USN-3949-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-3949-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3949-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-3949-1
- Related
- Published
- 2019-04-16T17:57:03.251919Z
- Modified
- 2019-04-16T17:57:03.251919Z
- Summary
- openjdk-lts vulnerability
- Details
-
It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions. (CVE-2019-2422)
Please note that with this update, the OpenJDK package in Ubuntu 18.04 LTS has transitioned from OpenJDK 10 to OpenJDK 11. Several additional packages were updated to be compatible with OpenJDK 11.
- References
Affected packages
Ubuntu:18.04:LTS / openjdk-lts
Package
- Name
- openjdk-lts
- Purl
- pkg:deb/ubuntu/openjdk-lts@11.0.2+9-3ubuntu1~18.04.3?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed11.0.2+9-3ubuntu1~18.04.3
Affected versions
9.*
9.0.4+12-2ubuntu4
9.0.4+12-4ubuntu1
Other
10~46-4ubuntu1
10~46-5ubuntu1
10.*
10.0.1+10-1ubuntu2
10.0.1+10-3ubuntu1
10.0.2+13-1ubuntu0.18.04.1
10.0.2+13-1ubuntu0.18.04.2
10.0.2+13-1ubuntu0.18.04.3
10.0.2+13-1ubuntu0.18.04.4
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"openjdk-11-dbg": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-demo": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-source": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-jdk": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-doc": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-jdk-headless": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-jre-zero": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-jre": "11.0.2+9-3ubuntu1~18.04.3",
"openjdk-11-jre-headless": "11.0.2+9-3ubuntu1~18.04.3"
}
]
}