lp:ubuntu/lucid-security/openjdk-6b18
- Get this branch:
- bzr branch lp:ubuntu/lucid-security/openjdk-6b18
Branch merges
Branch information
Recent revisions
- 11. By Steve Beattie
-
* SECURITY UPDATE: update to IcedTea 6 1.8.13
- Security fixes:
- S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
- S7088367, CVE-2011-3563: Fix issues in java sound
- S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
method
- S7110687, CVE-2012-0503: Issues with TimeZone class
- S7110700, CVE-2012-0505: Enhance exception throwing mechanism
in ObjectStreamClass
- S7110704, CVE-2012-0506: Issues with some method in corba
- S7112642, CVE-2012-0497: Incorrect checking for graphics
rendering object
- S7118283, CVE-2012-0501: Better input parameter checking in
zip file processing
- S7126960, CVE-2011-5035: (httpserver) Add property to limit
number of request headers to the HTTP Server
- Bug fixes:
- S7102369, RH751203: remove java.rmi.server. codebase property
parsing from registyimpl
- S7094468, RH751203: rmiregistry clean up
- S6851973, PR830: ignore incoming channel binding if acceptor
does not set one
* drop debian/patches/ openjdk- 7103725- ssl_beast_ regression. patch as
it's included in the upstream release. - 10. By Steve Beattie
-
debian/
patches/ openjdk- 7103725- ssl_beast_ regression. patch:
Add regression fix for broken ssl connectivity when using
TLS_DH_anon_WITH_ AES_128_ CBC_SHA (LP: #891761) - 9. By Steve Beattie
-
* SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
- debian/patches/ SOP-bypass- icedtea6- 1.8.patch: Remove special
case for SocketPermission.
- CVE-2011-3377
- Applied inline due to needing to apply patches only once for netx,
not for every vm - 8. By Steve Beattie
-
* SECURITY UPDATE: information disclosure
- IcedTea 1.8.9 release:
+ debian/patches/ cache-directory -exposed- it6-1.9. patch: don't
allow unsigned web start applications/applets determine the
location of the netx cache directory
+ CVE-2011-2513
+ applied inline due to no natty update (icedtea-web is
separate there)
* netx/net/sourceforge/ jnlp/runtime/ CachedJarFileCa llback. java:
remove Override attributes per
http://icedtea. classpath. org/bugzilla/ show_bug. cgi?id= 764 - 7. By Steve Beattie
-
* SECURITY UPDATE: IcedTea6 1.8.8 release.
- S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent
disabled get still selected for read ops (win)
- S6618658, CVE-2011-0865: Vulnerability in deserialization
- S7012520, CVE-2011-0815: Heap overflow vulnerability in
FileDialog.show()
- S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code
- S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
bindings
- S7013971, CVE-2011-0869: Vulnerability in SAAJ
- S7016340, CVE-2011-0870: Vulnerability in SAAJ
- S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with
scale close to zero
- S7020198, CVE-2011-0871: ImageIcon creates Component with null acc
- S7020373, CVE-2011-0864: JSR rewriting can overflow memory address
size variables
* Backport CACAO updates from the 6-1.10 branch.
* debian/generate_ debian_ orig.sh: adjust settings to match the
generation of this update.
* debian/rules: debian/patches/ hotspot- fix_added_ define. patch;
applied upstream - 6. By Steve Beattie
-
* Rebuild after pulling binutils and gcj-4.4 from lucid-updates to
lucid-security to fix FTBFS
* debian/patches/ hotspot- fix_added_ define. patch: added to fix
redefinition added by patch for S6878713 - 5. By Matthias Klose
-
* IcedTea6 1.8.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass. - 4. By Matthias Klose
-
* IcedTea6 1.8.4 release.
- Fix CVE-2010-4351: IcedTea JNLP SecurityManager bypass. - 3. By Matthias Klose
-
* IcedTea6 1.8.3 release.
- CVE-2010-3860: Fix IcedTea System property information leak via
public static.
* Start metacity using dbus-launch, when running the testsuite. LP: #632594. - 2. By Matthias Klose
-
* Build as separate source, just for armel.
* Merge the -lib package into the -jre-headless package.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/openjdk-6b18