Bug#898976: marked as done (openjdk-7: 2018 Q2 security update)

Debian Bug Tracking System Sun, 10 Jun 2018 01:40:50 -0700

Your message dated Sun, 10 Jun 2018 08:35:58 +0000
with message-id <e1frvpo-000ayz...@fasolo.debian.org>
and subject line Bug#898976: fixed in openjdk-7 7u181-2.6.14-1
has caused the Debian Bug report #898976,
regarding openjdk-7: 2018 Q2 security update
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
898976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898976
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: openjdk-7
Version: 7u171-2.6.13-1
Severity: serious
Tags: security

Hi,

As usual, there are a few security issues from 2018 Q2. There's no update
yet, though it's in progress:

http://mail.openjdk.java.net/pipermail/jdk7u-dev/2018-May/010767.html

We can either backport those changes or wait for the release.

Cheers,
Emilio

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (800, 'unstable'), (700, 'experimental'), (650, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), 
LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

--- End Message ---

--- Begin Message ---

Source: openjdk-7
Source-Version: 7u181-2.6.14-1

We believe that the bug you reported is fixed in the latest version of
openjdk-7, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 898...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emilio Pozuelo Monfort <po...@debian.org> (supplier of updated openjdk-7 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 08 Jun 2018 12:23:38 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib 
openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm 
openjdk-7-jre-zero
Architecture: source
Version: 7u181-2.6.14-1
Distribution: experimental
Urgency: medium
Maintainer: OpenJDK Team <open...@lists.launchpad.net>
Changed-By: Emilio Pozuelo Monfort <po...@debian.org>
Description:
 icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
 openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-7-jdk - OpenJDK Development Kit (JDK)
 openjdk-7-jre - OpenJDK Java runtime, using
 openjdk-7-jre-headless - OpenJDK Java runtime, using  (headless)
 openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
 openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-7-source - OpenJDK Development Kit (JDK) source files
Closes: 898976
Changes:
 openjdk-7 (7u181-2.6.14-1) experimental; urgency=medium
 .
   * IcedTea release 2.6.14 (based on 7u181). Closes: #898976.
   * Security fixes:
     - S8162488: JDK should be updated to use LittleCMS 2.8
     - S8180881: Better packaging of deserialization
     - S8182362: Update CipherOutputStream Usage
     - S8183032: Upgrade to LittleCMS 2.9
     - S8189123: More consistent classloading
     - S8189969, CVE-2018-2790: Manifest better manifest entries
     - S8189977, CVE-2018-2795: Improve permission portability
     - S8189981, CVE-2018-2796: Improve queuing portability
     - S8189985, CVE-2018-2797: Improve tabular data portability
     - S8189989, CVE-2018-2798: Improve container portability
     - S8189993, CVE-2018-2799: Improve document portability
     - S8189997, CVE-2018-2794: Enhance keystore mechanisms
     - S8190478: Improved interface method selection
     - S8190877: Better handling of abstract classes
     - S8191696: Better mouse positioning
     - S8192025, CVE-2018-2814: Less referential references
     - S8192030: Better MTSchema support
     - S8192757, CVE-2018-2815: Improve stub classes implementation
     - S8193409: Improve AES supporting classes
     - S8193414: Improvements in MethodType lookups
     - S8193833, CVE-2018-2800: Better RMI connection support
   * debian/patches/it-patch-updates.diff:
     - Refreshed.
   * debian/patches/hotspot-powerpcspe.diff:
     - Removed, fixed upstream.
Checksums-Sha1:
 b1a6e1406d2d93602459f6af439f1ef6e19ee870 4463 openjdk-7_7u181-2.6.14-1.dsc
 904143d91b379f565f1f9fb0e5f30ef55e7dc5bd 54160454 
openjdk-7_7u181-2.6.14.orig.tar.gz
 91a39c9844c4feb7feb00a45626def6f37605abc 171512 
openjdk-7_7u181-2.6.14-1.debian.tar.xz
 90bead562bba867509d211551533b420e4418558 9396 
openjdk-7_7u181-2.6.14-1_source.buildinfo
Checksums-Sha256:
 26908cf6d126fa550df146c72def9a63600c4a11cf038dbec07718c24b7b60ef 4463 
openjdk-7_7u181-2.6.14-1.dsc
 88a0bc956cfb651fa89a62f5a64bbc7e223b2e57b971bc613654471d3cda4fe5 54160454 
openjdk-7_7u181-2.6.14.orig.tar.gz
 f8012a778a438ce5f7238fdd07be6e176afaa35d418481517f4fbc6eb8a8e103 171512 
openjdk-7_7u181-2.6.14-1.debian.tar.xz
 c3b5c861876fd7aff6f23fd43e82deb888af028a4d248c40270d1fbe3976e65a 9396 
openjdk-7_7u181-2.6.14-1_source.buildinfo
Files:
 4b5b3928be8684cb6e42a3458d27b455 4463 java optional 
openjdk-7_7u181-2.6.14-1.dsc
 41a9ef60b447c57ae85c8bdc9054ec77 54160454 java optional 
openjdk-7_7u181-2.6.14.orig.tar.gz
 69cf5a685f9a77fe238d5a68b0e6b377 171512 java optional 
openjdk-7_7u181-2.6.14-1.debian.tar.xz
 59903e819bf37ea11d885e90ac4d9b7b 9396 java optional 
openjdk-7_7u181-2.6.14-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlsc3N8ACgkQnUbEiOQ2
gwKC/w//QJJNQ0zF8fm2XoEq8rH3FsI92ApNOLtCLLdsx/6lcEE6f7WrxVzfBdig
/USc0WtGHB2UP6CbXnogYZNwpIW0GJXvmGKPtIVPBXGxIfAnSxV5aragXn6JQrCd
jLW2+nmMDxACSVdMfB2HpOihhDskpkV4GsaxC4upcHC2j9vx7b7h8S40BSHyjrBe
OUFndWAEnR5BJsGxyFAGRs7EFFm0RXz5+0w2yM8OvUIfP/GtIcrSF/yaHo53H94A
tFr3Bc/HVsZmjwwzyI4adEqb1cGua+CWPVIKV3twJWIwBz4HKAzntk/BGBvQO9c6
Nev6+3el0oZ4MbxGO0Jomtzc0QNDtucNdl3+YlvsuyTiLGiHrBjE+8IHCf9eca4H
TzHvB9iXCsdj/NevicmSUqjIlDQ8n2rQnw7R+WOmaj1Kh6oTs3eOUBQyYwf28ht/
ZTQ15oGL9/3tLQ4TNhg6weVTLpjRyC+FkQWE0OBsej5U8aOA+qlGQmDFsS3XNd0M
/qQmyOtICOk3EvIF60KjWfae9f6+K4tHzNCyhzFlnMYYuLNkFIQD0SWQkPK+CeLh
acnXuttFYBXuXIzzJZW/8idRMe5OGZeFFNR8gutBYAeaMgjI3UCghIxPlSHShArn
NeuVZKaJRqHGc2HAkT/oQSDwYgd2k8XuITFo4vcMUAxyc/v0rnU=
=E+QA
-----END PGP SIGNATURE-----

--- End Message ---

Bug#898976: marked as done (openjdk-7: 2018 Q2 security update)

Reply via email to