1
PublicDateAtUSN: 2013-06-18
2
Candidate: CVE-2013-2448
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2448
6
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
7
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
8
http://blog.fuseyism.com/index.php/2013/06/19/imminent-icedtea-web-breakage/
9
https://usn.ubuntu.com/usn/usn-1907-1
10
https://usn.ubuntu.com/usn/usn-1908-1
12
Unspecified vulnerability in the Java Runtime Environment (JRE) component
13
in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0
14
Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect
15
confidentiality, integrity, and availability via unknown vectors related to
16
Sound. NOTE: the previous information is from the June 2013 CPU. Oracle
17
has not commented on claims from another vendor that this issue allows
18
remote attackers to bypass the Java sandbox via vectors related to
19
insufficient "access restrictions" and "robustness of sound classes."
22
mdeslaur> in lucid+, NetX and the plugin moved to the icedtea-web package
23
jdstrand> sun-java6 is not redistributable, no longer in the archive and
25
jdstrand> sun-java5 is EOL upstream and no longer tracked
26
jdstrand> as of 2013-06-19, upstream IcedTea updates are not available
27
jdstrand> updates break the icedtea-web plugin and it will need this fix:
28
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-June/023745.html
35
upstream_openjdk-6: pending (6b27-1.12.6)
36
lucid_openjdk-6: released (6b27-1.12.6-1ubuntu0.10.04.1)
37
precise_openjdk-6: released (6b27-1.12.6-1ubuntu0.12.04.1)
38
quantal_openjdk-6: released (6b27-1.12.6-1ubuntu0.12.10.2)
39
raring_openjdk-6: released (6b27-1.12.6-1ubuntu0.13.04.2)
40
devel_openjdk-6: not-affected (6b27-1.12.6-1ubuntu1)
43
upstream_openjdk-7: pending (2.3.10)
45
precise_openjdk-7: released (7u25-2.3.10-1ubuntu0.12.04.2)
46
quantal_openjdk-7: released (7u25-2.3.10-1ubuntu0.12.10.2)
47
raring_openjdk-7: released (7u25-2.3.10-1ubuntu0.13.04.2)
48
devel_openjdk-7: not-affected (7u25-2.3.10-2ubuntu1)
51
upstream_openjdk-6b18: needs-triage
52
lucid_openjdk-6b18: ignored (reached end-of-life)
53
precise_openjdk-6b18: DNE
54
quantal_openjdk-6b18: DNE
55
raring_openjdk-6b18: DNE
56
devel_openjdk-6b18: DNE