[ubuntu/lucid-security] openjdk-6 6b30-1.13.1-1ubuntu2~0.10.04.1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Feb 27 20:54:30 UTC 2014
openjdk-6 (6b30-1.13.1-1ubuntu2~0.10.04.1) lucid-security; urgency=medium
* Backport to Ubuntu 10.04 LTS
openjdk-6 (6b30-1.13.1-1ubuntu2) trusty; urgency=medium
* pull out changes to configure and acinclude.m4 from diff.gz and
conditionally apply to Debian and Ubuntu releases that have arm64 and/or
automake-1.14. IcedTea 1.13 requires automake 1.14 now and the change to
diff.gz caused a FTBFS on backport builds
- add debian/patches/autotools-aarch64.diff
- debian/rules:
+ add PRECONFIGURE_DEBIAN_PATCHES which is empty on releases where we
don't have automake-1.14, otherwise add autotools-aarch64.diff
+ add preconfigure-distribution-patches.stamp target and have
stamps/icedtea-configure depend on it
+ adjust debian-clean to unapply PRECONFIGURE_DEBIAN_PATCHES
* debian/rules: disable system lcms2 for releases that don't have lcms2 2.5
or higher
* debian/patches/8017173.diff: XMLCipher with RSA_OAEP Key Transport
algorithm can't be instantiated (LP: #1283828)
* debian/patches/java-access-bridge-security.patch: fix malformed patch
openjdk-6 (6b30-1.13.1-1ubuntu1) trusty; urgency=medium
* Regenerate the control file.
openjdk-6 (6b30-1.13.1-1) unstable; urgency=medium
* IcedTea 1.13.1 release.
* Security fixes
- S6727821: Enhance JAAS Configuration.
- S7068126, CVE-2014-0373: Enhance SNMP statuses.
- S8010935: Better XML handling.
- S8011786, CVE-2014-0368: Better applet networking.
- S8021257, CVE-2013-5896: com.sun.corba.se.** should be on
restricted package list.
- S8021271: Better buffering in ObjC code.
- S8022904: Enhance JDBC Parsers.
- S8022927: Input validation for byte/endian conversions.
- S8022935: Enhance Apache resolver classes.
- S8022945: Enhance JNDI implementation classes.
- S8023057: Enhance start up image display.
- S8023069, CVE-2014-0411: Enhance TLS connections.
- S8023245, CVE-2014-0423: Enhance Beans decoding.
- S8023301: Enhance generic classes.
- S8023672: Enhance jar file validation.
- S8024306, CVE-2014-0416: Enhance Subject consistency.
- S8024530: Enhance font process resilience.
- S8024867: Enhance logging start up.
- S8025014: Enhance Security Policy.
- S8025018, CVE-2014-0376: Enhance JAX-P set up.
- S8025026, CVE-2013-5878: Enhance canonicalization.
- S8025034, CVE-2013-5907: Improve layout lookups.
- S8025448: Enhance listening events.
- S8025758, CVE-2014-0422: Enhance Naming management.
- S8025767, CVE-2014-0428: Enhance IIOP Streams.
- S8026172: Enhance UI Management.
- S8026176: Enhance document printing.
- S8026193, CVE-2013-5884: Enhance CORBA stub factories.
- S8026204: Enhance auth login contexts.
- S8026417, CVE-2013-5910: Enhance XML canonicalization.
- S8027201, CVE-2014-0376: Enhance JAX-P set up.
openjdk-6 (6b29-1.13.0-2) unstable; urgency=medium
* Fix the sparc builds.
openjdk-6 (6b29-1.13.0-1) unstable; urgency=medium
* IcedTea 1.13.0 release.
openjdk-6 (6b27-1.12.7-2) unstable; urgency=low
* Fix build failure on arm*.
* Re-enable running the testsuite.
openjdk-6 (6b27-1.12.7-1) unstable; urgency=medium
* IcedTea 1.12.7 release.
* Security fixes:
- S8006900, CVE-2013-3829: Add new date/time capability.
- S8008589: Better MBean permission validation.
- S8011071, CVE-2013-5780: Better crypto provider handling.
- S8011081, CVE-2013-5772: Improve jhat.
- S8011157, CVE-2013-5814: Improve CORBA portablility.
- S8012071, CVE-2013-5790: Better Building of Beans.
- S8012147: Improve tool support.
- S8012277: CVE-2013-5849: Improve AWT DataFlavor.
- S8012425, CVE-2013-5802: Transform TransformerFactory.
- S8013503, CVE-2013-5851: Improve stream factories.
- S8013506: Better Pack200 data handling.
- S8013510, CVE-2013-5809: Augment image writing code.
- S8013514: Improve stability of cmap class.
- S8013739, CVE-2013-5817: Better LDAP resource management.
- S8013744, CVE-2013-5783: Better tabling for AWT.
- S8014085: Better serialization support in JMX classes.
- S8014093, CVE-2013-5782: Improve parsing of images.
- S8014102, CVE-2013-5778: Improve image conversion.
- S8014341, CVE-2013-5803: Better service from Kerberos servers.
- S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic
in some class loader configurations.
- S8014530, CVE-2013-5825: Better digital signature processing.
- S8014534: Better profiling support.
- S8014987, CVE-2013-5842: Augment serialization handling.
- S8015614: Update build settings.
- S8015731: Subject java.security.auth.subject to improvements.
- S8015743, CVE-2013-5774: Address internet addresses.
- S8016256: Make finalization final.
- S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters
in names.
- S8016675, CVE-2013-5797: Make Javadoc pages more robust.
- S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately.
- S8017287, CVE-2013-5829: Better resource disposal.
- S8017291, CVE-2013-5830: Cast Proxies Aside.
- S8017298, CVE-2013-4002: Better XML support.
- S8017300, CVE-2013-5784: Improve Interface Implementation.
- S8017505, CVE-2013-5820: Better Client Service.
- S8019292: Better Attribute Value Exceptions.
- S8019617: Better view of objects.
- S8020293: JVM crash.
- S8021290, CVE-2013-5823: Better signature validation.
- S8022940: Enhance CORBA translations.
- S8023683: Enhance class file parsing.
Date: 2014-02-25 22:39:12.021438+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openjdk-6/6b30-1.13.1-1ubuntu2~0.10.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list