-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : openjdk-7 Version : 7u231-2.6.19-1~deb8u2 Debian Bug : 935082 750400
The latest security update of openjdk-7 caused a regression when applications relied on elliptic curve algorithms to establish SSL connections. Several duplicate classes were removed from rt.jar by the upstream developers of OpenJDK because they were also present in sunec.jar. However Debian never shipped the SunEC security provider in OpenJDK 7. The issue was resolved by building sunec.jar and its corresponding native library libsunec.so from source. In order to build these libraries from source, an update of nss to version 2:3.26-1+debu8u6 is required. Updates for the amd64 architecture are already available, new packages for i386, armel and armhf will be available within the next 24 hours. For Debian 8 "Jessie", this problem has been fixed in version 7u231-2.6.19-1~deb8u2. We recommend that you upgrade your openjdk-7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1fEMlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSd8A//UdO5lVUTRNtqnMJmwdhNGeKHxOwgZb4ntXM4lM0Su+BCNvO2mceN/vl5 XfK2Y4xfjfUXxWswHCobWImuA84YEW9d1xGIwsFtN8NqPSqnPwlnXN0XBij0hvEy IkLNwgOj4j71gBnVGZlYZrVgx3MqHVDTYF9rqUPEsLt627JIe9l6tkq3Juf+FgcE Gl1uG14D2/A/MR6+HvhoLT8RkGb+7mru32x/w9RpkdltbguoH7xXH4mUo4q3QFqN z/fz1/JxFz8+Udrls3yd6e7bN8WH81MLnLOmLz7ZlD/mnIRXcS6aaHHR4UbS5gGE JB/9ame93ApViIMuCHf4QU1V4TIJFeSMrVRfXwwcyz1j4j8606/3rM3Ex3JVERli ammtleXBdvfmjNtNRvNYu+M2NboworzJBbf6mo3o6P9p2bLmjMMK6yMl1I4SroXz 5zHsh8xPik9x+orm36lrfYuaOL3TNL82JIEe2Wd0pWGhXM8BSemCoqZ+2wC8/ZoM uzlTLWHIPE20YOYSCx02tCruZ7K0eJ0CbQYjPYsUM9D4Nb5RKVjg2ImfdaaOlAOR K4DTKhoU3CdWMeZQrIw22Y8kH+dmvYSYhwYYz4pFvDl0o6GUciIzCcclW87sdqq7 IIX0AwA+hJm5ubBCKDFp4xNGptYQjnfhz+T/BqeBpIAQlAyaDGA= =xQVq -----END PGP SIGNATURE-----
