[ubuntu/lucid-security] openjdk-6 6b27-1.12.5-0ubuntu0.10.04.1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Tue May 7 17:27:26 UTC 2013
openjdk-6 (6b27-1.12.5-0ubuntu0.10.04.1) lucid-security; urgency=low
* Regenerate the control file.
openjdk-6 (6b27-1.12.5-1) unstable; urgency=low
* IcedTea 1.12.5 release.
* Security fixes:
- S6657673, CVE-2013-1518: Issues with JAXP.
- S7200507: Refactor Introspector internals.
- S8000724, CVE-2013-2417: Improve networking serialization.
- S8001031, CVE-2013-2419: Better font processing.
- S8001040, CVE-2013-1537: Rework RMI model.
- S8001322: Refactor deserialization.
- S8001329, CVE-2013-1557: Augment RMI logging.
- S8003335: Better handling of Finalizer thread.
- S8003445: Adjust JAX-WS to focus on API.
- S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
- S8004261: Improve input validation.
- S8004336, CVE-2013-2431: Better handling of method handle
intrinsic frames.
- S8004986, CVE-2013-2383: Better handling of glyph table.
- S8004987, CVE-2013-2384: Improve font layout.
- S8004994, CVE-2013-1569: Improve checking of glyph table.
- S8005432: Update access to JAX-WS.
- S8005943: (process) Improved Runtime.exec.
- S8006309: More reliable control panel operation.
- S8006435, CVE-2013-2424: Improvements in JMX.
- S8006790: Improve checking for windows.
- S8006795: Improve font warning messages.
- S8007406: Improve accessibility of AccessBridge.
- S8007617, CVE-2013-2420: Better validation of images.
- S8007667, CVE-2013-2430: Better image reading.
- S8007918, CVE-2013-2429: Better image writing.
- S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
- S8009305, CVE-2013-0401: Improve AWT data transfer.
- S8009699, CVE-2013-2421: Methodhandle lookup.
- S8009814, CVE-2013-1488: Better driver management.
- S8009857, CVE-2013-2422: Problem with plugin.
- RH952389: Temporary files created with insecure permissions.
* Backports;
- S7197906: BlockOffsetArray::power_to_cards_back() needs to handle
> 32 bit shifts
- S7036559: ConcurrentHashMap footprint and contention improvements.
- S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom
BeanInfo: Class param (with WeakCache from S6397609).
- S6501644: Sync LayoutEngine *code* structure to match ICU.
- S6886358: Layout code update.
- S6963811: Deadlock-prone locking changes in Introspector.
- S7017324: Kerning crash in JDK 7 since ICU layout update.
- S7064279: Introspector.getBeanInfo() should release some resources
in timely manner.
- S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01.
- S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial
for S6657673).
- S8009530: ICU Kern table support broken.
* Bug fixes:
- OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906).
- PR1362: Fedora 19 / rawhide FTBFS SIGILL.
- PR1338: Remove dependency on libXp.
- PR1339: Simplify the rhino class rewriter to avoid use of concurrency.
- PR1319: Correct #ifdef to #if
- Give xalan/xerces access to their own internal packages.
openjdk-6 (6b27-1.12.4-1) unstable; urgency=high
* IcedTea 1.12.4 release.
* Security fixes:
- S8007014, CVE-2013-0809: Improve image handling.
- S8007675, CVE-2013-1493: Improve color conversion.
openjdk-6 (6b27-1.12.3-1) unstable; urgency=high
* IcedTea 1.12.3 release.
* Security fixes:
- S8006446: Restrict MBeanServer access.
- S8006777: Improve TLS handling of invalid messages.
- S8007688: Blacklist known bad certificate.
* Backports:
- S8007393: Possible race condition after JDK-6664509.
- S8007611: logging behavior in applet changed.
* Disable bootstrap build on alpha, currently broken.
Date: 2013-04-25 14:35:22.284922+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openjdk-6/6b27-1.12.5-0ubuntu0.10.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list