CVE-2015-2632
Published: 16 July 2015
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Priority
Low
Status
| Package | Release | Status |
|---|---|---|
|
icu Launchpad, Ubuntu, Debian |
precise |
Released
(4.8.1.1-3ubuntu0.6)
|
| trusty |
Released
(52.1-3ubuntu0.4)
|
|
| upstream |
Needs triage
|
|
| utopic |
Ignored
(reached end-of-life)
|
|
| vivid |
Released
(52.1-8ubuntu0.2)
|
|
| wily |
Released
(55.1-4ubuntu1)
|
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
precise |
Released
(6b36-1.13.8-0ubuntu1~12.04)
|
| trusty |
Does not exist
(trusty was released [6b36-1.13.8-0ubuntu1~14.04])
|
|
| upstream |
Needs triage
|
|
| utopic |
Ignored
(reached end-of-life)
|
|
| vivid |
Released
(6b36-1.13.8-0ubuntu1~15.04.1)
|
|
| wily |
Not vulnerable
(6b36-1.13.8-0ubuntu1)
|
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
precise |
Released
(7u79-2.5.6-0ubuntu1.12.04.1)
|
| trusty |
Does not exist
(trusty was released [7u79-2.5.6-0ubuntu1.14.04.1])
|
|
| upstream |
Needs triage
|
|
| utopic |
Ignored
(reached end-of-life)
|
|
| vivid |
Released
(7u79-2.5.6-0ubuntu1.15.04.1)
|
|
| wily |
Not vulnerable
(7u79-2.5.6-1)
|
|
|
openjdk-8 Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| utopic |
Ignored
(reached end-of-life)
|
|
| vivid |
Ignored
(reached end-of-life)
|
|
| wily |
Released
(8u66-b17-1)
|
|
|
Patches: upstream: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/efc8652da937 |
||
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2015-09-01, no equivalent fix in ICU source tree |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://ubuntu.com/security/notices/USN-2696-1
- https://ubuntu.com/security/notices/USN-2706-1
- https://ubuntu.com/security/notices/USN-2740-1
- NVD
- Launchpad
- Debian