USN-2696-1 OpenJDK 7 Vulnerabilities


Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected
  • openjdk-7 - Open Source Java implementation
Description

Several security issues were fixed in OpenJDK 7.

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Ruby buildpack versions 1.6.1 and earlier
  • Java buildpack versions 3.1 and earlier
  • tc Server buildpack versions 3.1 and earlier
  • Pivotal Elastic Runtime versions 1.5.2 and earlier.
Mitigation

Users of affected versions should apply the following mitigation:

  • Pivotal has released the following buildpack updates that apply patches resolving these issues: Pivotal recommends that customers upgrade these buildpack versions to resolve the identified vulnerabilities.
  • Pivotal recommends that customers upgrade to the 1.5.3 versions of the Elastic Runtime product, which is now available on Pivotal Network. These new version contains an updated release of OpenJDK 7, resolving the identified vulnerabilities.
References