[ MDVSA-2015:033 ] java-1.7.0-openjdk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:033
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : java-1.7.0-openjdk
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated java-1.7.0 packages fix security vulnerabilities:
 
 A flaw was found in the way the Hotspot component in OpenJDK verified
 bytecode from the class files. An untrusted Java application or applet
 could possibly use this flaw to bypass Java sandbox restrictions
 (CVE-2014-6601).
 
 Multiple improper permission check issues were discovered in the
 JAX-WS, and RMI components in OpenJDK. An untrusted Java application
 or applet could use these flaws to bypass Java sandbox restrictions
 (CVE-2015-0412, CVE-2015-04

007 Software

[ MDVSA-2015:033 ] java-1.7.0-openjdk

Leave a Reply Cancel reply

Software and Security Information