Date: prev next · Thread: first prev next last
2013 Archives by date, by thread · List index

[tdf-discuss] Re: LibreOffice and Java Security: OpenJDK Vulnerability

On 01/15/2013 10:58 AM, Dennis E. Hamilton wrote:
Again, thanks to Simon Phipps for retweeting the information.

It appears that one should *not* assume that OpenJDK does not share vulnerabilities with the 
Oracle Java SE and JDK:

The log of changes to OpenJDK for the recent vulnerability (just as indication of the Oracle 
updating of OpenJDK):

The CVE:

There is still reporting that this update is not a complete fix.  I have not found a reliable 
technical source that makes clear what the remaining concern is, or if it is simply a lag in 
reports that have not recognized the latest patches.

 - Dennis

Security releases for OpenJDK and Icedtea were released yesterday (Tues
Jan 17). Of course I reckon that it will take awhile for the builds to
get pushed to the distro's.


Unsubscribe instructions: E-mail to
Posting guidelines + more:
List archive:
All messages sent to this list will be publicly archived and cannot be deleted


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.