Summary: | <dev-java/oracle-{jdk,jre}-bin-1.8.0.51: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Bernd Pachur <gentoo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | CC: | 40cb58f5, java, limanski |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.oracle.com/security/entry/april_2015_critical_patch_update | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Bernd Pachur
2015-07-27 11:43:39 UTC
Looks like a duplicate of bug 554886. Thanks for the duplicate. Next time, don't search based on the version that fixes the vulnerability. You're supposed to put the version *with* the vulnerability in the title. *** This bug has been marked as a duplicate of bug 554886 *** Jep! You are right! Sorry, have not found that when searching! (In reply to James Le Cuirot from comment #2) > Thanks for the duplicate. Next time, don't search based on the version that > fixes the vulnerability. You're supposed to put the version *with* the > vulnerability in the title. > > *** This bug has been marked as a duplicate of bug 554886 *** It's a bit weird. I mean it's a common practice for security team to submit bugs with a *range* of broken versions like >x and <=y or, just <y if all previous versions are affected and the fix is already available. Like here: https://bugs.gentoo.org/buglist.cgi?component=Vulnerabilities&list_id=2857648&query_format=advanced&resolution=--- (In reply to Mike Limansky from comment #4) > It's a bit weird. I mean it's a common practice for security team to submit > bugs with a *range* of broken versions like >x and <=y or, just <y if all > previous versions are affected and the fix is already available. Fair enough. I realised after posting that what I said was probably inaccurate and I missed the < on the title of this one. Apologies for my dupe rage. |