Ubuntu
openjdk-6b18 package

lp:ubuntu/lucid-security/openjdk-6b18

  1. Lucid (10.04)
  2. lucid-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/lucid-security/openjdk-6b18
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

11. By Steve Beattie

* SECURITY UPDATE: update to IcedTea 6 1.8.13
  - Security fixes:
    - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
    - S7088367, CVE-2011-3563: Fix issues in java sound
    - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
      method
    - S7110687, CVE-2012-0503: Issues with TimeZone class
    - S7110700, CVE-2012-0505: Enhance exception throwing mechanism
      in ObjectStreamClass
    - S7110704, CVE-2012-0506: Issues with some method in corba
    - S7112642, CVE-2012-0497: Incorrect checking for graphics
      rendering object
    - S7118283, CVE-2012-0501: Better input parameter checking in
      zip file processing
    - S7126960, CVE-2011-5035: (httpserver) Add property to limit
      number of request headers to the HTTP Server
  - Bug fixes:
    - S7102369, RH751203: remove java.rmi.server.codebase property
      parsing from registyimpl
    - S7094468, RH751203: rmiregistry clean up
    - S6851973, PR830: ignore incoming channel binding if acceptor
      does not set one
* drop debian/patches/openjdk-7103725-ssl_beast_regression.patch as
  it's included in the upstream release.

10. By Steve Beattie

debian/patches/openjdk-7103725-ssl_beast_regression.patch:
Add regression fix for broken ssl connectivity when using
TLS_DH_anon_WITH_AES_128_CBC_SHA (LP: #891761)

9. By Steve Beattie

* SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
  - debian/patches/SOP-bypass-icedtea6-1.8.patch: Remove special
    case for SocketPermission.
  - CVE-2011-3377
  - Applied inline due to needing to apply patches only once for netx,
    not for every vm

8. By Steve Beattie

* SECURITY UPDATE: information disclosure
  - IcedTea 1.8.9 release:
    + debian/patches/cache-directory-exposed-it6-1.9.patch: don't
      allow unsigned web start applications/applets determine the
      location of the netx cache directory
    + CVE-2011-2513
    + applied inline due to no natty update (icedtea-web is
      separate there)
* netx/net/sourceforge/jnlp/runtime/CachedJarFileCallback.java:
  remove Override attributes per
  http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=764

7. By Steve Beattie

* SECURITY UPDATE: IcedTea6 1.8.8 release.
  - S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent
    disabled get still selected for read ops (win)
  - S6618658, CVE-2011-0865: Vulnerability in deserialization
  - S7012520, CVE-2011-0815: Heap overflow vulnerability in
    FileDialog.show()
  - S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code
  - S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
    bindings
  - S7013971, CVE-2011-0869: Vulnerability in SAAJ
  - S7016340, CVE-2011-0870: Vulnerability in SAAJ
  - S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with
    scale close to zero
  - S7020198, CVE-2011-0871: ImageIcon creates Component with null acc
  - S7020373, CVE-2011-0864: JSR rewriting can overflow memory address
    size variables
* Backport CACAO updates from the 6-1.10 branch.
* debian/generate_debian_orig.sh: adjust settings to match the
  generation of this update.
* debian/rules: debian/patches/hotspot-fix_added_define.patch;
  applied upstream

6. By Steve Beattie

* Rebuild after pulling binutils and gcj-4.4 from lucid-updates to
  lucid-security to fix FTBFS
* debian/patches/hotspot-fix_added_define.patch: added to fix
  redefinition added by patch for S6878713

5. By Matthias Klose

* IcedTea6 1.8.5 release.
  - CVE-2011-0025: IcedTea jarfile signature verification bypass.

4. By Matthias Klose

* IcedTea6 1.8.4 release.
  - Fix CVE-2010-4351: IcedTea JNLP SecurityManager bypass.

3. By Matthias Klose

* IcedTea6 1.8.3 release.
  - CVE-2010-3860: Fix IcedTea System property information leak via
    public static.
* Start metacity using dbus-launch, when running the testsuite. LP: #632594.

2. By Matthias Klose

* Build as separate source, just for armel.
* Merge the -lib package into the -jre-headless package.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/openjdk-6b18
This branch contains Public information 
Everyone can see this information.

Subscribers