[Secure-testing-team] Bug#745471: lcms2: CVE-2014-0459
Moritz Muehlenhoff
jmm at inutil.org
Tue Apr 22 05:22:42 UTC 2014
Package: lcms2
Severity: important
Tags: security
Justification: user security hole
Hi,
Oracle fixed a denial of service issues in the lcms code copy in Java/OpenJDK:
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
The patch is here and affects lcms2:
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/d6739b8326a4
Cheers,
Moritz
More information about the Secure-testing-team
mailing list