Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 644972 - =dev-java/oracle-jdk-bin-1.8.0.162 =dev-java/oracle-jre-bin-1.8.0.162 =dev-java/java-sdk-docs-1.8.0.162 version bump
Summary: =dev-java/oracle-jdk-bin-1.8.0.162 =dev-java/oracle-jre-bin-1.8.0.162 =dev-ja...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Java team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: CVE-2018-2579, CVE-2018-2581, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2627, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663
  Show dependency tree
 
Reported: 2018-01-18 20:02 UTC by Manuel Ullmann
Modified: 2018-01-21 17:04 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Manuel Ullmann 2018-01-18 20:02:23 UTC 
Bumping slot 1.8 to 1.8.0.162. I’ve prepared a PR.
Tested on ~amd64. Otherwise untested.

Closes: https://github.com/gentoo/gentoo/pull/6886
Comment 1 Mike Limansky 2018-01-19 21:28:36 UTC 
I suppose this should be assigned to security team, because it contains a number of vulnerabilities fixes.

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA
Comment 2 James Le Cuirot gentoo-dev 2018-01-20 09:40:48 UTC 
(In reply to Mike Limansky from comment #1)
> I suppose this should be assigned to security team, because it contains a
> number of vulnerabilities fixes.
Yeah the Java 9 bump was for security fixes too but I didn't realise that till afterwards. I'll probably file a security bug covering both later.
Comment 3 James Le Cuirot gentoo-dev 2018-01-21 16:45:44 UTC 
Merged. I also backported improvements that I made to the Java 9 ebuilds. I'll open a security bug now.