Debian Security Advisory
DSA-4166-1 openjdk-7 -- security update
- Date Reported:
- 04 Apr 2018
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678.
- More information:
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions.
For the oldstable distribution (jessie), these problems have been fixed in version 7u171-2.6.13-1~deb8u1.
We recommend that you upgrade your openjdk-7 packages.
For the detailed security status of openjdk-7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-7