Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 578300

Summary: <dev-java/icedtea{,-bin}-7.2.6.5: unspecified vulnerability (CVE-2016-0636)
Product: Gentoo Security Reporter: James Le Cuirot <chewi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: java
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released
See Also: https://bugs.gentoo.org/show_bug.cgi?id=578788
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description James Le Cuirot gentoo-dev 2016-03-26 14:37:52 UTC
I'm going to bump icedtea and icedtea-bin now. icedtea doesn't get marked stable so the vulnerable versions will be cleared immediately.
Comment 1 James Le Cuirot gentoo-dev 2016-03-27 08:47:40 UTC
Bumped. amd64 and x86 arch teams, please stabilise:
dev-java/icedtea-bin-7.2.6.5
Comment 2 Agostino Sarubbo gentoo-dev 2016-03-27 09:37:54 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2016-03-27 09:38:42 UTC
x86 stable.

Maintainer(s), please cleanup.
Comment 4 James Le Cuirot gentoo-dev 2016-03-27 11:33:47 UTC
Thanks! Old removed. Security team, please continue.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2016-03-28 10:42:27 UTC
CVE-2016-0636 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0636):
  Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows
  remote attackers to affect confidentiality, integrity, and availability via
  unknown vectors related to the Hotspot sub-component.
Comment 6 Aaron Bauman (RETIRED) gentoo-dev 2016-06-25 12:24:08 UTC
GLSA request filed.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2016-06-27 22:43:10 UTC
This issue was resolved and addressed in
 GLSA 201606-18 at https://security.gentoo.org/glsa/201606-18
by GLSA coordinator Aaron Bauman (b-man).