CVE-2015-2632
Published: 16 July 2015
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Priority
Low
Status
| Package | Release | Status |
|---|---|---|
|
icu Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Released
(55.1-4ubuntu1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(52.1-3ubuntu0.4)
|
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Not vulnerable
(6b36-1.13.8-0ubuntu1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [6b36-1.13.8-0ubuntu1~14.04])
|
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Not vulnerable
(7u79-2.5.6-1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [7u79-2.5.6-0ubuntu1.14.04.1])
|
|
|
openjdk-8 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Not vulnerable
(8u66-b17-1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
Patches: Upstream: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/efc8652da937 |
||
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2015-09-01, no equivalent fix in ICU source tree |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://usn.ubuntu.com/usn/usn-2696-1
- https://usn.ubuntu.com/usn/usn-2706-1
- https://usn.ubuntu.com/usn/usn-2740-1
- NVD
- Launchpad
- Debian