CVE-2013-5850

Publication date 16 October 2013

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
openjdk-6 13.10 saucy
Fixed 6b27-1.12.6-1ubuntu2.1
13.04 raring
Fixed 6b27-1.12.6-1ubuntu0.13.04.4
12.10 quantal
Fixed 6b27-1.12.6-1ubuntu0.12.10.4
12.04 LTS precise
Fixed 6b27-1.12.6-1ubuntu0.12.04.4
10.04 LTS lucid
Fixed 6b27-1.12.6-1ubuntu0.10.04.4
openjdk-7 13.10 saucy
Fixed 7u51-2.4.4-0ubuntu0.13.10.1
13.04 raring
Fixed 7u51-2.4.4-0ubuntu0.13.04.2
12.10 quantal
Fixed 7u51-2.4.4-0ubuntu0.12.10.2
12.04 LTS precise
Fixed 7u51-2.4.4-0ubuntu0.12.04.2
10.04 LTS lucid Not in release

Notes

jdstrand

no 2.3 update as of 2013/12/20. 2.4/armhf needs to be fixed IcedTea 2.3.x security not available yet IcedTea 1.12.x security not available. Upstream seems to be focusing on 1.11 (1.11.4 was released with fixes) for openjdk-6.

References

Related Ubuntu Security Notices (USN)

    • USN-2089-1
    • OpenJDK 7 vulnerabilities
    • 23 January 2014
    • USN-2033-1
    • OpenJDK 6 vulnerabilities
    • 21 November 2013

Other references