Summary: | <dev-java/icedtea{,-bin}-{7.2.6.7,3.1.0}: Multiple vulnerabilties (CVE-2016-{3458,3485,3500,3508,3550,3587,3598,3606,3610}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | James Le Cuirot <chewi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://blog.fuseyism.com/index.php/2016/07/27/security-icedtea-3-1-0-for-openjdk-8-released | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
James Le Cuirot
2016-08-05 20:27:51 UTC
amd64 stable Stable for PPC64. x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Old removed. Security team, please continue. CVE-2016-3610 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3610): Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598. CVE-2016-3606 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3606): Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. CVE-2016-3598 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3598): Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. CVE-2016-3587 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3587): Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. CVE-2016-3550 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3550): Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot. CVE-2016-3508 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3508): Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. CVE-2016-3500 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3500): Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508. CVE-2016-3485 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3485): Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking. CVE-2016-3458 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3458): Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. This issue was resolved and addressed in GLSA 201701-43 at https://security.gentoo.org/glsa/201701-43 by GLSA coordinator Thomas Deutschmann (whissi). |