| Errata ID | 186 |
|---|---|
| Date | 2016-06-02 |
| Source package | openjdk-7 |
| Fixed in version | 7u101-2.6.6-2.31.201605041712 |
| Description | Multiple vulnerabilities have been discovered in the implementation of the Java platform. In Univention Corporate Server OpenJDK is used instead of Oracle Java. This erratum updates OpenJDK to the release based on 7u101 which fixes these issues: * Better URL processing (CVE-2016-0402) * Better attributes processing (CVE-2016-0448) * Reinforce JMX collector internals (S8132210) * Better printing dialogues (S8132988) * More general limits (CVE-2016-0466) * JMX memory management improvements (S8137060) * Better font substitutions (S8139012) * More stable image decoding (CVE-2016-0483) * Arrange font actions (CVE-2016-0494) * Cleanup for handling proxies (S8143185) * Update splashscreen displays (CVE-2015-8126, CVE-2015-8472) * Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. (CVE-2015-7575) * Ensure thread consistency (CVE-2016-0686, S8129952) * Better byte behavior (CVE-2016-0687, S8132051) * Make DSA more fair (CVE-2016-0695, S8138593) * Better state table management (S8139008) * Better buffering of XML strings (CVE-2016-3425, S8143167) * Improve JMX connections (CVE-2016-3427, S8144430) * Improve MethodHandle consistency (CVE-2016-0636, S8152335) |
| Additional notes | |
| CVE ID | CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2015-8126 CVE-2015-8472 CVE-2015-7575 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-3425 CVE-2016-3427 CVE-2016-0636 |
| UCS Bug number | #40483 |
