CVE-2015-2632
Published: 16 July 2015
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Priority
Status
Package | Release | Status |
---|---|---|
icu Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(55.1-4ubuntu1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(52.1-3ubuntu0.4)
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(6b36-1.13.8-0ubuntu1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [6b36-1.13.8-0ubuntu1~14.04])
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(7u79-2.5.6-1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [7u79-2.5.6-0ubuntu1.14.04.1])
|
|
openjdk-8 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(8u66-b17-1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Patches: Upstream: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/efc8652da937 |
Notes
Author | Note |
---|---|
mdeslaur | as of 2015-09-01, no equivalent fix in ICU source tree |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://usn.ubuntu.com/usn/usn-2696-1
- https://usn.ubuntu.com/usn/usn-2706-1
- https://usn.ubuntu.com/usn/usn-2740-1
- NVD
- Launchpad
- Debian