212425 CVE-2008-0628 2008-03-05 20:27 0000 dev-java/sun-{jdk,jre-bin}|app-emulation/emul-linux-x86-java} security updates (CVE-2008-{0628,0657,1185,1186,1187,1188,1189,1190,1191,1192,1193,1194,1195,1196}) 2009-01-11 19:03:01 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED ?? [glsa] P2 normal --- 165270 215614 1 carlo@gentoo.org security@gentoo.org java@gentoo.org jussaar@mbnet.fi prote@fmi.uni-stuttgart.de carlo@gentoo.org 2008-03-05 20:27:08 0000 On March 4, 2008, Sun will release the following security updates: JDK and JRE 6 Update 5 JDK and JRE 5.0 Update 15 SDK and JRE 1.4.2_17 SDK and JRE 1.3.1_22 The following Sun Alerts corresponding to these updates will be released following the availability of these updates. 233321 233322 233323 233324 233325 233326 233327 source: http://blogs.sun.com/security/ betelgeuse@gentoo.org 2008-03-05 20:35:18 0000 Will need to wait for Sun to release DLJ bundles: https://jdk-distros.dev.java.net/developer.html 22:33 <robogeek> I will check when the DLJ bundles are released, should be shortly caster@gentoo.org 2008-03-05 20:46:16 0000 DLJ is not the case of 1.4 which is already available the only usual fetch restricted way. Adding release just in case, as DJL versions should permit distribution on our media (although I doubt we do that :) caster@gentoo.org 2008-03-05 21:33:49 0000 1.4 added, please stabilize x86: dev-java/sun-{jdk,jre-bin}-1.4.2.17 amd64: app-emulation/emul-linux-x86-java-1.4.2.17 fauli@gentoo.org 2008-03-06 07:56:40 0000 x86 stable jussaar@mbnet.fi 2008-03-13 00:31:10 0000 *** Bug 213127 has been marked as a duplicate of this bug. *** pva@gentoo.org 2008-03-20 21:07:54 0000 app-emulation/emul-linux-x86-java-1.4.2.17 - amd64 stable. Fixed in release snapshot. Vlastimil, we are propagating all security fixes for stable tree to be sure that we are safe. rbu@gentoo.org 2008-03-26 12:30:36 0000 I heard they're out now? caster@gentoo.org 2008-03-26 22:22:41 0000 added, please stabilize x86+amd64: dev-java/sun-{jdk,jre-bin}-{1.5.0.15,1.6.0.05} amd64: app-emulation/emul-linux-x86-java-{1.5.0.15,1.6.0.05} caster@gentoo.org 2008-03-26 22:23:46 0000 Adding back release to propagate fixes when stabled per comment 6 rbu@gentoo.org 2008-03-26 22:30:15 0000 and my other two friends, amd64 and x86. fauli@gentoo.org 2008-03-27 07:55:19 0000 x86 stable maekke@gentoo.org 2008-03-27 19:35:36 0000 amd64 stable (last arch) pva@gentoo.org 2008-03-28 08:16:13 0000 Fixed in release snapshot. rbu@gentoo.org 2008-04-17 23:44:53 0000 GLSA 200804-20, sorry for the long delay.