lp:ubuntu/jaunty-security/openjdk-6
- Get this branch:
- bzr branch lp:ubuntu/jaunty-security/openjdk-6
Branch merges
Related bugs
Related blueprints
Branch information
Recent revisions
- 78. By Matthias Klose
-
* IcedTea6 1.8.1 release.
- Fix security flaw in NetX that allows arbitrary unsigned apps to set
any java property.
- Fix security flaw in NetX that allows unsigned code to access any file
on the machine (accessible to the user) and write to it.
* openjdk-6-jre: Recommend ttf-dejavu-extra. LP: #569396.
* Don't build the plugin on sparc for hardy and jaunty releases. - 76. By Matthias Klose
-
* Security updates:
- 6626217: Loader-constraint table allows arrays instead of only
the base-classes.
- 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
- 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups.
- 6736390: File TOCTOU deserialization vulnerability.
- 6745393: Inflater/Deflater clone issues.
- 6887703: Unsigned applet can retrieve the dragged information before drop
action occur.
- 6888149: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error.
- 6892265: System.arraycopy unable to reference elements beyond
Integer.MAX_VALUE bytes.
- 6893947: Deserialization of RMIConnectionImpl objects should enforce
stricter checks [ZDI-CAN-588].
- 6893954: Subclasses of InetAddress may incorrectly interpret network
addresses [ZDI-CAN-603].
- 6894807: No ClassCastException for HashAttributeSet constructors if run
with -Xcomp.
- 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly
encoded CommonName OIDs.
- 6898739: TLS renegotiation issue.
- 6899653: Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability.
- 6902299: Java JAR "unpack200" must verify input parameters.
- 6904691: Java Applet Trusted Methods Chaining Privilege Escalation
Vulnerability.
- 6909597: Java Runtime Environment JPEGImageReader stepX Integer Overflow
Vulnerability.
- 6910590: Application can modify command array, in ProcessBuilder.
- 6914823: Java AWT Library Invalid Index Vulnerability.
- 6914866: JRE ImagingLib arbitrary code execution vulnerability.
- 6932480: Crash in CompilerThread/Parser. - 75. By Matthias Klose
-
* Security updates:
- (CVE-2009-3728) ICC_Profile file existence detection information leak
(6631533).
- (CVE-2009-3885) BMP parsing DoS with UNC ICC links (6632445).
- (CVE-2009-3881) resurrected classloaders can still have children
(6636650).
- (CVE-2009-3882) Numerous static security flaws in Swing (findbugs)
(6657026).
- (CVE-2009-3883) Mutable statics in Windows PL&F (findbugs) (6657138).
- (CVE-2009-3880) UI logging information leakage (6664512).
- (CVE-2009-3879) GraphicsConfiguration information leak (6822057).
- (CVE-2009-3884) zoneinfo file existence information leak (6824265).
- (CVE-2009-2409) deprecate MD2 in SSL cert validation (Kaminsky) (6861062).
- (CVE-2009-3873) JPEG Image Writer quantization problem (6862968).
- (CVE-2009-3875) MessageDigest.isEqual introduces timing attack
vulnerabilities (6863503).
- (CVE-2009-3876, CVE-2009-3877) OpenJDK ASN.1/DER input stream parser
denial of service (6864911).
- (CVE-2009-3869) JRE AWT setDifflCM stack overflow (6872357).
- (CVE-2009-3874) ImageI/O JPEG heap overflow (6874643.
- (CVE-2009-3871) JRE AWT setBytePixels heap overflow (6872358). - 74. By Matthias Klose
-
* Add Java security patches for various issues:
- CVE-2009-0217 xmlsec1, mono, xml-security-c,
xml-security- 1.3.0-1jpp. ep1.*: XMLDsig HMAC-based signatures spoofing
and authentication bypass.
- CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524).
- CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks
(6801071).
- CVE-2009-2673 OpenJDK proxy mechanism allows non-authorized socket
connections (6801497).
- CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow
(6823373).
- CVE-2009-2675 Java Web Start Buffer unpack200 processing integer
overflow (6830335).
- CVE-2009-2625 OpenJDK XML parsing Denial-Of-Service (6845701).
- CVE-2009-2475 OpenJDK information leaks in mutable variables (6588003,
6656586, 6656610, 6656625, 6657133, 6657619, 6657625, 6657695, 6660049,
6660539, 6813167).
- CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293).
- CVE-2009-2690 OpenJDK private variable information disclosure (6777487).
- CVE-2009-2676 JRE applet launcher vulnerability. - 73. By Matthias Klose
-
* Don't use some indian fonts with diverging font metrics for the
latin-1.UTF-8 encoding. LP: #289784.
* Disable running the testsuite for this build (no code changes compared
to the previous upload). - 71. By Matthias Klose
-
[Matthias Klose]
* Update to the final CACAO 0.99.4 release.
* Security Vulnerability Fixes for OpenJDK:
- 6522586: Enforce limits on Font creation.
- 6536193: flaw in UTF8XmlOutput.
- 6610888: Potential use of cleared of incorrect acc in JMX Monitor.
- 6610896: JMX Monitor handles thread groups incorrectly.
- 6630639: lightweight HttpServer leaks file descriptors on no-data
connections.
- 6632886: Font.createFont can be persuaded to leak temporary files.
- 6636360: compiler/6595044/ Main.java test fails with 64bit java on
solaris-sparcv9 with SIGSEGV.
- 6652463: MediaSize constructors allow to redefine the mapping of
standard MediaSizeName values.
- 6652929: Font.createFont(int,File) trusts File.getPath.
- 6656633: getNotificationInfo methods static mutable (findbugs).
- 6658158: Mutable statics in SAAJ (findbugs).
- 6658163: txw2.DatatypeWriter.BUILDIN is a mutable static (findbugs).
- 6691246: Thread context class loader can be set using JMX remote
ClientNotifForwarded.
- 6717680: LdapCtx does not close the connection if initialization fails.
- 6721651: Security problem with out-of-the-box management.
- 6737315: LDAP serialized data vulnerability.
- 6792554: Java JAR Pack200 header checks are insufficent.
- 6804996: JWS PNG Decoding Integer Overflow [V-flrhat2ln8].
- 6804997: JWS GIF Decoding Heap Corruption [V-r687oxuocp].
- 6804998: JRE GIF Decoding Heap Corruption [V-y6g5jlm8e1].
* Add security patch for the lcms library.
* Add accessibility patches java-access-bridge- security. patch and
accessible-toolkit. patch.
* Merge fixes for testsuite failures from the IcedTea6 branch.
* Merge the proxy support for the plugin from the IcedTea6 branch.
* Merge http://icedtea. classpath. org/hg/ release/ icedtea6- 1.4.1/rev/ 546ef0cdee06
(TJ). LP: #344705.
* Add a Xb-Npp-Description for the IcedTea plugin. LP: #272010.[Edward Nevill]
* Put VFP back in - selects VFP / novfp autmatically
* More assembler optimisations - 70. By Matthias Klose
-
* Disable the additional zero JVM on sparc.
* patches/hotspot/ default/ icedtea- includedb. patch: Add missing include in
openjdk/hotspot/ src/share/ vm/includeDB_ core.
* Fix build failure of the zero VM on lpia with a fixed GCC.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/openjdk-6