[Secure-testing-team] Bug#851667: openjdk-8-jre-headless needs Breaks: ca-certificates-java (<< 20160321~)
Adrian Bunk
bunk at debian.org
Tue Jan 17 12:29:30 UTC 2017
Package: openjdk-8-jre-headless
Severity: serious
Tags: security patch
< Viiru> Hmm. So apparently ca-certificates-java has a hard-coded list of
JRE versions.
< Viiru> Thus if one installs JRE 8 from backports to a jessie machine
(and removes JRE 7) the trust store will never be updated again.
< Viiru> Somewhat unexpected.
The solution for this bug is a
Breaks: ca-certificates-java (<< 20160321~)
in openjdk-8-jre-headless
(plus adding ca-certificates-java to backports,
which is outside the scope of this bug).
More information about the Secure-testing-team
mailing list