CVE-2014-2490
Published: 17 July 2014
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Notes
| Author | Note |
|---|---|
| mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
| jdstrand | sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
openjdk-6 Launchpad, Ubuntu, Debian |
lucid |
Released
(6b32-1.13.4-1ubuntu1~0.10.04.1)
|
| precise |
Released
(6b32-1.13.4-1ubuntu1~0.12.04.1)
|
|
| trusty |
Does not exist
(trusty was released [6b32-1.13.4-4ubuntu0.14.04.1])
|
|
| upstream |
Needs triage
|
|
|
openjdk-6b18 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Released
(7u65-2.5.1-4ubuntu1~0.12.04.1)
|
|
| trusty |
Does not exist
(trusty was released [7u65-2.5.1-1ubuntu1~0.14.04.1])
|
|
| upstream |
Needs triage
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
- http://hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/dd7d490e72af
- http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/02f12a9d5aec
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- https://ubuntu.com/security/notices/USN-2312-1
- https://ubuntu.com/security/notices/USN-2319-1
- NVD
- Launchpad
- Debian