Re: Debian distributions of stable OpenJDK updates
Le 20/05/2019 à 14:38, Aleksey Shipilev a écrit :
> Yes. Security fixes and Japanese epoch changes are delivered in 11.0.3+7, after security embargo was
> lifted. The fixes are not in 11.0.3+6, which was tagged before the embargo lifted. You are looking
> for these:
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/175eb80c253a
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/2996b4523925
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/f0d8b845de21
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/1084d119236b
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/c61b8801f0e4
> http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/59610bddd37a
Thank you. As I understand the rev 1084d119236b is the fix for
CVE-2019-2684, and 59610bddd37a is the fix for CVE-2019-2602. But I'm
not sure about c61b8801f0e4, is there a related CVE?
Emmanuel Bourg
Reply to: