[ubuntu/natty] openjdk-6b18 6b18-1.8.7-0ubuntu3 (Accepted)

Wed Mar 2 19:40:36 UTC 2011

openjdk-6b18 (6b18-1.8.7-0ubuntu3) natty; urgency=low

  * Remove obsolete patch.

openjdk-6b18 (6b18-1.8.7-0ubuntu2) natty; urgency=low

  * Browser plugin and Webstart are built from icedtea-web. LP: #726845.

openjdk-6b18 (6b18-1.8.7-0ubuntu1) maverick-security; urgency=low

  * IcedTea6 1.8.7 release.
    - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption.
    - S6907662, CVE-2010-4465: Swing timer-based security manager bypass.
    - S6994263, CVE-2010-4472: Untrusted code allowed to replace
      DSIG/C14N implementation.
    - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets.
    - S6983554, CVE-2010-4450: Launcher incorrect processing of empty
      library path entries.
    - S6985453, CVE-2010-4471: Java2D font-related system property leak.
    - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation.
    - CVE-2011-0706: Multiple signers privilege escalation.

  * IcedTea6 1.8.6 release.
    - S4421494, CVE-2010-4476: infinite loop while parsing double literal.

openjdk-6b18 (6b18-1.8.5-0ubuntu1) maverick-security; urgency=low

  * IcedTea6 1.8.5 release.
    - CVE-2011-0025: IcedTea jarfile signature verification bypass.

Date: Wed, 02 Mar 2011 20:35:26 +0100
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
https://launchpad.net/ubuntu/natty/+source/openjdk-6b18/6b18-1.8.7-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 02 Mar 2011 20:35:26 +0100
Source: openjdk-6b18
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-demo openjdk-6-dbg icedtea-6-jre-cacao openjdk-6-jre-zero
Architecture: source
Version: 6b18-1.8.7-0ubuntu3
Distribution: natty
Urgency: low
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
Launchpad-Bugs-Fixed: 726845
Changes: 
 openjdk-6b18 (6b18-1.8.7-0ubuntu3) natty; urgency=low
 .
   * Remove obsolete patch.
 .
 openjdk-6b18 (6b18-1.8.7-0ubuntu2) natty; urgency=low
 .
   * Browser plugin and Webstart are built from icedtea-web. LP: #726845.
 .
 openjdk-6b18 (6b18-1.8.7-0ubuntu1) maverick-security; urgency=low
 .
   * IcedTea6 1.8.7 release.
     - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption.
     - S6907662, CVE-2010-4465: Swing timer-based security manager bypass.
     - S6994263, CVE-2010-4472: Untrusted code allowed to replace
       DSIG/C14N implementation.
     - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets.
     - S6983554, CVE-2010-4450: Launcher incorrect processing of empty
       library path entries.
     - S6985453, CVE-2010-4471: Java2D font-related system property leak.
     - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation.
     - CVE-2011-0706: Multiple signers privilege escalation.
 .
   * IcedTea6 1.8.6 release.
     - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
 .
 openjdk-6b18 (6b18-1.8.5-0ubuntu1) maverick-security; urgency=low
 .
   * IcedTea6 1.8.5 release.
     - CVE-2011-0025: IcedTea jarfile signature verification bypass.
Checksums-Sha1: 
 0968cac7e585e6b362202f2acb14dc278aea2a1d 2315 openjdk-6b18_6b18-1.8.7-0ubuntu3.dsc
 3db920ec9b07cd9296af9f5c3c8d49bbf68e8f2b 132358 openjdk-6b18_6b18-1.8.7-0ubuntu3.diff.gz
Checksums-Sha256: 
 7662821813a99e39361794a42ed957af096dc013ad025d92d592be514e5c7afa 2315 openjdk-6b18_6b18-1.8.7-0ubuntu3.dsc
 2333e7dd96c36fa7f11185ad28979e87968a4adce0f142a3c8a789d96cf43e40 132358 openjdk-6b18_6b18-1.8.7-0ubuntu3.diff.gz
Files: 
 f67b8d1557ca65b8dbc69d2fe65faf31 2315 java optional openjdk-6b18_6b18-1.8.7-0ubuntu3.dsc
 74e4550fc9eac64ce0a7bcb09becccef 132358 java optional openjdk-6b18_6b18-1.8.7-0ubuntu3.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1unFYACgkQStlRaw+TLJyfEQCeLz/al2hICavi5Fn0bZbWr3+L
aRsAn11/3tOndaPfM9CgsQc3Q8tvbQP7
=9WOA
-----END PGP SIGNATURE-----