Ubuntu Security Notice 3121-1 - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An attacker could use this to bypass Java sandbox restrictions. It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. Various other issues were also addressed. Continue reading...
