CVE-2012-1531

Published: 16 October 2012

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Priority

Medium

Status

Package Release Status
icedtea-web
Launchpad, Ubuntu, Debian
Upstream Needs triage

openjdk-6
Launchpad, Ubuntu, Debian
Upstream
Released (6 update 36)
openjdk-6b18
Launchpad, Ubuntu, Debian
Upstream Needs triage

openjdk-7
Launchpad, Ubuntu, Debian
Upstream
Released (7 update 8)
sun-java5
Launchpad, Ubuntu, Debian
Upstream
Released (5.0 update 37)
sun-java6
Launchpad, Ubuntu, Debian
Upstream
Released (6 update 36)

Notes

AuthorNote
mdeslaur
in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand
openjdk-6b18 FTBFS on 11.04 (LP: #1043003)
http://rhn.redhat.com/errata/RHSA-2013-1467.html states this is
Oracle JDK only, but based on Oracle advisory we claimed it was fixed in
https://usn.ubuntu.com/usn/usn-1619-1.

References

Bugs