Created by Matthias Klose on 2010-06-27 and last modified on 2015-08-01
Get this branch:
bzr branch lp:~openjdk/openjdk/openjdk6
Members of OpenJDK can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information


Recent revisions

572. By Matthias Klose on 2015-08-01

openjdk-6 (6b36-1.13.8-1) experimental; urgency=medium

  * IcedTea 1.13.8 release.
  * Security fixes:
    - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
    - S8067694, CVE-2015-2625: Improved certification checking.
    - S8071715, CVE-2015-4760: Tune font layout engine.
    - S8071731: Better scaling for C1.
    - S8072490: Better font morphing redux.
    - S8072887: Better font handling improvements.
    - S8073334: Improved font substitutions.
    - S8073773: Presume path preparedness.
    - S8073894: Getting to the root of certificate chains.
    - S8074330: Set font anchors more solidly.
    - S8074335: Substitute for substitution formats.
    - S8074865, CVE-2015-2601: General crypto resilience changes.
    - S8074871: Adjust device table handling.
    - S8075374, CVE-2015-4748: Responding to OCSP responses.
    - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
    - S8075738: Better multi-JVM sharing.
    - S8075838: Method for typing MethodTypes.
    - S8075853, CVE-2015-2621: Proxy for MBean proxies.
    - S8076328, CVE-2015-4000: Enforce key exchange constraints.
    - S8076376, CVE-2015-2628: Enhance IIOP operations.
    - S8076397, CVE-2015-4731: Better MBean connections.
    - S8076401, CVE-2015-2590: Serialize OIS data.
    - S8076405, CVE-2015-4732: Improve serial serialization.
    - S8076409, CVE-2015-4733: Reinforce RMI framework.
    - S8077520, CVE-2015-2632: Morph tables into improved form.
    - PR2488, CVE-2015-4000: Make jdk8 mode the default for
  * Refresh patches.

 -- Matthias Klose <email address hidden> Fri, 31 Jul 2015 16:24:22 +0200

571. By Matthias Klose on 2015-04-15

openjdk-6 (6b35-1.13.7-1) unstable; urgency=medium

  * IcedTea 1.13.7 release.
  * Security fixes:
    - S8059064: Better G1 log caching.
    - S8060461: Fix for JDK-8042609 uncovers additional issue.
    - S8064601, CVE-2015-0480: Improve jar file handling.
    - S8065286: Fewer subtable substitutions.
    - S8065291: Improved font lookups.
    - S8066479: Better certificate chain validation.
    - S8067050: Better font consistency checking.
    - S8067684: Better font substitutions.
    - S8067699, CVE-2015-0469: Better glyph storage.
    - S8068320, CVE-2015-0477: Limit applet requests.
    - S8068720, CVE-2015-0488: Better certificate options checking.
    - S8069198: Upgrade image library.
    - S8071726, CVE-2015-0478: Better RSA optimizations.
    - S8071818: Better vectorization on SPARC.
    - S8071931, CVE-2015-0460: Return of the phantom menace.

 -- Matthias Klose <email address hidden> Wed, 15 Apr 2015 16:18:56 +0200

openjdk-6 (6b34-1.13.6-1) unstable; urgency=high

  * IcedTea 1.13.6 release.
  * Security fixes:
   - S8046656: Update protocol support.
   - S8047125, CVE-2015-0395: (ref) More phantom object references.
   - S8047130: Fewer escapes from escape analysis.
   - S8048035, CVE-2015-0400: Ensure proper proxy protocols.
   - S8049253: Better GC validation.
   - S8050807, CVE-2015-0383: Better performing performance data handling.
   - S8054367, CVE-2015-0412: More references for endpoints.
   - S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel.
   - S8055309, CVE-2015-0408: RMI needs better transportation considerations.
   - S8055479: TLAB stability.
   - S8055489, CVE-2014-6585: Better substitution formats.
   - S8056264, CVE-2014-6587: Multicast support improvements.
   - S8056276, CVE-2014-6591: Fontmanager feature improvements.
   - S8057555, CVE-2014-6593: Less cryptic cipher suite management.
   - S8058982, CVE-2014-6601: Better verification of an exceptional
   - S8059485, CVE-2015-0410: Resolve parsing ambiguity.
   - S8061210, CVE-2014-3566: Issues in TLS.
  * Fix applying the fontconfig-dejavu patch for older releases.
  * Fix build on mips64 and mips64el. Addresses #776295.

 -- Matthias Klose <email address hidden> Mon, 26 Jan 2015 13:48:18 +0100

570. By Matthias Klose <doko@18xx.org> on 2014-12-04

  * Fix applaying the fontconfig-dejavu patch for older releases.

