| Name | CVE-2016-0687 |
| Description | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-451-1, DSA-3558-1 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| openjdk-7 (PTS) | jessie, jessie (lts) | 7u321-2.6.28-0+deb8u1 | fixed |
| openjdk-8 (PTS) | jessie, jessie (lts) | 8u402-ga-1~deb8u1 | fixed |
| stretch (security) | 8u332-ga-1~deb9u1 | fixed | |
| stretch (lts), stretch | 8u402-ga-1~deb9u1 | fixed | |
| sid | 8u412-ga-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| openjdk-6 | source | wheezy | (unfixed) | end-of-life | ||
| openjdk-6 | source | (unstable) | (unfixed) | |||
| openjdk-7 | source | wheezy | 7u101-2.6.6-2~deb7u1 | DLA-451-1 | ||
| openjdk-7 | source | jessie | 7u101-2.6.6-1~deb8u1 | DSA-3558-1 | ||
| openjdk-7 | source | (unstable) | (unfixed) | |||
| openjdk-8 | source | (unstable) | 8u91-b14-1 |
[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)