[ubuntu/natty-security] openjdk-6b18 6b18-1.8.10-0ubuntu1~11.04.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Wed Nov 16 00:08:16 UTC 2011 

openjdk-6b18 (6b18-1.8.10-0ubuntu1~11.04.1) natty-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
    - security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer
        overflow
      - S7032417, CVE-2011-3552: excessive default UDP socket limit
        under SecurityManager
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
      - S7046823, CVE-2011-3544: missing SecurityManager checks in
        scripting engine
      - S7055902, CVE-2011-3521: IIOP deserialization code execution
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files
        uncompress error checks
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
        attack against SSL/TLS (BEAST)
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution
      - S7083012, CVE-2011-3557: RMI registry privileged code execution
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection

Date: Thu, 27 Oct 2011 09:21:56 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~11.04.1
-------------- next part --------------
Format: 1.8
Date: Thu, 27 Oct 2011 09:21:56 -0700
Source: openjdk-6b18
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-demo openjdk-6-dbg icedtea-6-jre-cacao icedtea-6-jre-jamvm openjdk-6-jre-zero
Architecture: source
Version: 6b18-1.8.10-0ubuntu1~11.04.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea-6-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
Launchpad-Bugs-Fixed: 878684
Changes: 
 openjdk-6b18 (6b18-1.8.10-0ubuntu1~11.04.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
     - security fixes:
       - S7000600, CVE-2011-3547: InputStream skip() information leak
       - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
       - S7023640, CVE-2011-3551: Java2D TransformHelper integer
         overflow
       - S7032417, CVE-2011-3552: excessive default UDP socket limit
         under SecurityManager
       - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
       - S7046823, CVE-2011-3544: missing SecurityManager checks in
         scripting engine
       - S7055902, CVE-2011-3521: IIOP deserialization code execution
       - S7057857, CVE-2011-3554: insufficient pack200 JAR files
         uncompress error checks
       - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
         attack against SSL/TLS (BEAST)
       - S7077466, CVE-2011-3556: RMI DGC server remote code execution
       - S7083012, CVE-2011-3557: RMI registry privileged code execution
       - S7096936, CVE-2011-3560: missing checkSetFactory calls in
         HttpsURLConnection
Checksums-Sha1: 
 cc5c942b5b81c21b1744f0f40a1164a1673cada5 3094 openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.dsc
 8fd95f66f1aa15c7f488f85c83c652d2baac0c8e 73410547 openjdk-6b18_6b18-1.8.10.orig.tar.gz
 f215bb5436833be0c2ace8de0cf385bac2593b03 174641 openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.diff.gz
Checksums-Sha256: 
 6016e8adb6b0e172096852edec61abd87a45e4a91800f728e49ddf36c8899058 3094 openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.dsc
 d3d6439583af7de6580c6659a8c5a454616c0d50e0adef2d3d16e22176db375a 73410547 openjdk-6b18_6b18-1.8.10.orig.tar.gz
 0e9fad13bd80578d09e9c904e769a4df3cb159e0bda48e4ae07c91f4c28d72e4 174641 openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.diff.gz
Files: 
 b8fc2bad6d0611565d0f186d4f128d8e 3094 java optional openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.dsc
 905894e17fe7f6beb715aea497dbe393 73410547 java optional openjdk-6b18_6b18-1.8.10.orig.tar.gz
 9752a85181b9e92ada1f92715252cb38 174641 java optional openjdk-6b18_6b18-1.8.10-0ubuntu1~11.04.1.diff.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

More information about the Natty-changes mailing list