openjdk-6 6b18-1.8-4ubuntu3~9.10.2 source package in Ubuntu

Changelog

openjdk-6 (6b18-1.8-4ubuntu3~9.10.2) karmic-security; urgency=low

  * Upload to Karmic

openjdk-6 (6b18-1.8-4ubuntu3) lucid-proposed; urgency=low

  * Update from the 1.8 branch.
  * Rebuild with fixed ant.
  * Disable building the shark based VM on armel.
  * Always build the ARM assembler interpreter in arm mode.

openjdk-6 (6b18-1.8-4) unstable; urgency=low

  * Update from the 1.8 branch.
    - Plugin and netx fixes.
    - Don't link the plugin against the libxul libraries. Closes: #576361.
    - More plugin cpu usage fixes. Closes: #584335, #587049.
    - Plugin: fixes AppletContext.getApplets().
    - Fix race conditions in plugin initialization code that were causing
      hangs when loading multiple applets in parallel.
  * Fix Vcs-Bzr location. Closes: #530883.
  * Search for unversioned llvm-config tool.
  * Don't set XFILESEARCHPATH and NLSPATH on startup. LP: #586641.
  * Fix chinese font metrics and prefer using 'WenQuanYi Micro Hei' font.
    LP: #472845.
  * Strip libjvm.so with --strip-debug instead of --strip-unneeded.
    LP: #574997.
  * Don't turn on the ARM assembler interpreter when building the shark
    VM.

openjdk-6 (6b18-1.8-3) unstable; urgency=low

  * Update from the 1.8 branch.
    - Plugin fixes. LP: #597714.
  * Add powerpcspe build fixes (Sebastian Andrzej Siewior). Closes: #586359.
  * Work around build failure on buildds configured with low ARG_MAX
    (Giovanni Mascellani). Closes: #575254.

openjdk-6 (6b18-1.8-2ubuntu2) maverick; urgency=low

  * Search for unversioned llvm-config tool.

openjdk-6 (6b18-1.8-2ubuntu1) maverick; urgency=low

  * Upload to maverick.

openjdk-6 (6b18-1.8-2) unstable; urgency=low

  * Update from the 1.8 branch.
    - Fix build on Hitachi SH. Closes: #575346.
    - Shark and Zero fixes.
  * Build shark using llvm-2.7.
  * Don't use shark to run the test harness when testing the shark build.
  * README.Debian: Add paragraph about debugging the IcedTea NPPlugin.

openjdk-6 (6b18-1.8-1) unstable; urgency=low

  * Upload to unstable.

openjdk-6 (6b18-1.8-0ubuntu1) lucid; urgency=low

  * Update IcedTea6 to the icedtea6-1.8 release.
  * Fix builds on Ubuntu/dapper and Debian/lenny.
  * On hppa, configure --without-rhino --disable-plugin.
  * Fix Hitachi SH configury. Closes: #575346.
  * Start a window manager when running the tests. Prefer metacity,
    as more tests pass with it.
  * Let XToolkit.isTraySupported() return true, if Compiz is running.
    Works around sun#6438179. LP: #300948.
  * Make <java_home>/jre/lib/security/nss.cfg a config file.
  * Fail in the configuration of the packages, if /proc is not mounted.
    java currently uses tricks to find its own shared libraries depending
    on the path of the binary. Will be changed in OpenJDK7. Closes: #576453.
  * Fix PR icedtea/469, testsuite failures with the NSS based security
    provider. LP: #556549.
  * Do not pass LD_LIBRARY_PATH from the plugin to the java process.
    While libnss3.so gets loaded from /usr/lib, the dependent libraries
    are loaded from MOZILLA_FIVE_HOME (See #561216 for the wrong firefox
    config). LP: #561124.
    Closes as well: LP: #551328, #554909, #560829, #549010, #553452.
  * Always build shark with hs14.

openjdk-6 (6b18~pre4-1ubuntu1) lucid; urgency=low

  * Build-depend on xulrunner-1.9.2-dev instead of xulrunner-dev,
    unexpectedly demoted to universe.
  * icedtea6-plugin: Hardcode dependency on xulrunner-1.9.2. No way
    to do better? See #552780.
  * Fix builds on Ubuntu hardy.

openjdk-6 (6b18~pre4-1) unstable; urgency=high

  * Upload to unstable.

