Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 30 Oct 2016 20:03:00 +1100
From:      Kubilay Kocak <koobs@FreeBSD.org>
To:        Greg Lewis <glewis@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org, FreeBSD Ports Security Team <ports-secteam@freebsd.org>
Subject:   Re: svn commit: r424926 - in head/java/openjdk8: . files
Message-ID:  <61b69f6c-ecf4-2776-4713-117231261cf9@FreeBSD.org>
In-Reply-To: <201610300351.u9U3pe3Y034326@repo.freebsd.org>
References:  <201610300351.u9U3pe3Y034326@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 30/10/2016 2:51 PM, Greg Lewis wrote:
> Author: glewis Date: Sun Oct 30 03:51:40 2016 New Revision: 424926 
> URL: https://svnweb.freebsd.org/changeset/ports/424926
> 
> Log: . Update to 8u112.
> 
> Deleted: 
> head/java/openjdk8/files/patch-hotspot_src_cpu_zero_vm_cppInterpreter__zero.cpp
>
> 
head/java/openjdk8/files/patch-hotspot_src_share_vm_interpreter_bytecodeInterpreter.cpp
> Modified: head/java/openjdk8/Makefile head/java/openjdk8/distinfo 
> head/java/openjdk8/files/patch-bsd 
> head/java/openjdk8/files/patch-bsd-test
> 
> Modified: head/java/openjdk8/Makefile 

Greg,

The release notes [1] for this version mention:

"This Critical Patch Update contains 7 new security fixes for Oracle
Java SE.  All of these vulnerabilities may be *remotely exploitable
without authentication*, i.e., may be exploited over a network without
requiring user credentials.  The English text form of this Risk Matrix
can be found here."

It appears these affect Java SE 6/7 (ports) as well as 8 .

If so, are there updates pending for the other openjdk ports and are
there VuXML entries and merges to quarterly planned?

I note previous version updates (commits) to these ports have not
mentioned security fixes, nor intent to MFH them either.

[1]
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA

./koobs

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?61b69f6c-ecf4-2776-4713-117231261cf9>