Advisories ยป MGASA-2016-0130

Updated java packages fix CVE-2016-0636

Publication date: 06 Apr 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0636

Description

Updated java-1.8.0-openjdk packages fix security vulnerability:

An improper type safety check was discovered in the Hotspot component. An
untrusted Java application or applet could use this flaw to bypass Java
Sandbox restrictions (CVE-2016-0636).

Also, the icedtea-web package has been updated to version 1.6.2 to fix all
known issues in the Java browser plugin.
                

References

SRPMS

5/core