569. By Matthias Klose <doko@18xx.org> on 2014-11-13

openjdk-6 (6b33-1.13.5-2) unstable; urgency=medium

  * Fix libjpeg runtime dependency.
  * Fix regression running JamVM after the 2.5.3 security update.
  * Fix regression running CACAO after the 2.5.3 security update.
  * Fix typo in package description. Closes: #706341.

 -- Matthias Klose <email address hidden> Thu, 13 Nov 2014 12:15:51 +0100

openjdk-6 (6b33-1.13.5-1) unstable; urgency=medium

  * IcedTea 1.13.5 release.
  * Security fixes:
    - S8015256: Better class accessibility.
    - S8022783, CVE-2014-6504: Optimize C2 optimizations.
    - S8035162: Service printing service.
    - S8035781: Improve equality for annotations.
    - S8036805: Correct linker method lookup.
    - S8036810: Correct linker field lookup.
    - S8037066, CVE-2014-6457: Secure transport layer.
    - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams.
    - S8038899: Safer safepoints.
    - S8038903: More native monitor monitoring.
    - S8038908: Make Signature more robust.
    - S8038913: Bolster XML support.
    - S8039509, CVE-2014-6512: Wrap sockets more thoroughly.
    - S8039533, CVE-2014-6517: Higher resolution resolvers.
    - S8041540, CVE-2014-6511: Better use of pages in font processing.
    - S8041545: Better validation of generated rasters.
    - S8041564, CVE-2014-6506: Improved management of logger resources.
    - S8041717, CVE-2014-6519: Issue with class file parser.
    - S8042609, CVE-2014-6513: Limit splashiness of splash images.
    - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord.
    - S8044274, CVE-2014-6531: Proper property processing.
  * Update to JamVM-2.0.0.
  * Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo
    (Ondřej Surý). Closes: #763488.
  * Depend on libnss3 instead of libnss3-1d for recent releases.
    Closes: #760122.

 -- Matthias Klose <email address hidden> Wed, 15 Oct 2014 09:43:32 +0200

568. By Matthias Klose <doko@18xx.org> on 2014-10-09

 - Fix typo in nss version

567. By Matthias Klose <doko@18xx.org> on 2014-10-09

  * Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo
    (Ondřej Surý). Closes: #763488.

566. By Matthias Klose <doko@18xx.org> on 2014-10-09

  * Depend on libnss3 instead of libnss3-1d for recent releases.
    Closes: #760122.

565. By Matthias Klose <doko@18xx.org> on 2014-10-04

  * Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo
    (Ondřej Surý). Closes: #763488.

564. By Matthias Klose <doko@18xx.org> on 2014-08-04

openjdk-6 (6b32-1.13.4-4) unstable; urgency=medium

  * Adjust patches for upstream renaming build flags. Adds the jni
    paths again to the default search path. Closes: #747506.

 -- Matthias Klose <email address hidden> Mon, 04 Aug 2014 14:35:03 +0200

563. By Matthias Klose <doko@18xx.org> on 2014-07-16

openjdk-6 (6b32-1.13.4-1) unstable; urgency=high

  * IcedTea 1.13.4 release.
  * Security fixes:
    - S8029755, CVE-2014-4209: Enhance subject class.
    - S8030763: Validate global memory allocation.
    - S8031346, CVE-2014-4244: Enhance RSA key handling.
    - S8031540: Introduce document horizon.
    - S8032536: JVM resolves wrong method in some unusual cases.
    - S8033055: Issues in 2d.
    - S8033301, CVE-2014-4266: Build more informative InfoBuilder.
    - S8034267: Probabilistic native crash.
    - S8034272: Do not cram data into CRAM arrays.
    - S8035004, CVE-2014-4252: Provider provides less service.
    - S8035009, CVE-2014-4218: Make Proxy representations consistent.
    - S8035119, CVE-2014-4219: Fix exceptions to bytecode verification.
    - S8035699, CVE-2014-4268: File choosers should be choosier.
    - S8036571: (process) Process process arguments carefully.
    - S8036800: Attribute OOM to correct part of code.
    - S8037046: Validate libraries to be loaded.
    - S8037157: Verify <init> call.
    - S8037076, CVE-2014-2490: Check constant pool constants.
    - S8037162, CVE-2014-4263: More robust DH exchanges.
    - S8037167, CVE-2014-4216: Better method signature resolution.
    - S8039520, CVE-2014-4262: More atomicity of atomic updates.

 -- Matthias Klose <email address hidden> Wed, 16 Jul 2014 02:22:50 +0200

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.