Re: Beginner's Question on Java Security Fixes
On Wed, May 8, 2013 at 1:51 PM, Markus Karg wrote:
> Thank you for your kind answer. So this means there is no simple answer like e. g. "On Debian, openjdk-7-jre-2.x has the same security level than OpenJDK 7u21", but I have to check each single CVE, right?
In general, if you are running the upstream version that fixes the
issues, then you have the same fixes, plus any issues fixed by Debian.
openjdk-7 7u21 is in jessie and sid, so if you are using openjdk-7
from there then you have the fixes from Oracle OpenJDK 7u21. openjdk-7
7u21 is not yet in wheezy though.
PS: I'm subscribed, no need to CC:
http://www.debian.org/MailingLists/#codeofconduct
--
bye,
pabs
http://wiki.debian.org/PaulWise
Reply to: