Gentoo Full Text Bug Listing

Bug 212425 - dev-java/sun-{jdk,jre-bin}|app-emulation/emul-linux-x86-java} security updates (CVE-2008-{0628,0657,1185,1186,1187,1188,1189,1190,1191,1192,1193,1194,1195,1196})

Description:

Opened: 2008-03-05 20:27 0000

On March 4, 2008, Sun will release the following security updates: 

JDK and JRE 6 Update 5
JDK and JRE 5.0 Update 15
SDK and JRE 1.4.2_17
SDK and JRE 1.3.1_22

The following Sun Alerts corresponding to these updates will be released
following the availability of these updates. 

233321
233322
233323
233324
233325
233326
233327


source: http://blogs.sun.com/security/

------- Comment #1 From Petteri Räty 2008-03-05 20:35:18 0000 -------

Will need to wait for Sun to release DLJ bundles:
https://jdk-distros.dev.java.net/developer.html
22:33 <robogeek> I will check when the DLJ bundles are released, should be
shortly

------- Comment #2 From Vlastimil Babka (Caster) 2008-03-05 20:46:16 0000 -------

DLJ is not the case of 1.4 which is already available the only usual fetch
restricted way.
Adding release just in case, as DJL versions should permit distribution on our
media (although I doubt we do that :)

------- Comment #3 From Vlastimil Babka (Caster) 2008-03-05 21:33:49 0000 -------

1.4 added, please stabilize

x86: dev-java/sun-{jdk,jre-bin}-1.4.2.17
amd64: app-emulation/emul-linux-x86-java-1.4.2.17

------- Comment #4 From Christian Faulhammer 2008-03-06 07:56:40 0000 -------

x86 stable

------- Comment #5 From Jussi Saarinen 2008-03-13 00:31:10 0000 -------

*** Bug 213127 has been marked as a duplicate of this bug. ***

------- Comment #6 From Peter Volkov 2008-03-20 21:07:54 0000 -------

app-emulation/emul-linux-x86-java-1.4.2.17 - amd64 stable.

Fixed in release snapshot.

Vlastimil, we are propagating all security fixes for stable tree to be sure
that we are safe.

------- Comment #7 From Robert Buchholz 2008-03-26 12:30:36 0000 -------

I heard they're out now?

------- Comment #8 From Vlastimil Babka (Caster) 2008-03-26 22:22:41 0000 -------

added, please stabilize

x86+amd64: dev-java/sun-{jdk,jre-bin}-{1.5.0.15,1.6.0.05}
amd64: app-emulation/emul-linux-x86-java-{1.5.0.15,1.6.0.05}

------- Comment #9 From Vlastimil Babka (Caster) 2008-03-26 22:23:46 0000 -------

Adding back release to propagate fixes when stabled per comment 6

------- Comment #10 From Robert Buchholz 2008-03-26 22:30:15 0000 -------

and my other two friends, amd64 and x86.

------- Comment #11 From Christian Faulhammer 2008-03-27 07:55:19 0000 -------

x86 stable

------- Comment #12 From Markus Meier 2008-03-27 19:35:36 0000 -------

amd64 stable (last arch)

------- Comment #13 From Peter Volkov 2008-03-28 08:16:13 0000 -------

Fixed in release snapshot.

------- Comment #14 From Robert Buchholz 2008-04-17 23:44:53 0000 -------

GLSA 200804-20, sorry for the long delay.

Bug#: 212425 (CVE-2008-0628)	Product: Gentoo Security	Version: unspecified	Platform: All
OS/Version: Linux	Status: RESOLVED	Severity: normal	Priority: P2
Resolution: FIXED	Assigned To: security@gentoo.org	Reported By: carlo@gentoo.org
Component: Vulnerabilities
URL:
Summary: dev-java/sun-{jdk,jre-bin}\|app-emulation/emul-linux-x86-java} security updates (CVE-2008-{0628,0657,1185,1186,1187,1188,1189,1190,1191,1192,1193,1194,1195,1196})
Keywords:
Status Whiteboard: ?? [glsa]
Opened: 2008-03-05 20:27 0000