Your submission was sent successfully! Close

CVE-2012-1531

Published: 16 October 2012

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Priority

Medium

Status

Package Release Status
icedtea-web
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

quantal Not vulnerable

upstream Needs triage

openjdk-6
Launchpad, Ubuntu, Debian
hardy
Released (6b27-1.12.3-0ubuntu1~08.04.1)
lucid
Released (6b24-1.11.5-0ubuntu1~10.04.2)
natty
Released (6b24-1.11.5-0ubuntu1~11.04.1)
oneiric
Released (6b24-1.11.5-0ubuntu1~11.10.1)
precise
Released (6b24-1.11.5-0ubuntu1~12.04.1)
quantal
Released (6b24-1.11.5-0ubuntu1~12.10.1)
upstream
Released (6 update 36)
openjdk-6b18
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
natty Ignored
(reached end-of-life)
oneiric Ignored
(superseded by openjdk-6)
precise Does not exist

quantal Does not exist

upstream Needs triage

openjdk-7
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric
Released (7u9-2.3.3-0ubuntu1~11.10.1)
precise
Released (7u9-2.3.3-0ubuntu1~12.04.1)
quantal
Released (7u9-2.3.3-0ubuntu1~12.10.1)
upstream
Released (7 update 8)
sun-java5
Launchpad, Ubuntu, Debian
hardy Ignored
(upstream sun-java5 is EoL)
lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream
Released (5.0 update 37)
sun-java6
Launchpad, Ubuntu, Debian
hardy Ignored
(upstream version is not redistributable)
lucid Does not exist
(removed from archive)
natty Does not exist
(removed from archive)
oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream
Released (6 update 36)

Notes

AuthorNote
mdeslaur
in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand
openjdk-6b18 FTBFS on 11.04 (LP: #1043003)
http://rhn.redhat.com/errata/RHSA-2013-1467.html states this is
Oracle JDK only, but based on Oracle advisory we claimed it was fixed in
https://ubuntu.com/security/notices/USN-1619-1.

References