Dear Maintainer,
i saw that the CVE is already fixed for sid. I'm unsure if we have to
try to create a bullseye backport of the 11.0.15+10-1 for ourself or if
we have to wait a bit longer until it's fixed for bullseye too. We are
using the container images of debian with this openjdk-jre for
Package: openjdk-11-jdk
Version: 11.0.14+9-1~deb11u1
Severity: critical
Tags: security
Justification: causes serious data loss
X-Debbugs-Cc: mkes...@web.de, t...@security.debian.org, Debian Security Team
Dear Maintainer,
since weeks, there is a known undisputed CVE for all openjdk versions in
2 matches
Mail list logo