Home / Security / USN-3875-1: OpenJDK vulnerability | Ubuntu security notices

USN-3875-1: OpenJDK vulnerability | Ubuntu security notices

30 January 2019

openjdk-8, openjdk-lts vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.10
  • Ubuntu 16.04 LTS

Summary

Java applets or applications could be made to expose sensitive
information.

Software Description

  • openjdk-lts – Open Source Java implementation
  • openjdk-8 – Open Source Java implementation

Details

It was discovered that a memory disclosure issue existed in the OpenJDK
Library subsystem. An attacker could use this to expose sensitive
information and possibly bypass Java sandbox restrictions. (CVE-2019-2422)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10
openjdk-11-jdk11.0.1+13-3ubuntu3.18.10.1
openjdk-11-jre11.0.1+13-3ubuntu3.18.10.1
openjdk-11-jre-headless11.0.1+13-3ubuntu3.18.10.1
Ubuntu 16.04 LTS
openjdk-8-jdk8u191-b12-2ubuntu0.16.04.1
openjdk-8-jre8u191-b12-2ubuntu0.16.04.1
openjdk-8-jre-headless8u191-b12-2ubuntu0.16.04.1
openjdk-8-jre-jamvm8u191-b12-2ubuntu0.16.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

x

Check Also

South Korea is Censoring the Internet by Snooping on SNI Traffic

South Korea is Censoring the Internet by Snooping on SNI Traffic

South Korea has been blocking HTTP websites that are on their censor list for a ...