openjdk-6 (6b18~pre4-0ubuntu2) lucid; urgency=low

  * Fix typo in NPPlugin code. LP: #552287.

openjdk-6 (6b18~pre4-0ubuntu1) lucid; urgency=low

  [ Matthias Klose ]
  * Update IcedTea6 form the 1.8 branch.
  * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
    - (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299).
    - (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors
      if run with -Xcomp (6894807).
    - (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability
      (6899653).
    - (CVE-2010-0082): Loader-constraint table allows arrays instead of
      only the base-classes (6626217).
    - (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret
      network addresses (6893954) [ZDI-CAN-603].
    - (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390).
    - (CVE-2010-0091): Unsigned applet can retrieve the dragged information
      before drop action occurs (6887703).
    - (CVE-2010-0088): Inflater/Deflater clone issues (6745393).
    - (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains
      (6633872).
    - (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR
      error (6888149).
    - (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should
      enforce stricter checks (6893947) [ZDI-CAN-588].
    - (CVE-2010-0093): System.arraycopy unable to reference elements
      beyond Integer.MAX_VALUE bytes (6892265).
    - (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation
      Vulnerability (6904691).
    - (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823).
    - (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability
      (6914866).
    - (CVE-2009-3555): TLS: MITM attacks via session renegotiation.
    - 6639665: ThreadGroup finalizer allows creation of false root
      ThreadGroups.
    - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly.
      encoded CommonName OIDs.
    - 6910590: Application can modify command array in ProcessBuilder.
    - 6909597: JPEGImageReader stepX Integer Overflow Vulnerability.
    - 6932480: Crash in CompilerThread/Parser. Unloaded array klass?
    - 6898739: TLS renegotiation issue.

  [ Torsten Werner ]
  * Switch off IPV6_V6ONLY for IN6_IS_ADDR_UNSPECIFIED addresses, too.
    (Closes: #575163)

openjdk-6 (6b18~pre3-1) unstable; urgency=low

  [ Matthias Klose ]
  * Update IcedTea build infrastructure (20100321).
  * Update support for SH4 (Nobuhiro Iwamatsu).
  * Handle renaming of the plugin name.

  [ Torsten Werner ]
  * Improve patch for IPv4 mapped IPv6 addresses even more.
    (Closes: #573742)

openjdk-6 (6b18~pre2-1ubuntu2) lucid; urgency=low

  * Fix build failure on ARM.

openjdk-6 (6b18~pre2-1ubuntu1) lucid; urgency=low

  * Upload to lucid.

openjdk-6 (6b18~pre2-1) unstable; urgency=low

  * Update IcedTea build infrastructure (20100310).
  * Disable building the plugin the plugin on alpha (borked xulrunner
    packaging using binary indep packages).
  * Use a two stage build on alpha.
  * Add note about the reparenting WM workaround. Closes: #573026.
  * Prefer Sazanami instead of Kochi for Japanese fonts (Hideki Yamane).
    Closes: #572511.
  * openjdk-6-doc: Don't compress package-list files. Closes: #567899.

openjdk-6 (6b18~pre1-4) unstable; urgency=low

  * Improve patch for IPv4 mapped IPv6 addresses.

openjdk-6 (6b18~pre1-3) unstable; urgency=low

  * Add a patch for improved handling of IPv4 mapped IPv6 addresses.
    (Closes: #560056, #561930, #563699, #563946)

openjdk-6 (6b18~pre1-2) unstable; urgency=low

  * Change Build-Depends: ant1.7-optional because of a bus error in gij.

openjdk-6 (6b18~pre1-1ubuntu1) lucid; urgency=low

  * Ignore error code running ant -diagnostics.
  * Build-depend on ant-optional.
  * Disable the cacao build on armel, fails to build with the non
    bootstrap build.

openjdk-6 (6b18~pre1-1) unstable; urgency=low

  * Upload to unstable.

openjdk-6 (6b18~pre1-0ubuntu1) lucid; urgency=low

  * New Openjdk6 b18 source code drop.
  * Use mangled copy of rhino. Closes: #512970. LP: #255149.

openjdk-6 (6b17-1.7-1ubuntu1) lucid; urgency=low

  * ARM Thumb2 updates.
  * Test build using Hotspt hs14 on ix86.

openjdk-6 (6b18~pre1-1) unstable; urgency=low

  * Upload to unstable.

openjdk-6 (6b18~pre1-0ubuntu1) lucid; urgency=low

  * New Openjdk6 b18 source code drop.
  * Use mangled copy of rhino. Closes: #512970. LP: #255149.

openjdk-6 (6b17-1.7-1ubuntu1) lucid; urgency=low

  * ARM Thumb2 updates.
  * Test build using Hotspt hs14 on ix86.

openjdk-6 (6b17-1.7-1) unstable; urgency=low

  * Upload to unstable.

openjdk-6 (6b17-1.7-0ubuntu1) lucid; urgency=low

  * IcedTea6 1.7 release.
  * Don't try to load libjpeg7; still building with libjpeg62. Closes: #563999.
  * Run the testsuite on sh4.
  * Ubuntu only: Implement an execute bit checker for the Non-Exec Policy
    - debian/JB-java.desktop.in: update mime handler to use new launcher.
  * armel: Apply the thumb2 patches from the trunk, plus proposed patches
    for the trunk.

openjdk-6 (6b17-0ubuntu1) lucid; urgency=low

  * Build from the IcedTea6-1.7 branch.
  * Don't build the plugin on sparc64.
  * Enable the NPPlugin.
  * Add support for SH4 (Nobuhiro Iwamatsu).
  * Fix crash in the ARM assembler interpreter (Edward Nevill).

openjdk-6 (6b17~pre3-1ubuntu2) lucid; urgency=low

  * Update IcedTea build infrastructure (20091224).
  * Explicitely build-depend on x11-xkb-utils (xkbcomp is needed by
    xvfb-run).

openjdk-6 (6b17~pre3-1ubuntu1) lucid; urgency=low

  * Upload to lucid.

openjdk-6 (6b17~pre3-1) unstable; urgency=low

  * Update IcedTea build infrastructure (20091218).
  * Install docs into the openjdk-6-jre-headless directory instead of
    openjdk-6-jre.

openjdk-6 (6b17~pre2-1ubuntu1) lucid; urgency=low

  * Update IcedTea build infrastructure (20091215).
  * Fix cacao build on armel with current optimization defaults.

openjdk-6 (6b17~pre2-1) unstable; urgency=low

  * Upload to unstable.

openjdk-6 (6b17~pre2-0ubuntu3) lucid; urgency=low

  * Security updates:
    - (CVE-2009-3728) ICC_Profile file existence detection information leak
      (6631533).
    - (CVE-2009-3885) BMP parsing DoS with UNC ICC links (6632445).
    - (CVE-2009-3881) resurrected classloaders can still have children
      (6636650).
    - (CVE-2009-3882) Numerous static security flaws in Swing (findbugs)
      (6657026).
    - (CVE-2009-3883) Mutable statics in Windows PL&F (findbugs) (6657138).
    - (CVE-2009-3880) UI logging information leakage (6664512).
    - (CVE-2009-3879) GraphicsConfiguration information leak (6822057).
    - (CVE-2009-3884) zoneinfo file existence information leak (6824265).
    - (CVE-2009-2409) deprecate MD2 in SSL cert validation (Kaminsky) (6861062).
    - (CVE-2009-3873) JPEG Image Writer quantization problem (6862968).
    - (CVE-2009-3875) MessageDigest.isEqual introduces timing attack
      vulnerabilities (6863503).
    - (CVE-2009-3876, CVE-2009-3877) OpenJDK ASN.1/DER input stream parser
      denial of service (6864911).
    - (CVE-2009-3869) JRE AWT setDifflCM stack overflow (6872357).
    - (CVE-2009-3874) ImageI/O JPEG heap overflow (6874643.
    - (CVE-2009-3871) JRE AWT setBytePixels heap overflow (6872358).
  * Update IcedTea build infrastructure (20091109).
  * Use hs16 on armel.

openjdk-6 (6b17~pre2-0ubuntu2) lucid; urgency=low

  * Don't use hs16 on armel and sparc.

openjdk-6 (6b17~pre2-0ubuntu1) lucid; urgency=low

  * New code drop (b17).
  * Bump hotspot to hs16.
  * Update IcedTea build infrastructure (20091031).
  * Set priority of default -jre and -jdk packages to optional.
  * Fix binary-all to binary-any dependencies. Closes: #550680.
 -- Chris Coulson <email address hidden>   Fri, 16 Jul 2010 23:51:34 +0100