1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
PublicDateAtUSN: 2013-02-01
Candidate: CVE-2013-0445
PublicDate: 2013-02-01
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-February/021708.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-February/021728.html
http://www.ubuntu.com/usn/usn-1724-1
Description:
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through
Update 38, and OpenJDK 6 and 7, allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to AWT.
NOTE: the previous information is from the February 2013 CPU. Oracle has
not commented on claims from another vendor that this issue is related to
an improper check of "privileges of the code" that bypasses the sandbox.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: doko
Patches_sun-java6:
upstream_sun-java6: needs-triage
hardy_sun-java6: ignored (upstream version is not redistributable)
lucid_sun-java6: DNE (removed from archive)
oneiric_sun-java6: DNE
precise_sun-java6: DNE
quantal_sun-java6: DNE
devel_sun-java6: DNE
Patches_sun-java5:
upstream_sun-java5: ignored (end of life)
hardy_sun-java5: ignored (upstream sun-java5 is EoL)
lucid_sun-java5: DNE
oneiric_sun-java5: DNE
precise_sun-java5: DNE
quantal_sun-java5: DNE
devel_sun-java5: DNE
Patches_openjdk-6:
upstream_openjdk-6: pending (6b24-1.11.6, 6b27-1.12.1)
hardy_openjdk-6: released (6b27-1.12.3-0ubuntu1~08.04.1)
lucid_openjdk-6: released (6b27-1.12.1-2ubuntu0.10.04.2)
oneiric_openjdk-6: released (6b27-1.12.1-2ubuntu0.11.10.2)
precise_openjdk-6: released (6b27-1.12.1-2ubuntu0.12.04.2)
quantal_openjdk-6: released (6b27-1.12.1-2ubuntu0.12.10.2)
devel_openjdk-6: released (6b27-1.12.1-2ubuntu2)
Patches_openjdk-6b18:
upstream_openjdk-6b18: needs-triage
hardy_openjdk-6b18: DNE
lucid_openjdk-6b18: ignored (reached end-of-life)
oneiric_openjdk-6b18: ignored (superseded by openjdk-6)
precise_openjdk-6b18: DNE
quantal_openjdk-6b18: DNE
devel_openjdk-6b18: DNE
upstream_openjdk-7: pending (7u9-2.3.5)
hardy_openjdk-7: DNE
lucid_openjdk-7: DNE
oneiric_openjdk-7: released (7u13-2.3.6-0ubuntu0.11.10.2)
precise_openjdk-7: released (7u13-2.3.6-0ubuntu0.12.04.1)
quantal_openjdk-7: released (7u13-2.3.6-0ubuntu0.12.10.1)
devel_openjdk-7: released (7u13-2.3.6-1ubuntu1)
|