Archive for the tag "cve"
It’s Java security update time again, folks. The IcedTea team just released version 2.4.1 of their “build harness” (which builds the OpenJDK source code using Free Software tools and allows for other features such as support for alternative virtual machines and ARM support). The new IcedTea will build OpenJDK 7 Update 40 Build 31 – […]
In order to match the recent Oracle security update for its Java platform, Java 7u17, the IcedTea developers have released version 2.3.8 of the IcedTea “build harness”, with which a fresh OpenJDK 7u17 can be built. This 17th update to Java7 addresses several vulnerabilities, the same as Oracle’s update. It may be worth noting that […]
The icedtea “build harness” which I use to compile my OpenJDK and icedtea-web packages had a series of updates past week. Icedtea is available in several flavours, and it is able to build OpenJDK versions of Java 6 and 7 (and pre-release versions of Java 8 even, but that is beside the point here). Several […]
Adobe issued a security bulletin for their Adobe Flash Player. On APSB13-04 two CVE’s are mentioned – CVE-2013-0633 and CVE-2013-0634. Of those two, CVE-2013-0634 is the vulnerability which affects Linux users, because it is being exploited “in the wild” in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in […]
It took a day for the developers to release a new version of IcedTea, fixing another three CVE’s (critical security bugs) in OpenJDK 7. New on the fix list are these security fixes: CVE-2012-1682: XMLDecoder security issue via ClassFinder CVE-2012-3136: Improve long term persistence of java.beans objects CVE-2012-0547: Simplify toolkit internals references Get my packages […]