CVE-2015-4844

Published: 21 October 2015

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Notes

Author	Note
mdeslaur	as of 2016-08-08, no definitive fix in ICU source tree debian has released fix however

Priority

Status

Package	Release	Status
icu Launchpad, Ubuntu, Debian	precise	Released (4.8.1.1-3ubuntu0.7)
	trusty	Released (52.1-3ubuntu0.5)
	upstream	Released (57.1-1)
	vivid	Ignored (end of life)
	wily	Ignored (end of life)
	xenial	Released (55.1-7ubuntu0.1)
	yakkety	Not vulnerable (57.1-4)
	zesty	Not vulnerable (57.1-5)
	Patches: upstream: http://bugs.icu-project.org/trac/changeset/38141 (possibly incomplete)
openjdk-6 Launchpad, Ubuntu, Debian	precise	Released (6b37-1.13.9-1ubuntu0.12.04.1)
	trusty	Released (6b37-1.13.9-1ubuntu0.14.04.1)
	upstream	Needs triage
	vivid	Released (6b37-1.13.9-1ubuntu0.15.04.1)
	wily	Released (6b37-1.13.9-1ubuntu0.15.10.1)
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
openjdk-7 Launchpad, Ubuntu, Debian	precise	Released (7u85-2.6.1-5ubuntu0.12.04.1)
	trusty	Released (7u85-2.6.1-5ubuntu0.14.04.1)
	upstream	Needs triage
	vivid	Released (7u85-2.6.1-5ubuntu0.15.04.1)
	wily	Released (7u85-2.6.1-5ubuntu0.15.10.1)
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
openjdk-8 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	vivid	Ignored (end of life)
	wily	Released (8u66-b17-1)
	xenial	Not vulnerable (8u66-b17-1build1)
	yakkety	Not vulnerable (8u66-b17-1build1)
	zesty	Not vulnerable (8u66-b17-1build1)

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›