Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 312297 - <dev-java/icedtea6-bin-1.7.2: Multiple Vulnerabilities (CVE-2009-3555, CVE-2010-{0082,0084,0085,0088,0091,0092,0093,0094,0095,0837,0838,0840,0845,0847,0848})
Summary: <dev-java/icedtea6-bin-1.7.2: Multiple Vulnerabilities (CVE-2009-3555, CVE-20...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
: 307973 312387 (view as bug list)
Depends on: 306579
Blocks: 330205
  Show dependency tree
Reported: 2010-03-30 21:20 UTC by Vlastimil Babka (Caster) (RETIRED)
Modified: 2014-06-29 15:28 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-03-30 21:20:54 UTC
Usually vulnerabilities from sun-jdk apply to icedtea as well, and vulnerabilities in sun-jdk were just disclosed (see $URL).
Upstream promised a new 1.7.2 release soon with the patches.
Comment 1 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-03-31 12:03:14 UTC
Upstream released, icedtea bumped, building icedtea6-bin. The list of fixed CVE's is in $URL.
Comment 2 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-03-31 15:00:04 UTC
*** Bug 312387 has been marked as a duplicate of this bug. ***
Comment 3 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-04-01 14:00:08 UTC
Arches, please test and mark stable:
Target keywords : "amd64 x86"

dev-java/icedtea is still in ~arch, no stabling here
Comment 4 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-04-01 14:00:38 UTC
*** Bug 307973 has been marked as a duplicate of this bug. ***
Comment 5 Andreas Schürch gentoo-dev 2010-04-02 15:33:56 UTC
Tested on x86, looks good.
Comment 6 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-04-05 14:10:54 UTC
x86 stable, thanks Andreas
Comment 7 Markus Meier gentoo-dev 2010-04-15 21:00:57 UTC
amd64 stable, all arches done.
Comment 8 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-07-31 07:52:28 UTC
glsa? probably merge with bug 330205 ?
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2010-11-18 20:43:52 UTC
GLSA with 340819 (at least).
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2014-06-29 15:28:17 UTC
This issue was resolved and addressed in
 GLSA 201406-32 at
by GLSA coordinator Mikle Kolyada (Zlogene).