← Back to team overview

openjdk team mailing list archive

[Bug 1224723] Re: Clamscan finds CVE-2013-2465 in openjdk-6-jre-headless

 

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in Ubuntu.
https://bugs.launchpad.net/bugs/1224723

Title:
  Clamscan finds CVE-2013-2465 in openjdk-6-jre-headless

Status in “openjdk-6” package in Ubuntu:
  New

Bug description:
  Running a clamscan on a Ubuntu 12.04.3 system reports that
  vunlerability CVE-2013-2465 was detected in version
  6b27-1.12.6-1ubuntu0.12.04.2 of openjdk-6-jre-headless:

  Run this:
  #/usr/bin/clamscan -ri --max-filesize=100M /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/

  Get this:
  /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/rt.jar: Java.Exploit.CVE_2013_2465 FOUND

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1224723/+subscriptions