Debian DLA-303-1 : openjdk-6 security update (Bar Mitzvah) (Logjam)
Critical Nessus Plugin ID 85695
SynopsisThe remote Debian host is missing a security update.
DescriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography.
For Debian 6 'Squeeze', these issues have been fixed in openjdk-6 version 6b36-1.13.8-1~deb6u1.
We recommend that you upgrade your openjdk-6 packages.
Learn more about the Debian Long Term Support (LTS) Project and how to apply these updates at: https://wiki.debian.org/LTS/
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.