Hi Andrew, The Oracle JDK 7u9 announcement in October 2012 had some CVE IDs that are not listed in your OpenJDK accouncements or in RHSA-2012:1386-2.
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020595.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020571.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html#AppendixJAVA CVE-2012-1531 - 2D CVE-2012-1532 - Deployment CVE-2012-1533 - Deployment CVE-2012-3143 - JMX CVE-2012-3159 - Deployment CVE-2012-5067 - Deployment CVE-2012-5083 - 2D Is it safe to say that's because these issues did not affect OpenJDK? Thank you very much for your help, Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
