in thread
From: Ricardo Wurmus @ 2016-02-07 11:25 UTC (permalink / raw)
To: Mark H Weaver; +Cc: guix-devel
Mark H Weaver <mhw@netris.org> writes:
> Can someone familiar with our Java packages please investigate and apply
> any needed security updates?
>
> https://www.debian.org/security/2016/dsa-3465
There hasn’t been any new IcedTea release beyond what we offer in Guix.
According to the release announcements for the two latest IcedTea
releases 1.13.10 and 2.6.4 the vulnerabilities have already been
addressed (and more than those listed in the Debian security advisory).
Here’s the list of the security vulnerabilities listed in the advisory
followed by the version of IcedTea in which they are fixed:
CVE-2015-7575 (2.6.4)
CVE-2016-0402 (1.13.10 and 2.6.4)
CVE-2016-0448 (1.13.10 and 2.6.4)
CVE-2016-0466 (1.13.10 and 2.6.4)
CVE-2016-0483 (1.13.10 and 2.6.4)
CVE-2016-0494 (1.13.10 and 2.6.4)
Only CVE-2015-7575 is not mentioned in the release announcement for
1.13.10. I don’t know if this affects 1.13.10.
~~ Ricardo
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-02-07 11:26 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-02-06 16:01 OpenJDK security updates Mark H Weaver
2016-02-07 11:25 ` Ricardo Wurmus
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.