Univention Corporate Server 3.2 erratum 378 (security)

Multiple vulnerabilities have been discovered in the implementation
of the Java platform. In Univention Corporate Server OpenJDK is
used instead of Oracle Java. This erratum updates OpenJDK to the
release based on the Oracle update 6u95 which fixes these issues:
* deserialization issue in ObjectInputStream.readSerialData() (CVE-2015-2590)
* non-constant time comparisons in crypto code (CVE-2015-2601)
* NSS/JCE: missing EC parameter validation in ECDH_Derive() (CVE-2015-2613)
* unspecified vulnerability in the 2D component (CVE-2015-2619)
* incorrect code permission checks in RMIConnectionImpl (CVE-2015-2621)
* name for reverse DNS lookup used in certificate identity check
  (CVE-2015-2625)
* IIOPInputStream type confusion vulnerability (CVE-2015-2628)
* ICU: integer overflow in LETableReference verifyLength() (CVE-2015-2632)
* unspecified vulnerability in the 2D component (CVE-2015-2637)
* unspecified vulnerability in the 2D component (CVE-2015-2638)
* SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
  (CVE-2015-2808)
* LOGJAM: TLS connections which support export grade DHE key-exchange are
  vulnerable to MITM attacks (CVE-2015-4000)
* improper permission checks in MBeanServerInvocationHandler (CVE-2015-4731)
* insufficient context checks during object deserialization (CVE-2015-4732)
* RemoteObjectInvocationHandler allows calling finalize() (CVE-2015-4733)
* incorrect OCSP nextUpdate checking (CVE-2015-4748)
* DnsClient fails to release request information after error (CVE-2015-4749)
* ICU: missing boundary checks in layout engine (CVE-2015-4760)