Oracle JRE/JDK: Multiple vulnerabilities

Oracle JRE/JDK: Multiple vulnerabilities Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, the worst of which may allow execution of arbitrary code jre,jdk,oracle 2017-01-25 2017-01-25 606118 remote 1.8.0.121 1.8.0.121 1.8.0.121 1.8.0.121

Java Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications require.

Multiple vulnerabilities have been discovered in in Oracle’s JRE and JDK. Please review the CVE identifiers referenced below for details.

A remote attacker could possibly execute arbitrary code with the privileges of the process, gain access to information, or cause a Denial of Service condition.

There is no known workaround at this time.

All Oracle JRE users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=dev-java/oracle-jre-bin-1.8.0.121"

All Oracle JDK users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=dev-java/oracle-jdk-bin-1.8.0.121"

CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-8328 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3260 CVE-2017-3261 CVE-2017-3262 CVE-2017-3272 CVE-2017-3289 Oracle Critical Patch Update Advisory - January 2017 whissi whissi