lp://staging/ubuntu/lucid-updates/openjdk-6
- Get this branch:
- bzr branch lp://staging/ubuntu/lucid-updates/openjdk-6
Branch merges
Related source package recipes
Related bugs
Related blueprints
Branch information
Recent revisions
- 40. By Steve Beattie
-
* SECURITY UPDATE: Update to IcedTea 6 1.11.4
- Security fixes:
- S7162476, CVE-2012-1682: XMLDecoder security issue via
ClassFinder
- S7163201, CVE-2012-0547: Simplify toolkit internals references
- Bug fixes:
- S7182135: Impossible to use some editors directly
- S7185678: java/awt/Menu/NullMenuLa belTest/ NullMenuLabelTe st.java
failed with NPE - 39. By Steve Beattie
-
* Backport OpenJDK 6b24/IcedTea 1.11.3 to lucid.
* debian/patches/ java-access- bridge- security. patch: updated
* debian/control. zero-jre: add powerpc arch back, to get empty
transitional package
* debian/rules: install README.Debian for openjdk-6-jre-zero to create
empty transitional package and create package
* debian/README. Debian: explain openjdk-6-jre-zero went away
* regenerate debian/control - 38. By Steve Beattie
-
* SECURITY UPDATE: update to IcedTea 6 1.9.13
- Security fixes:
- S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
- S7088367, CVE-2011-3563: Fix issues in java sound
- S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
method
- S7110687, CVE-2012-0503: Issues with TimeZone class
- S7110700, CVE-2012-0505: Enhance exception throwing mechanism
in ObjectStreamClass
- S7110704, CVE-2012-0506: Issues with some method in corba
- S7112642, CVE-2012-0497: Incorrect checking for graphics
rendering object
- S7118283, CVE-2012-0501: Better input parameter checking in
zip file processing
- S7126960, CVE-2011-5035: (httpserver) Add property to limit
number of request headers to the HTTP Server
- Bug fixes:
- S7102369, RH751203: remove java.rmi.server. codebase property
parsing from registyimpl
- S7094468, RH751203: rmiregistry clean up
- S6851973, PR830: ignore incoming channel binding if acceptor
does not set one
* drop debian/patches/ openjdk- 7103725- ssl_beast_ regression. patch as
it's included in the upstream release. - 37. By Steve Beattie
-
debian/
patches/ openjdk- 7103725- ssl_beast_ regression. patch:
Add regression fix for broken ssl connectivity when using
TLS_DH_anon_WITH_ AES_128_ CBC_SHA (LP: #891761) - 36. By Steve Beattie
-
* SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
- debian/patches/ SOP-bypass- icedtea6- 1.9.patch: Remove special
case for SocketPermission.
- CVE-2011-3377
- Applied inline due to needing to apply patches only once for netx,
not for every vm - 35. By Steve Beattie
-
* SECURITY UPDATE: information disclosure
- IcedTea 1.9.9 release:
+ debian/patches/ cache-directory -exposed- it6-1.9. patch: don't
allow unsigned web start applications/applets determine the
location of the netx cache directory
+ CVE-2011-2513
* drop debian/patches/ hotspot- fix_added_ define. patch: applied upstream - 34. By Steve Beattie
-
* SECURITY UPDATE: IcedTea6 1.9.8 Release:
- S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP
urgent disabled get still selected for read ops (win)
- S6618658, CVE-2011-0865: Vulnerability in deserialization
- S7012520, CVE-2011-0815: Heap overflow vulnerability in
FileDialog.show()
- S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in
2D code
- S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
bindings
- S7013971, CVE-2011-0869: Vulnerability in SAAJ
- S7016340, CVE-2011-0870: Vulnerability in SAAJ
- S7016495, CVE-2011-0868: Crash in Java 2D transforming an image
with scale close to zero
- S7020198, CVE-2011-0871: ImageIcon creates Component with
null acc
- S7020373, CVE-2011-0864: JSR rewriting can overflow memory
address size variables
* debian/generate_ debian_ orig.sh: adjust settings to match the
generation of this update.
* Makefile.{am,in}: don't apply patches/jtreg-LastError String. patch as
it causes the testsuite runner to fail. - 33. By Steve Beattie
-
* IcedTea6 1.9.7 release.
- SECURITY UPDATE:
+ S4421494, CVE-2010-4476: infinite loop while parsing double literal.
+ S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
+ S6907662, CVE-2010-4465: Swing timer-based security manager bypass
+ S6994263, CVE-2010-4472: Untrusted code allowed to replace
DSIG/C14N implementation
+ S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
+ S6983554, CVE-2010-4450: Launcher incorrect processing of
empty library path entries
+ S6985453, CVE-2010-4471: Java2D font-related system property leak
+ S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
+ RH677332, CVE-2011-0706: Multiple signers privilege escalation
- Bug fixes
+ RH676659: Pass -export-dynamic flag to linker using -Wl,
as option in gcc 4.6+ is broken
+ G344659: Fix issue when building on SPARC
+ Fix latent JAXP bug caused by missing import
* dropped patch due to different fix applied upstream:
- debian/patches/ hotspot- sparc-fix. diff
* debian/patches/ hotspot- fix_added_ define. patch: added to fix
redefinition added by patch for S6878713
* Makefile.{am,in}: don't use stage1 build for zerovm, bootstrap
zerovm instead to compensate for
http://icedtea. classpath. org/bugzilla/ show_bug. cgi?id= 631 - 32. By Matthias Klose
-
* IcedTea6 1.9.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass. - 31. By Matthias Klose
-
* IcedTea6 1.9.2 release.
- CVE-2010-3860: Fix IcedTea System property information leak via
public static.
* Build using Hotspot hs19.
* Start metacity using dbus-launch, when running the testsuite. LP: #632594.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/natty/openjdk-6
