[ubuntu/maverick-security] openjdk-6 6b20-1.9.8-0ubuntu1~10.10.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Jun 16 22:04:56 UTC 2011 

openjdk-6 (6b20-1.9.8-0ubuntu1~10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.9.8 Release:
    - S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP
      urgent disabled get still selected for read ops (win)
    - S6618658, CVE-2011-0865: Vulnerability in deserialization
    - S7012520, CVE-2011-0815: Heap overflow vulnerability in
      FileDialog.show()
    - S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in
      2D code
    - S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
      bindings
    - S7013971, CVE-2011-0869: Vulnerability in SAAJ
    - S7016340, CVE-2011-0870: Vulnerability in SAAJ
    - S7016495, CVE-2011-0868: Crash in Java 2D transforming an image
      with scale close to zero
    - S7020198, CVE-2011-0871: ImageIcon creates Component with
      null acc
    - S7020373, CVE-2011-0864: JSR rewriting can overflow memory
      address size variables
  * debian/generate_debian_orig.sh: adjust settings to match the
    generation of this update.
  * Makefile.{am,in}: don't apply patches/jtreg-LastErrorString.patch as
    it causes the testsuite runner to fail.

Date: Tue, 14 Jun 2011 11:13:28 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/openjdk-6/6b20-1.9.8-0ubuntu1~10.10.1
-------------- next part --------------
Format: 1.8
Date: Tue, 14 Jun 2011 11:13:28 -0700
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea6-plugin icedtea-6-jre-cacao openjdk-6-jre-zero
Architecture: source
Version: 6b20-1.9.8-0ubuntu1~10.10.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-6-source - OpenJDK Development Kit (JDK) source files
Changes: 
 openjdk-6 (6b20-1.9.8-0ubuntu1~10.10.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: IcedTea6 1.9.8 Release:
     - S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP
       urgent disabled get still selected for read ops (win)
     - S6618658, CVE-2011-0865: Vulnerability in deserialization
     - S7012520, CVE-2011-0815: Heap overflow vulnerability in
       FileDialog.show()
     - S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in
       2D code
     - S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
       bindings
     - S7013971, CVE-2011-0869: Vulnerability in SAAJ
     - S7016340, CVE-2011-0870: Vulnerability in SAAJ
     - S7016495, CVE-2011-0868: Crash in Java 2D transforming an image
       with scale close to zero
     - S7020198, CVE-2011-0871: ImageIcon creates Component with
       null acc
     - S7020373, CVE-2011-0864: JSR rewriting can overflow memory
       address size variables
   * debian/generate_debian_orig.sh: adjust settings to match the
     generation of this update.
   * Makefile.{am,in}: don't apply patches/jtreg-LastErrorString.patch as
     it causes the testsuite runner to fail.
Checksums-Sha1: 
 d1a3b52100c3b1278714b5698365e2fa4b8cfac7 3115 openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.dsc
 140823cc44408d91bdd9d28f7e568cad41e78776 73280789 openjdk-6_6b20-1.9.8.orig.tar.gz
 b4a94c26047359fe366bb91421861591751d5eb6 135533 openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.diff.gz
Checksums-Sha256: 
 a46297a44e48d4455a0f5c8841d09148cc14bc92f9fb730518e4595f671d1ad5 3115 openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.dsc
 03a26acae6dd07a02e67475d562862fd5545de0bacc02f8d359f9bedc88d612a 73280789 openjdk-6_6b20-1.9.8.orig.tar.gz
 e6e471db9f1cd01e11550d88252214b24ffc458667aa01e58f0b1a409e741529 135533 openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.diff.gz
Files: 
 0816d5565a3a734f73e7632ced83f643 3115 java optional openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.dsc
 696be93d97da7e2186d1988bafb1cca6 73280789 java optional openjdk-6_6b20-1.9.8.orig.tar.gz
 24f2f3708346f3d6e0bab9eb5e81c6ea 135533 java optional openjdk-6_6b20-1.9.8-0ubuntu1~10.10.1.diff.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

More information about the Maverick-changes mailing list