This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 852933 - Vulnerability in openJDK 1.7 and no openJDK 1.6 in Fedora 17 to fall back to.
Vulnerability in openJDK 1.7 and no openJDK 1.6 in Fedora 17 to fall back to.
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: java-1.6.0-openjdk (Show other bugs)
17
All Linux
unspecified Severity urgent
: ---
: ---
Assigned To: Deepak Bhole
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-29 23:30 EDT by M. Edward (Ed) Borasky
Modified: 2012-08-30 05:08 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-30 01:34:28 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description M. Edward (Ed) Borasky 2012-08-29 23:30:01 EDT
Description of problem:

A zero-day vulnerability has been discovered in openJDK 1.7. 1.6 is not affected. See http://www.kb.cert.org/vuls/id/636312 for details. I'd like to drop back to openJDK 1.6 on my Fedora systems, but I can't, because the RPM isn't in the repositories.
Comment 1 David Jorm 2012-08-30 01:34:28 EDT
Fedora 17 does not include openjdk 1.6, only openjdk 1.7. bug 852958 has been filed against Fedora 17 to track the resolution of this flaw in openjdk 1.7.
Comment 2 Tomas Hoger 2012-08-30 05:08:12 EDT
security bugzilla group is only for non-public security issues.

Note You need to log in before you can comment on or make changes to this bug.