-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3458-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosur, denial of service and insecure cryptography. For the oldstable distribution (wheezy), these problems have been fixed in version 7u95-2.6.4-1~deb7u1. For the stable distribution (jessie), these problems have been fixed in version 7u95-2.6.4-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 7u95-2.6.4-1. We recommend that you upgrade your openjdk-7 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWqS8DAAoJEBDCk7bDfE422KsQAKmbhTL0mDJIvB8jCQmn7KiV W3crNxl2k4UrOBy7jbVXlpe90M7ofgv5NkORuGsGUDwgmTLzGHVYPTM8zBEqgfQq JsPxzd2y/Hgyo+M7GB5t8nYai5nh4xO+/UNCJvw0VciZezSl4MW5iumv1hFKyKpc /rGtsH1vosVxN55Jj+JRyQ+k3YivFS/qwUCA/S6AkYqXZCnr01BjXz0h4JU+ezZU 06E1HjjleMa0bC8ur/EQnzTVjqka2ut4SCgq1GmeZD6acr12nKxGBFrzejLOhvxR mk+/2pGMvkHOMiCudugGnturCVpiir6BvIKQD6vyF/Ghsg+nfxcaH/0WDtNd78vX qmBwTDOaNrdXShO9LUnHBgwjfAntSh4yAL/Vnj09Lj3wJs3raBwfhreroqum9sSI 0Fh8pfz2Z8CJFC2AMnX8xa7kmBGC8EnqIJZl/gKY8a81+a7psjitS6HcIOTSjfk5 b57RCJjmSbXtkEuYYw+TFQWkKRW23a+mqJV34cuEX7f2EZ82QHIhqBX6QeRuKsIF WYJNsMZNE9GUOVKtxZtjA7cdp9c+sZ1eI4TkyA8Jy8ESVDOtXxwtT8+XGn8DKEwF I2COwuUXjubf+JH125DbrP68vggXPnd/sD4b/w6eE8sycJ4kCQ6ekTpJM57YMJ9O uLJOAby48hYWVDLvK1sm =seG2 -----END PGP SIGNATURE-----