SynopsisThe remote Debian host is missing a security update.
DescriptionA vulnerability was discovered in libspring-security-2.0-java, a modular Java/J2EE application security framework, when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance, resulting in insecure randomness.
For Debian 8 'Jessie', this problem has been fixed in version 2.0.7.RELEASE-3+deb8u1.
We recommend that you upgrade your libspring-security-2.0-java packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.