| Summary: | <dev-java/ibm-{jre,jdk}-bin-{1.5.0.12_p4,1.6.0.9_p1}: Multiple vulnerabilities including Double.parseDouble Denial-Of-Service (CVE-2010-4476) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Vlastimil Babka (Caster) (RETIRED) <caster> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | java, lma1980 |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://www.ibm.com/developerworks/java/jdk/alerts/cve-2010-4476.html | ||
| Whiteboard: | B? [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 352603, 354213 | ||
| Bug Blocks: | 215614 | ||
|
Description
Vlastimil Babka (Caster) (RETIRED)
2011-03-25 15:05:03 UTC
*** Bug 355729 has been marked as a duplicate of this bug. *** Please stabilize: dev-java/ibm-jdk-bin-1.5.0.12_p4 dev-java/ibm-jre-bin-1.5.0.12_p4 dev-java/ibm-jdk-bin-1.6.0.9_p1 dev-java/ibm-jre-bin-1.6.0.9_p1 distfiles as usual (ssh d.g.o:~caster/tmp) Tested on x86, looks good here. amd64 stable x86 stable, thanks Andreas ppc and ppc64 done Thanks, folks. Added to existing GLSA request. Last vulnerable package dropped on 3 Aug 2011 per [0] 03 Aug 2011; Vlastimil Babka <caster@gentoo.org> + -ibm-jre-bin-1.5.0.12_p3.ebuild, +ibm-jre-bin-1.5.0.12_p5.ebuild, + -ibm-jre-bin-1.6.0.9.ebuild, +ibm-jre-bin-1.6.0.9_p2.ebuild: + Version bump, security bug #377623. [0]: https://gitweb.gentoo.org/data/gentoo-changelogs.git/diff/dev-java/ibm-jre-bin/ChangeLog-2015?id=24fda3d26454a64df85305138f44cae40c7b9678 |