CVE-2010-4472
Published: 17 February 2011
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Priority
Status
| Package | Release | Status |
|---|---|---|
|
openjdk-6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(6b27-1.12.3-0ubuntu1~08.04.1)
|
|
| karmic |
Released
(6b20-1.9.7-0ubuntu1~9.10.1)
|
|
| lucid |
Released
(6b20-1.9.7-0ubuntu1~10.04.1)
|
|
| maverick |
Released
(6b20-1.9.7-0ubuntu1)
|
|
| natty |
Not vulnerable
(6b22-1.10.1-0ubuntu1)
|
|
| oneiric |
Not vulnerable
(6b22-1.10.1-0ubuntu1)
|
|
| upstream |
Released
(6b24)
|
|
|
openjdk-6b18 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Released
(6b18-1.8.7-0ubuntu1~9.10.1)
|
|
| lucid |
Released
(6b18-1.8.7-0ubuntu1~10.04.2)
|
|
| maverick |
Released
(6b18-1.8.7-0ubuntu2.1)
|
|
| natty |
Released
(6b18-1.8.7-0ubuntu5)
|
|
| oneiric |
Released
(6b18-1.8.7-0ubuntu5)
|
|
| upstream |
Released
(6b24)
|
|
|
sun-java5 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| hardy |
Ignored
(end of life)
|
|
| karmic |
Does not exist
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
sun-java6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(6.24-1build0.8.04.1)
|
|
| karmic |
Released
(6.24-1build0.9.10.1)
|
|
| lucid |
Released
(6.24-1build0.10.04.1)
|
|
| maverick |
Released
(6.24-1build0.10.10.1)
|
|
| natty |
Released
(6.24-1build0.10.10.1)
|
|
| oneiric |
Not vulnerable
(6.26-1oneiric1)
|
|
| upstream |
Released
(6.24-1)
|