Oracle JRE/JDK: Multiple vulnerabilities Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites allowing remote attackers to remotely execute arbitrary code, obtain information, and cause Denial of Service. java October 15, 2016 October 15, 2016: 1 578160 580608 589208 remote 1.8.0.101 1.8.0.101 1.8.0.101 1.8.0.101

Java Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications require.

Multiple vulnerabilities exist in both Oracle’s JRE and JDK. Please review the referenced CVE’s for additional information.

Remote attackers could gain access to information, remotely execute arbitrary code, or cause Denial of Service.

There is no known workaround at this time.

All Oracle JRE Users users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.101"

All Oracle JDK Users users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.101"
CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-0603 CVE-2016-0636 CVE-2016-3426 CVE-2016-3458 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3550 CVE-2016-3552 CVE-2016-3587 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 b-man b-man