Critical Vulnerability Information Vulnerability ID: USN-3043-1 Description: Multiple security issues in OpenJDK 8 have been fixed. Release Date: July 27, 2016 Affected Versions: 16.04 LTS CVE List: - CVE-2016-3587 - CVE-2016-3598 - CVE-2016-3606 - CVE-2016-3610 - CVE-2016-3458 - CVE-2016-3550 - CVE-2016-3508 - CVE-2016-3500 Vulnerability Details Information Disclosure Description: Multiple vulnerabilities relate to information disclosure in the OpenJDK JRE. Impact: Attackers could exploit these vulnerabilities to transmit sensitive data over the network, potentially leading to denial of service, exposure of sensitive data, or execution of arbitrary code. Data Integrity Description: One vulnerability relates to data integrity in the OpenJDK JRE. Impact: Attackers could exploit this vulnerability to transmit sensitive data over the network or execute arbitrary code. Availability Description: Multiple vulnerabilities relate to availability in the OpenJDK JRE. Impact: Attackers could exploit these vulnerabilities to cause denial of service. Related Update Information Fixes: Update the system to the following package versions: - openjdk-8-jdk - 8u91-b14-3ubuntu1~16.04.1 - openjdk-8-jre - 8u91-b14-3ubuntu1~16.04.1 - openjdk-8-jre-headless - 8u91-b14-3ubuntu1~16.04.1 - openjdk-8-jre-jamvm - 8u91-b14-3ubuntu1~16.04.1 - openjdk-8-jre-zero - 8u91-b14-3ubuntu1~16.04.1 Related Notifications USN-3077-1 USN-3062-1