Debian alert DLA-2128-1 (openjdk-7)
| From: | Emilio Pozuelo Monfort <pochu@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 2128-1] openjdk-7 security update | |
| Date: | Sat, 29 Feb 2020 13:18:39 +0100 | |
| Message-ID: | <9ed0a0b8-6aaa-0080-8977-9105bddd95f8@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : openjdk-7 Version : 7u251-2.6.21-1~deb8u1 CVE ID : CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes. For Debian 8 "Jessie", these problems have been fixed in version 7u251-2.6.21-1~deb8u1. We recommend that you upgrade your openjdk-7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl5aVpwACgkQnUbEiOQ2 gwJGuA//ZoFOpmYlHPb/YxT4vLO0u1yyqREBRyIsEWAVvuCQ8fQtbR14pgCsFCCT fz84w3h78CPNuhF9Opauz8e/cthejk/bThj4SLiCNFICM2QgBQO+oV4dsXghUVc8 c3o1v8a+nw+ElZOSNgcfvXh+3MyE1Gp4TWpmRY6ijm/Oj02myGHGUYHOcvyD1/0Q AsJTL3wb5jj4Vy8D/7D/JCXq6Y/ZCcBrjyPK0KeQNAlKqIvhSnuknS2vhvtURtG3 t5wcjUl4J2wvBO7FNEps0EwGSABmpsfy9D779YHailJiNhmYx4dQ9staorCqElLJ dlDqoXQT0h9jHHGR/St6Y6+NhINW3i1t5EEbes9dtqpyvrd2bJ0Fo/x8wt/XwYaa 7p03L7cr1eob2SSrPtFuhfgRTEFEFSShpY1Hyc65i9JazBw/HhgK1fs4GL35aRgm 5KLFgq8aKgDBavILTxtgw6cNaZGF+WBh1yfr3QN682IlbZ8LbiQB9zTt0Zxjo41Q 1d+y/A8wfQ59+m2/fCQ8Wj+RQrOj/uiWGHeTX9z+UL5pptQsceoAAmM+jyXgAR/e ChMW71Lyc4sgV3TxjGQ4Dar2WuQJ8E0N7CleSSIywgpYsjiR6Fk+aTZP4eF1PUJv FCbFK0e+wowmXixadw21GfNbtyxV7JtLTAYCAVtPOTDl7YtCLR4= =dzOx -----END PGP SIGNATURE-----