[ubuntu/lucid-security] openjdk-6 6b20-1.9.13-0ubuntu1~10.04.1 (Accepted)

Thu Feb 23 22:37:58 UTC 2012

openjdk-6 (6b20-1.9.13-0ubuntu1~10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: update to IcedTea 6 1.9.13
    - Security fixes:
      - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
      - S7088367, CVE-2011-3563: Fix issues in java sound
      - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
        method
      - S7110687, CVE-2012-0503: Issues with TimeZone class
      - S7110700, CVE-2012-0505: Enhance exception throwing mechanism
        in ObjectStreamClass
      - S7110704, CVE-2012-0506: Issues with some method in corba
      - S7112642, CVE-2012-0497: Incorrect checking for graphics
        rendering object
      - S7118283, CVE-2012-0501: Better input parameter checking in
        zip file processing
      - S7126960, CVE-2011-5035: (httpserver) Add property to limit
        number of request headers to the HTTP Server
    - Bug fixes:
      - S7102369, RH751203: remove java.rmi.server.codebase property
        parsing from registyimpl
      - S7094468, RH751203: rmiregistry clean up
      - S6851973, PR830: ignore incoming channel binding if acceptor
        does not set one
  * drop debian/patches/openjdk-7103725-ssl_beast_regression.patch as
    it's included in the upstream release.

Date: Wed, 15 Feb 2012 14:53:15 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.04.1
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 14:53:15 -0800
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea6-plugin icedtea-6-jre-cacao openjdk-6-jre-zero
Architecture: source
Version: 6b20-1.9.13-0ubuntu1~10.04.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-6-source - OpenJDK Development Kit (JDK) source files
Changes: 
 openjdk-6 (6b20-1.9.13-0ubuntu1~10.04.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: update to IcedTea 6 1.9.13
     - Security fixes:
       - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
       - S7088367, CVE-2011-3563: Fix issues in java sound
       - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager
         method
       - S7110687, CVE-2012-0503: Issues with TimeZone class
       - S7110700, CVE-2012-0505: Enhance exception throwing mechanism
         in ObjectStreamClass
       - S7110704, CVE-2012-0506: Issues with some method in corba
       - S7112642, CVE-2012-0497: Incorrect checking for graphics
         rendering object
       - S7118283, CVE-2012-0501: Better input parameter checking in
         zip file processing
       - S7126960, CVE-2011-5035: (httpserver) Add property to limit
         number of request headers to the HTTP Server
     - Bug fixes:
       - S7102369, RH751203: remove java.rmi.server.codebase property
         parsing from registyimpl
       - S7094468, RH751203: rmiregistry clean up
       - S6851973, PR830: ignore incoming channel binding if acceptor
         does not set one
   * drop debian/patches/openjdk-7103725-ssl_beast_regression.patch as
     it's included in the upstream release.
Checksums-Sha1: 
 2edaf52b462989022b409af5dec3097820efaf59 3163 openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.dsc
 2d66ac45635ab374bef46c710877bdf23078389c 73935529 openjdk-6_6b20-1.9.13.orig.tar.gz
 7c2d96ff0d9ee9212321593c077a8bb1696a88ab 135256 openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.diff.gz
Checksums-Sha256: 
 76b997f984dbdeb7a77d43a7e9624e33970c926f43006c37fbc9b4af3d9b6750 3163 openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.dsc
 41e4e8573b6e66774810f43e1e2f01a09a22b13b66135fa8e892c5eb0fa75e76 73935529 openjdk-6_6b20-1.9.13.orig.tar.gz
 e89496437c976518321917dfd3ea0678799fcc7c1fb12d740b373a5d7a00343b 135256 openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.diff.gz
Files: 
 e7e0478fe89d5aa9afe46628431c35ba 3163 java optional openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.dsc
 377eace2085d523080c1607496f5f363 73935529 java optional openjdk-6_6b20-1.9.13.orig.tar.gz
 0d59429a32c9fbd1e97cb24423acc2c7 135256 java optional openjdk-6_6b20-1.9.13-0ubuntu1~10.04.1.diff.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>