Summary: | <dev-java/icedtea{,-bin}-{6.1.13.8,7.2.5.6}: Multiple vulnerabilities (CVE-2015-{2808,2625,4760,2601,4748,4749,2613,2621,4000,2628,4731,2590,4732,4733,2632,4000}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | James Le Cuirot <chewi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
James Le Cuirot
2015-09-03 15:18:24 UTC
So, if I understand well: AMD64/X86: =dev-java/icedtea-bin-6.1.13.8 =dev-java/icedtea-bin-7.2.6.1 PPC: =dev-java/icedtea-bin-6.1.13.8 =dev-java/icedtea-bin-7.2.5.6 Please confirm. (In reply to Agostino Sarubbo from comment #1) > So, if I understand well: > ... > Please confirm. Yes. amd64 stable x86 stable Please hold off on ppc for a second, we've just realised why CACAO has been causing memory problems, it has a fixed 128MB heap. :| (In reply to James Le Cuirot from comment #5) > Please hold off on ppc for a second, we've just realised why CACAO has been > causing memory problems, it has a fixed 128MB heap. :| Okay, I have now pushed a fix for that as -r1. ppc team, please stabilise: dev-java/icedtea-bin-6.1.13.8-r1 dev-java/icedtea-bin-7.2.5.6-r1 6.1.13.8-r1 went straight to stable for amd64 and x86 as only the core ppc tarball changed. ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Thanks. Vulnerable versions now removed. Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201603-14 at https://security.gentoo.org/glsa/201603-14 by GLSA coordinator Kristian Fiskerstrand (K_F). |