[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

AW: Beginner's Question on Java Security Fixes

Thank you for your kind answer. So this means there is no simple answer like e. g. "On Debian, openjdk-7-jre-2.x has the same security level than OpenJDK 7u21", but I have to check each single CVE, right?

Thanks!
-Markus

-----Ursprüngliche Nachricht-----
Von: paul.is.wise@gmail.com [mailto:paul.is.wise@gmail.com] Im Auftrag von Paul Wise
Gesendet: Mittwoch, 8. Mai 2013 07:38
An: debian-java@lists.debian.org
Betreff: Re: Beginner's Question on Java Security Fixes

On Wed, May 8, 2013 at 1:20 PM, Markus Karg wrote:

> While programming for more than 25 years (more than a decade with Java 
> SE / EE), I am still a beginner with Debian. So please don’t mind my 
> possibly stupid question: Looking at all the security fixes that 
> Oracle provides, I wonder how I can see what of these fixes are 
> contained in Debian? I mean, for example, Oracle’s latest security fix 
> was 7u21. Where can I see which version of Debian’s openjdk-7-jre 
> package reflects that particular fixes, or whether these are contained in Debian at all?

The general answer here is to look at the security tracker page for the source package:

https://security-tracker.debian.org/tracker/source-package/openjdk-7

If the page is incorrect, it needs to be updated:

https://security-tracker.debian.org/tracker/data/report

You can see here which versions of openjdk-7 are included in Debian:

http://packages.debian.org/src:openjdk-7
http://packages.qa.debian.org/o/openjdk-7.html

--
bye,
pabs

http://wiki.debian.org/PaulWise


--
To UNSUBSCRIBE, email to debian-java-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAKTje6HS4_tw2FmD_HJ70899bjdrEh-g=FiRbZ5DNZjS0Q@mail.gmail.com
Reply to: