lp://staging/ubuntu/natty-security/openjdk-6b18
- Get this branch:
- bzr branch lp://staging/ubuntu/natty-security/openjdk-6b18
Branch merges
Related source package recipes
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 15. By Steve Beattie
-
* SECURITY UPDATE: update to IcedTea 6 1.8.13
- Security fixes:
- S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
- S7088367, CVE-2011-3563: Fix issues in java sound
- S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
method
- S7110687, CVE-2012-0503: Issues with TimeZone class
- S7110700, CVE-2012-0505: Enhance exception throwing mechanism
in ObjectStreamClass
- S7110704, CVE-2012-0506: Issues with some method in corba
- S7112642, CVE-2012-0497: Incorrect checking for graphics
rendering object
- S7118283, CVE-2012-0501: Better input parameter checking in
zip file processing
- S7126960, CVE-2011-5035: (httpserver) Add property to limit
number of request headers to the HTTP Server
- Bug fixes:
- S7102369, RH751203: remove java.rmi.server. codebase property
parsing from registyimpl
- S7094468, RH751203: rmiregistry clean up
- S6851973, PR830: ignore incoming channel binding if acceptor
does not set one
* drop debian/patches/ openjdk- 7103725- ssl_beast_ regression. patch as
it's included in the upstream release. - 14. By Steve Beattie
-
debian/
patches/ openjdk- 7103725- ssl_beast_ regression. patch:
Add regression fix for broken ssl connectivity when using
TLS_DH_anon_WITH_ AES_128_ CBC_SHA (LP: #891761) - 13. By Steve Beattie
-
* SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
- security fixes:
- S7000600, CVE-2011-3547: InputStream skip() information leak
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
- S7023640, CVE-2011-3551: Java2D TransformHelper integer
overflow
- S7032417, CVE-2011-3552: excessive default UDP socket limit
under SecurityManager
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
- S7046823, CVE-2011-3544: missing SecurityManager checks in
scripting engine
- S7055902, CVE-2011-3521: IIOP deserialization code execution
- S7057857, CVE-2011-3554: insufficient pack200 JAR files
uncompress error checks
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
attack against SSL/TLS (BEAST)
- S7077466, CVE-2011-3556: RMI DGC server remote code execution
- S7083012, CVE-2011-3557: RMI registry privileged code execution
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection - 12. By Steve Beattie
-
* SECURITY UPDATE:
- S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent
disabled get still selected for read ops (win)
- S6618658, CVE-2011-0865: Vulnerability in deserialization
- S7012520, CVE-2011-0815: Heap overflow vulnerability in
FileDialog.show()
- S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code
- S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
bindings
- S7013971, CVE-2011-0869: Vulnerability in SAAJ
- S7016340, CVE-2011-0870: Vulnerability in SAAJ
- S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with
scale close to zero
- S7020198, CVE-2011-0871: ImageIcon creates Component with null acc
- S7020373, CVE-2011-0864: JSR rewriting can overflow memory address
size variables
* debian/generate_ debian_ orig.sh: adjust settings to match the
generation of this update. - 11. By Matthias Klose
-
* Update Icedtea6 from the 6-1.8 branch (20110325).
* Backport JamVM and CACAO updates from the 6-1.10 branch.
* Add multiarch directories to the default library path. - 10. By Matthias Klose
-
icedtea-
6-jre-jamvm: Build JamVM as an alternative VM,
start with `java -jamvm'.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/oneiric/openjdk-6b18
