1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
PublicDateAtUSN: 2014-04-15
Candidate: CVE-2014-2403
PublicDate: 2014-04-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2403
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.ubuntu.com/usn/usn-2187-1
http://www.ubuntu.com/usn/usn-2191-1
Description:
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE
Embedded 7u51, allows remote attackers to affect confidentiality via
vectors related to JAXP.
Ubuntu-Description:
Notes:
mdeslaur> in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand> sun-java6 is not redistributable, no longer in the archive and
no longer tracked
jdstrand> sun-java5 is EOL upstream and no longer tracked
Bugs:
Priority: medium
Discovered-by:
Assigned-to: jdstrand
Patches_openjdk-6:
upstream_openjdk-6: released (6b31-1.13.3-1)
lucid_openjdk-6: released (6b31-1.13.3-1ubuntu1~0.10.04.1)
precise_openjdk-6: released (6b31-1.13.3-1ubuntu1~0.12.04.2)
quantal_openjdk-6: released (6b31-1.13.3-1ubuntu1~0.12.10.1)
saucy_openjdk-6: released (6b31-1.13.3-1ubuntu1~0.13.10.1)
trusty_openjdk-6: not-affected (6b31-1.13.3-1ubuntu1)
devel_openjdk-6: not-affected (6b31-1.13.3-1ubuntu1)
Patches_openjdk-7:
upstream_openjdk-7: released (7u55-2.4.7-1)
lucid_openjdk-7: DNE
precise_openjdk-7: released (7u55-2.4.7-1ubuntu1~0.12.04.2)
quantal_openjdk-7: released (7u55-2.4.7-1ubuntu1~0.12.10.1)
saucy_openjdk-7: released (7u55-2.4.7-1ubuntu1~0.13.10.1)
trusty_openjdk-7: released (7u55-2.4.7-1ubuntu1)
devel_openjdk-7: released (7u55-2.4.7-1ubuntu1)
Patches_openjdk-6b18:
upstream_openjdk-6b18: needs-triage
lucid_openjdk-6b18: ignored (reached end-of-life)
precise_openjdk-6b18: DNE
quantal_openjdk-6b18: DNE
saucy_openjdk-6b18: DNE
trusty_openjdk-6b18: DNE
devel_openjdk-6b18: DNE
|