[Bug 187570] Re: Sun Java 6 package should be updated to 6u4
Luke Scalfati
luke771 at gmail.com
Tue Aug 11 01:09:21 UTC 2009
It's not resolved. Turns out there's is a remote code execution vulnerability exploitable over the network in many applications in 6u14, that has been fixed in 6u15.
However, the latest update available from repos is 6u14_b08
Fix: make 6u15 available from repos.
NOTE: I got to know about this bug when Freenet (http://freenetproject.org ) refused to perform some tasks because of the "wrong" Java version being detected.
Freenet users on 6u15 report that the warning is gone.
I dont have any evidence of this bug, this report is based on the
Freenet warning, the discussion on the Freenet mailing lists and the IRC
channel (irc.freenode.net #freenet) where I was asked to link the
following ceert-fi report:
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
--
Sun Java 6 package should be updated to 6u4
https://bugs.launchpad.net/bugs/187570
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list