Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-2818-1 November 25, 2015 openjdk-7 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.10 - Ubuntu 15.04 - Ubuntu 14.04 LTS Summary: A security issue was fixed in OpenJDK 7. Software Description: - openjdk-7: Open Source Java implementation Details: It was discovered that rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed. Am attacker could use this to expose sensitive information or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.10: icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.15.10.1 openjdk-7-jre 7u91-2.6.3-0ubuntu0.15.10.1 openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.15.10.1 openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.15.10.1 openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.15.10.1 Ubuntu 15.04: icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.15.04.1 openjdk-7-jre 7u91-2.6.3-0ubuntu0.15.04.1 openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.15.04.1 openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.15.04.1 openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.15.04.1 Ubuntu 14.04 LTS: icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.14.04.1 openjdk-7-jre 7u91-2.6.3-0ubuntu0.14.04.1 openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.14.04.1 openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.14.04.1 openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.14.04.1 After a standard system update you need to restart any Java applications or applets to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2818-1 CVE-2015-4871 Package Information: https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.15.04.1 https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.14.04.1