Publishing details

• Published on 2017-02-08
• Copied from ubuntu precise in Security updates by Steve Beattie

Changelog

openjdk-7 (7u121-2.6.8-1ubuntu0.12.04.3) precise-security; urgency=medium

  * Backport to 12.04

openjdk-7 (7u121-2.6.8-1ubuntu0.14.04.3) trusty-security; urgency=medium

  * Security fixes from 8u121:
    - S8167104, CVE-2017-3289: Custom class constructor code can bypass the
      required call to super.init allowing for uninitialized objects to be
      created.
    - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling
      dispose() on a CMenuComponentmultiple times.
    - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various
      extraneous bytes added to them whereas the signature is supposed to be
      unique.
    - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt
      sections to be 2^32-1 bytes long so these should not be uncompressed
      unless the user explicitly requests it.
    - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may
      leak information about k.
    - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to
      deserialize responses from an LDAP server when an LDAP context is
      expected.
    - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how
      users or external applications would interpret them leading to possible
      security issues.
    - S8168705, CVE-2016-5547: A value from an InputStream is read directly
      into the size argument of a new byte[] without validation.
    - S8164147, CVE-2017-3261: An integer overflow exists in
      SocketOutputStream which can lead to memorydisclosure.
    - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will
      dispatch HTTP GET requests where the invoker does not have permission.
    - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when
      long running sessions are allowed.
    - S8165344, CVE-2017-3272: A protected field can be leveraged into type
      confusion.
    - S8156802, CVE-2017-3241: RMI deserialization should limit the types
      deserialized to prevent attacks that could escape the sandbox.

 -- Tiago Stürmer Daitx <email address hidden>  Tue, 07 Feb 2017 17:56:10 +0000

Builds

• amd64
• armel
• armhf
• i386
• powerpc

Built packages

• icedtea-7-jre-cacao Transitional package for obsolete Cacao JVM for OpenJDK

• icedtea-7-jre-jamvm Alternative JVM for OpenJDK, using JamVM

• openjdk-7-dbg Java runtime based on OpenJDK (debugging symbols)

• openjdk-7-demo Java runtime based on OpenJDK (demos and examples)

• openjdk-7-doc OpenJDK Development Kit (JDK) documentation

• openjdk-7-jdk OpenJDK Development Kit (JDK)

• openjdk-7-jre OpenJDK Java runtime, using Hotspot JIT

• openjdk-7-jre-headless OpenJDK Java runtime, using Hotspot JIT (headless)

• openjdk-7-jre-lib OpenJDK Java runtime (architecture independent libraries)

• openjdk-7-jre-zero Alternative JVM for OpenJDK, using Zero/Shark

• openjdk-7-source OpenJDK Development Kit (JDK) source files

Package files

• icedtea-7-jre-cacao_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (36.2 KiB)
• icedtea-7-jre-cacao_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (36.2 KiB)
• icedtea-7-jre-cacao_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (36.2 KiB)
• icedtea-7-jre-cacao_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (36.2 KiB)
• icedtea-7-jre-cacao_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (36.2 KiB)
• icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (551.4 KiB)
• icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (559.1 KiB)
• icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (559.9 KiB)
• icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (572.9 KiB)
• icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (606.1 KiB)
• openjdk-7-dbg_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (157.9 MiB)
• openjdk-7-dbg_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (58.7 MiB)
• openjdk-7-dbg_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (58.7 MiB)
• openjdk-7-dbg_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (217.6 MiB)
• openjdk-7-dbg_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (60.6 MiB)
• openjdk-7-demo_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (2.4 MiB)
• openjdk-7-demo_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (2.3 MiB)
• openjdk-7-demo_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (2.3 MiB)
• openjdk-7-demo_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (2.4 MiB)
• openjdk-7-demo_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (2.3 MiB)
• openjdk-7-doc_7u121-2.6.8-1ubuntu0.12.04.3_all.deb (21.2 MiB)
• openjdk-7-jdk_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (15.8 MiB)
• openjdk-7-jdk_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (13.4 MiB)
• openjdk-7-jdk_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (13.5 MiB)
• openjdk-7-jdk_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (15.8 MiB)
• openjdk-7-jdk_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (13.5 MiB)
• openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (39.3 MiB)
• openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (36.7 MiB)
• openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (36.7 MiB)
• openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (41.4 MiB)
• openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (37.1 MiB)
• openjdk-7-jre-lib_7u121-2.6.8-1ubuntu0.12.04.3_all.deb (41.1 KiB)
• openjdk-7-jre-zero_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (2.0 MiB)
• openjdk-7-jre-zero_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (1.9 MiB)
• openjdk-7-jre_7u121-2.6.8-1ubuntu0.12.04.3_amd64.deb (207.9 KiB)
• openjdk-7-jre_7u121-2.6.8-1ubuntu0.12.04.3_armel.deb (173.5 KiB)
• openjdk-7-jre_7u121-2.6.8-1ubuntu0.12.04.3_armhf.deb (172.9 KiB)
• openjdk-7-jre_7u121-2.6.8-1ubuntu0.12.04.3_i386.deb (207.7 KiB)
• openjdk-7-jre_7u121-2.6.8-1ubuntu0.12.04.3_powerpc.deb (201.5 KiB)
• openjdk-7-source_7u121-2.6.8-1ubuntu0.12.04.3_all.deb (39.7 MiB)
• openjdk-7_7u121-2.6.8-1ubuntu0.12.04.3.debian.tar.xz (206.0 KiB)
• openjdk-7_7u121-2.6.8-1ubuntu0.12.04.3.dsc (4.8 KiB)
• openjdk-7_7u121-2.6.8.orig.tar.gz (51.4 MiB)