| Errata ID | 359 |
|---|---|
| Date | 2015-08-21 |
| Source package | openjdk-6 |
| Fixed in version | 6b35-1.13.7-1.77.201508171914 |
| Description | Multiple vulnerabilities have been discovered in the implementation of the Java platform. In Univention Corporate Server OpenJDK is used instead of Oracle Java. This erratum updates OpenJDK to the release based on the Oracle update 6u91 which fixes these issues: * Incorrect handling of phantom references (CVE-2015-0460) * Layout engine glyphStorage off-by-one (CVE-2015-0469) * Incorrect permissions check in resource loading (CVE-2015-0477) * RSA implementation hardening (CVE-2015-0478) * Jar directory traversal issues (CVE-2015-0480) * Certificate options parsing uncaught exception (CVE-2015-0488) |
| Additional notes | |
| CVE ID | CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 |
| UCS Bug number | #38303 |
