sun-java6 package from Partner Repo has critical vulnerability
Bug #695774 reported by
johnf
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sun-java6 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
The current version of sun-java6 from the partner repo is 6.22-0ubuntu1~
This package needs to be updated to 6.23, as it is vulnerable to CVE-2010-0840 (and a number of others).
Canonical/Ubuntu released a fix for this CVE for the OpenJDK version on the 7th of April of this year (2010):
CVE References
Revision history for this message
| johnf (johnfzc) wrote | #1 |
| Changed in sun-java6 (Ubuntu): | |
| status: | New → Invalid |
| visibility: | private → public |
To post a comment you must log in.
Ok, apparently 6.23 isn't required, 6.22 addresses the most recent CVE for java, http://