[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1886-2] openjdk-7 regression update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : openjdk-7
Version        : 7u231-2.6.19-1~deb8u2
Debian Bug     : 935082 750400

The latest security update of openjdk-7 caused a regression when
applications relied on elliptic curve algorithms to establish SSL
connections. Several duplicate classes were removed from rt.jar by the
upstream developers of OpenJDK because they were also present in
sunec.jar. However Debian never shipped the SunEC security provider in
OpenJDK 7.

The issue was resolved by building sunec.jar and its corresponding
native library libsunec.so from source. In order to build these
libraries from source, an update of nss to version 2:3.26-1+debu8u6 is
required.

Updates for the amd64 architecture are already available, new packages
for i386, armel and armhf will be available within the next 24 hours.

For Debian 8 "Jessie", this problem has been fixed in version
7u231-2.6.19-1~deb8u2.

We recommend that you upgrade your openjdk-7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1fEMlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSd8A//UdO5lVUTRNtqnMJmwdhNGeKHxOwgZb4ntXM4lM0Su+BCNvO2mceN/vl5
XfK2Y4xfjfUXxWswHCobWImuA84YEW9d1xGIwsFtN8NqPSqnPwlnXN0XBij0hvEy
IkLNwgOj4j71gBnVGZlYZrVgx3MqHVDTYF9rqUPEsLt627JIe9l6tkq3Juf+FgcE
Gl1uG14D2/A/MR6+HvhoLT8RkGb+7mru32x/w9RpkdltbguoH7xXH4mUo4q3QFqN
z/fz1/JxFz8+Udrls3yd6e7bN8WH81MLnLOmLz7ZlD/mnIRXcS6aaHHR4UbS5gGE
JB/9ame93ApViIMuCHf4QU1V4TIJFeSMrVRfXwwcyz1j4j8606/3rM3Ex3JVERli
ammtleXBdvfmjNtNRvNYu+M2NboworzJBbf6mo3o6P9p2bLmjMMK6yMl1I4SroXz
5zHsh8xPik9x+orm36lrfYuaOL3TNL82JIEe2Wd0pWGhXM8BSemCoqZ+2wC8/ZoM
uzlTLWHIPE20YOYSCx02tCruZ7K0eJ0CbQYjPYsUM9D4Nb5RKVjg2ImfdaaOlAOR
K4DTKhoU3CdWMeZQrIw22Y8kH+dmvYSYhwYYz4pFvDl0o6GUciIzCcclW87sdqq7
IIX0AwA+hJm5ubBCKDFp4xNGptYQjnfhz+T/BqeBpIAQlAyaDGA=
=xQVq
-----END PGP SIGNATURE-----


Reply to: