Debian Security Advisory

DLA-451-1 openjdk-7 -- LTS security update

Date Reported:
03 May 2016
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2016-0636, CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427.
More information:

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.

For Debian 7 Wheezy, these problems have been fixed in version 7u101-2.6.6-2~deb7u1.

We recommend that you upgrade your openjdk-7 packages.

Please note that OpenJDK 7 will be made the new default Java implementation on 26 June 2016. For further information please refer to