[ MDVSA-2014:209 ] java-1.7.0-openjdk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:209
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : java-1.7.0-openjdk
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in
 java-1.7.0-openjdk:
 
 Multiple flaws were discovered in the Libraries, 2D, and Hotspot
 components in OpenJDK. An untrusted Java application or applet
 could use these flaws to bypass certain Java sandbox restrictions
 (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511,
 CVE-2014-6504, CVE-2014-6519).
 
 It was discovered that the StAX XML parser in the JAXP component in
 OpenJDK performed expansion of external parameter entities even when
 exte

007 Software

[ MDVSA-2014:209 ] java-1.7.0-openjdk

Leave a Reply Cancel reply

Software and Security Information