[ubuntu/bionic-security] openjdk-lts 10.0.2+13-1ubuntu0.18.04.3 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Oct 30 18:27:59 UTC 2018

openjdk-lts (10.0.2+13-1ubuntu0.18.04.3) bionic-security; urgency=medium

  * Security update. Backport security patches from 11.0.1-b12.
    - CVE-2018-3136, S8194534: Manifest better support.
    - CVE-2018-3139, S8196902: Better HTTP Redirection.
    - CVE-2018-3150, S8199171, S8199172: Improve jar attribute checks.
    - CVE-2018-3149, S8199177: Enhance JNDI lookups.
    - CVE-2018-3169, S8199226: Improve field accesses.
    - CVE-2018-3180, S8202613: Improve TLS connections stability.
    - CVE-2018-3183, S8202936: Improve script engine support.
    - S8195868, S8199110: Address Internet Addresses.
    - S8195874: Improve jar specification adherence.
    - S8201756: Improve cipher inputs.
    - S8203654: Improve cypher state updates.
    - S8204497: Better formatting of decimals.
  * debian/patches/jdk-freetypeScaler-crash.diff: removed as this patch causes
    a memory leak - upstream fixed it in openjdk-7, albeit in a different way.
  * debian/rules: fix TIME definition.

Date: 2018-10-22 18:09:12.502382+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list