openjdk 6 needs updated to protect against remotely exploitable attacks
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openjdk-6 (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Currently openjdk on ubuntu is at 20 or 23 depending on the ubuntu release. Openjdk release of 29 includes security fixes on top of 26. Of those 20 security fixes 19 are remotely exploitable without authentication:
http://
"This Critical Patch Update contains 20 new security fixes for Oracle Java SE. 19 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. "
That is just for release 29 every even release before 29 all the way to 20 contains security fixes.
Ubuntu should upgrade openjdk versions on all support ubuntu releases to plug security vulnerabilities existing in openjdk releases 20 and 23.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: openjdk-
ProcVersionSign
Uname: Linux 2.6.38-11-generic x86_64
Architecture: amd64
Date: Mon Oct 24 20:49:23 2011
ExecutablePath: /usr/lib/
ProcEnviron:
SHELL=/bin/bash
PATH=(custom, user)
LANG=en_US.UTF-8
LANGUAGE=en_US:en
SourcePackage: openjdk-6
UpgradeStatus: Upgraded to natty on 2011-05-17 (160 days ago)