apticron report [Sat, 25 Jul 2015 18:44:15 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
baldrick.crans.org
[ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ]
[ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ]
The following packages are currently pending an upgrade:
openjdk-7-jre 7u79-2.5.6-1~deb8u1
openjdk-7-jre-headless 7u79-2.5.6-1~deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour openjdk-7 (openjdk-7-jre openjdk-7-jre-headless) ---
openjdk-7 (7u79-2.5.6-1~deb8u1) jessie-security; urgency=medium
* Rebuild for stable
-- Moritz Mühlenhoff <jmm(a)debian.org> Fri, 24 Jul 2015 08:01:45 +0200
openjdk-7 (7u79-2.5.6-1) unstable; urgency=medium
* IcedTea7 2.5.6 release (based on OpenJDK 7u79).
* Security fixes
- S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
- S8067694, CVE-2015-2625: Improved certification checking.
- S8071715, CVE-2015-4760: Tune font layout engine.
- S8071731: Better scaling for C1.
- S8072490: Better font morphing redux.
- S8072887: Better font handling improvements.
- S8073334: Improved font substitutions.
- S8073773: Presume path preparedness.
- S8073894: Getting to the root of certificate chains.
- S8074330: Set font anchors more solidly.
- S8074335: Substitute for substitution formats.
- S8074865, CVE-2015-2601: General crypto resilience changes.
- S8074871: Adjust device table handling.
- S8075374, CVE-2015-4748: Responding to OCSP responses.
- S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
- S8075738: Better multi-JVM sharing.
- S8075833, CVE-2015-2613: Straighter Elliptic Curves.
- S8075838: Method for typing MethodTypes.
- S8075853, CVE-2015-2621: Proxy for MBean proxies.
- S8076328, CVE-2015-4000: Enforce key exchange constraints.
- S8076376, CVE-2015-2628: Enhance IIOP operations.
- S8076397, CVE-2015-4731: Better MBean connections.
- S8076401, CVE-2015-2590: Serialize OIS data.
- S8076405, CVE-2015-4732: Improve serial serialization.
- S8076409, CVE-2015-4733: Reinforce RMI framework.
- S8077520, CVE-2015-2632: Morph tables into improved form.
- PR2487, CVE-2015-4000: Make jdk8 mode the default for
jdk.tls.ephemeralDHKeySize.
* Update the kfreebsd hotspot support patch (Steven Chamberlain).
Closes: #788982.
* openjdk-7-jre: Recommend the real libgconf2-4 and libgnome2-0 packages.
Closes: #786594.
-- Matthias Klose <doko(a)ubuntu.com> Thu, 23 Jul 2015 17:19:35 +0200
openjdk-7 (7u79-2.5.5-1) unstable; urgency=high
* IcedTea7 2.5.5 release (based on OpenJDK 7u79).
* Security fixes
- S8059064: Better G1 log caching.
- S8060461: Fix for JDK-8042609 uncovers additional issue.
- S8064601, CVE-2015-0480: Improve jar file handling.
- S8065286: Fewer subtable substitutions.
- S8065291: Improved font lookups.
- S8066479: Better certificate chain validation.
- S8067050: Better font consistency checking.
- S8067684: Better font substitutions.
- S8067699, CVE-2015-0469: Better glyph storage.
- S8068320, CVE-2015-0477: Limit applet requests.
- S8068720, CVE-2015-0488: Better certificate options checking.
- S8069198: Upgrade image library.
- S8071726, CVE-2015-0478: Better RSA optimizations.
- S8071818: Better vectorization on SPARC.
- S8071931, CVE-2015-0460: Return of the phantom menace.
* Build the documentation when building with a Hotspot VM. Closes: #781577.
* openjdk-7-jre.preinst: Fix version for alternatives cleanup.
Closes: #775072.
* Re-enable HotSpot on SPARC; zero doesn't workm and there seems to be
some work ongoing upstream.
* Refresh patches.
* Only install the openjdk-java.desktop file when using cautious-launcher.
-- Matthias Klose <doko(a)ubuntu.com> Wed, 15 Apr 2015 22:16:17 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on
baldrick.crans.org
--
apticron