Summary: | {dev-java/{sun-jdk,sun-jre-bin}|app-emulation/emul-linux-x86-java} - multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Carsten Lohrke (RETIRED) <carlo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | andrei.ivanov, java |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 165270, 215614 |
Description
Carsten Lohrke (RETIRED)
2007-07-14 01:14:17 UTC
(In reply to comment #0) > http://research.eeye.com/html/advisories/published/AD20070705.html > http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 > http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 > > > Affected are <=1.4.14 <=1.5.11 and <=1.6.1. > Seems only the last one affects all versions and arches but that should be enough. Arches please mark stable: x86: dev-java/sun-jdk-1.5.0.12 dev-java/sun-jre-bin-1.5.0.12 dev-java/sun-jre-bin-1.6.0.02 amd64: dev-java/sun-jdk-1.5.0.12 dev-java/sun-jre-bin-1.5.0.12 dev-java/sun-jre-bin-1.6.0.02 app-emulation/emul-linux-x86-java-1.5.0.12 app-emulation/emul-linux-x86-java-1.6.0.02 We should also bump app-emulation/emul-linux-x86-java to the latest sun-jre-bin version. forgot arches :) Renaming because bugzilla search doesn't do bash globbing :) x86 stable amd: ping, I see you stabled some java packages today so you're not dead, and this is more important IMHO :) security: might want to fill the whiteboard? (In reply to comment #5) > security: might want to fill the whiteboard? indeed :) Marked stable on amd64: dev-java/sun-jdk-1.5.0.12 dev-java/sun-jre-bin-1.5.0.12 dev-java/sun-jre-bin-1.6.0.02 app-emulation/emul-linux-x86-java-1.5.0.12 app-emulation/emul-linux-x86-java-1.6.0.02 is there anything left to do for amd64? GLSA? This bug does not affect 2008.0, removing release@ from CC. GLSA 200804-20, sorry for the long delay. |