lp:ubuntu/hardy-security/openjdk-6

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

14. By Marc Deslauriers on 2010-11-22

* Rebuilt for hardy
* debian/rules: relax fastjar version to the one in hardy.

13. By Matthias Klose on 2010-10-20

Upload to hardy.

12. By Matthias Klose on 2010-08-24

* openjdk-6-jre-headless: Provide java-virtual-machine for releases
  older than karmic.
* Plugin and netx fixes.

11. By Kees Cook on 2010-07-28

debian/control: adjust fastjar requirements for Hardy build.

10. By Matthias Klose on 2010-03-29

* SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
  - 6626217: Loader-constraint table allows arrays instead of only
    the base-classes.
  - 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
  - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups.
  - 6736390: File TOCTOU deserialization vulnerability.
  - 6745393: Inflater/Deflater clone issues.
  - 6887703: Unsigned applet can retrieve the dragged information before drop
    action occur.
  - 6888149: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error.
  - 6892265: System.arraycopy unable to reference elements beyond
    Integer.MAX_VALUE bytes.
  - 6893947: Deserialization of RMIConnectionImpl objects should enforce
    stricter checks [ZDI-CAN-588].
  - 6893954: Subclasses of InetAddress may incorrectly interpret network
    addresses [ZDI-CAN-603].
  - 6894807: No ClassCastException for HashAttributeSet constructors if run
    with -Xcomp.
  - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly
    encoded CommonName OIDs.
  - 6898739: TLS renegotiation issue.
  - 6899653: Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability.
  - 6902299: Java JAR "unpack200" must verify input parameters.
  - 6904691: Java Applet Trusted Methods Chaining Privilege Escalation
    Vulnerability.
  - 6909597: Java Runtime Environment JPEGImageReader stepX Integer Overflow
    Vulnerability.
  - 6910590: Application can modify command array, in ProcessBuilder.
  - 6914823: Java AWT Library Invalid Index Vulnerability.
  - 6914866: JRE ImagingLib arbitrary code execution vulnerability.
  - 6932480: Crash in CompilerThread/Parser.

9. By Kees Cook on 2009-01-29

* SECURITY UPDATE: multiple upstream vulnerabilities.
  - upstream fixes, thanks to Bernhard R. Link:
    - patches/icedtea-4486841.patch fixes CVE-2008-5351:
       UTF-8 decoder accepts non-shortest form sequences,
    - patches/icedtea-6484091.patch fixes CVE-2008-5350:
       allows to list files within the user home directory,
    - patches/icedtea-6497740.patch fixes CVE-2008-5349:
       RSA public key length denial-of-service,
    - patches/icedtea-6588160.patch fixes CVE-2008-5348:
       Denial-Of-Service in kerberos authentication,
    - patches/icedtea-6592792.patch fixes CVE-2008-5347:
       applet privilege escalation via JAX package access,
    - patches/icedtea-6721753.patch fixes CVE-2008-5360:
       temporary files have guessable file names,
    - patches/icedtea-6726779.patch fixes CVE-2008-5359:
       Buffer overflow in image processing,
    - patches/icedtea-6733959.patch fixes CVE-2008-5354:
       Privilege escalation in command line applications,
    - patches/icedtea-6734167.patch fixes CVE-2008-5353:
       calender object deserialization allows privilege escalation,
    - patches/icedtea-6755943.patch fixes CVE-2008-5352:
       Jar200 Decompression buffer overflow,
    - patches/icedtea-6766136.patch fixes CVE-2008-5358:
       Buffer Overflow in GIF image processing.
* add debian/patches/donotdelete.diff:
  fix MultipleJRE.sh to remove the link in the error-path, otherwise
  the test-suite removes the whole build/*/j2sdk-image directory on error.

8. By Matthias Klose on 2008-03-28

* New code drop (b08).
* Update IcedTea build infrastructure.
* Move binfmt-support references from -jre to -jre-headless package.
* Don't fail on purge, if /var/lib/binfmts/openjdk-6 is missing. LP: #206721.
* Only use the basename for icons in desktop files. LP: #207413.
* Install javaws(1). LP: #191297.
* Install a wrapper script for javaws, which calls `javaws -viewer' if no
  arguments are given (or else starting javaws from the desktop menu
  would not do anything).
* debian/JB-web-start.applications.in: Remove the -viewer option from command.

7. By Matthias Klose on 2008-03-22

* New code drop (b07).
* Update IcedTea build infrastructure.
* debian/copyright: Update to OpenJDK Trademark Notice v1.1.

6. By Matthias Klose on 2008-03-22

* Update icon locations in menu files.
* openjdk-6-jre-headless: Provide java-virtual-machine. LP: #189953.
* openjdk-6-jre-headless: Add a conflict to gcjwebplugin; for openjdk
  use the icetea-gcjwebplugin, for gij the java-gcj-compat-plugin.

5. By Matthias Klose on 2008-03-19

* Update IcedTea to 20080319.
* Move rt.jar into the openjdk-6-jre-headless package; sun/awt/X11
  class files differ between amd64 and i386.
* Install all desktop files in /usr/share/applications.