Oracle JRE/JDK: Multiple vulnerabilities

Oracle JRE/JDK: Multiple vulnerabilities Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. oracle-jre oracle-jdk July 10, 2015 July 11, 2015: 2 537214 local, remote 1.8.0.31 1.7.0.76 1.8.0.31 1.7.0.76 1.8.0.31 1.7.0.76 1.8.0.31 1.7.0.76

The Oracle Java Development Kit (JDK) and the Oracle Java Runtime Environment (JRE) provide the Oracle Java platform.

Multiple vulnerabilities have been discovered in Oracle JRE/JDK. Please review the CVE identifiers referenced below for details.

An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime.

There is no workaround at this time.

All Oracle JRE 8 users should upgrade to the latest stable version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.31

All Oracle JDK 8 users should upgrade to the latest stable version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.31

All Oracle JRE 7 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.7.0.76

All Oracle JDK 7 users should upgrade to the latest stable version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.7.0.76

CVE-2014-3566 CVE-2014-6549 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413 CVE-2015-0421 BlueKnight stanley