Your submission was sent successfully! Close

CVE-2016-0466

Published: 20 January 2016

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.

Priority

Medium

Status

Package Release Status
openjdk-6
Launchpad, Ubuntu, Debian
precise
Released (6b38-1.13.10-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [6b38-1.13.10-0ubuntu0.14.04.1])
upstream Needs triage

vivid
Released (6b38-1.13.10-0ubuntu0.15.04.1)
wily
Released (6b38-1.13.10-0ubuntu0.15.10.1)
xenial Does not exist

openjdk-7
Launchpad, Ubuntu, Debian
precise
Released (7u95-2.6.4-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [7u95-2.6.4-0ubuntu0.14.04.1])
upstream Needs triage

vivid
Released (7u95-2.6.4-0ubuntu0.15.04.1)
wily
Released (7u95-2.6.4-0ubuntu0.15.10.1)
xenial Does not exist

openjdk-8
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (8u72-b15-1)
vivid Ignored
(reached end-of-life)
wily
Released (8u91-b14-0ubuntu4~15.10.1)
xenial Not vulnerable
(8u72-b15-1)
Patches:
upstream: http://hg.openjdk.java.net/jdk8u/jdk8u/jaxp/rev/6568ef042ca5