1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
PublicDateAtUSN: 2009-11-09
Candidate: CVE-2009-3884
PublicDate: 2009-11-09
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884
http://www.ubuntu.com/usn/usn-859-1
Description:
The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6
before Update 17, and OpenJDK, allows remote attackers to determine the
existence of local files via vectors related to handling of zoneinfo (aka
tz) files, aka Bug Id 6824265.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_sun-java6:
upstream_sun-java6: released (6.17)
dapper_sun-java6: DNE
hardy_sun-java6: released (6.20dlj-0ubuntu1.8.04)
intrepid_sun-java6: needs-triage (reached end-of-life)
jaunty_sun-java6: released (6.20dlj-0ubuntu1.9.04)
karmic_sun-java6: released (6.20dlj-0ubuntu1.9.10)
lucid_sun-java6: released (6.20dlj-1ubuntu3)
maverick_sun-java6: not-affected
devel_sun-java6: DNE
Patches_sun-java5:
upstream_sun-java5: released (1.5.0-22)
dapper_sun-java5: ignored (reached end-of-life)
hardy_sun-java5: not-affected (1.5.0-22-0ubuntu0.8.04)
intrepid_sun-java5: needs-triage (reached end-of-life)
jaunty_sun-java5: ignored (reached end-of-life)
karmic_sun-java5: DNE
lucid_sun-java5: DNE
maverick_sun-java5: DNE
devel_sun-java5: DNE
Patches_openjdk-6:
upstream_openjdk-6: released (6b17)
dapper_openjdk-6: DNE
hardy_openjdk-6: released (6b18-1.8.2-4ubuntu1~8.04.1)
intrepid_openjdk-6: released (6b12-0ubuntu6.6)
jaunty_openjdk-6: released (6b14-1.4.1-0ubuntu12)
karmic_openjdk-6: released (6b16-1.6.1-3ubuntu1)
lucid_openjdk-6: not-affected (6b17~pre2-0ubuntu3)
maverick_openjdk-6: not-affected (6b17~pre2-0ubuntu3)
devel_openjdk-6: not-affected (6b17~pre2-0ubuntu3)
|