Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to
affect confidentiality, integrity, and availability via unknown vectors
related to Hotspot.
Redhat is a bit more helpful in its description at https://access.redhat.com/security/cve/CVE-2015-0437:
A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions.
18.104.22.168 fixes this.
I didn't see anything related to java 7 so I suppose it is not affected.
This was dealt with some time ago. Security team, please close this out.
New GLSA Request filed.
(In reply to Yury German from comment #3)
> New GLSA Request filed.
Well. I still can't see it.
(In reply to Patrice Clement from comment #4)
> (In reply to Yury German from comment #3)
> > New GLSA Request filed.
> Well. I still can't see it.
We filed it, but we did not write it yet, or release it.
This issue was resolved and addressed in
GLSA 201603-11 at https://security.gentoo.org/glsa/201603-11
by GLSA coordinator Kristian Fiskerstrand (K_F).