[ubuntu/oneiric-security] openjdk-6 6b27-1.12.5-0ubuntu0.11.10.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Tue May 7 17:27:34 UTC 2013

openjdk-6 (6b27-1.12.5-0ubuntu0.11.10.1) oneiric-security; urgency=low

  * Regenerate the control file.

openjdk-6 (6b27-1.12.5-1) unstable; urgency=low

  * IcedTea 1.12.5 release.
  * Security fixes:
    - S6657673, CVE-2013-1518: Issues with JAXP.
    - S7200507: Refactor Introspector internals.
    - S8000724, CVE-2013-2417: Improve networking serialization.
    - S8001031, CVE-2013-2419: Better font processing.
    - S8001040, CVE-2013-1537: Rework RMI model.
    - S8001322: Refactor deserialization.
    - S8001329, CVE-2013-1557: Augment RMI logging.
    - S8003335: Better handling of Finalizer thread.
    - S8003445: Adjust JAX-WS to focus on API.
    - S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
    - S8004261: Improve input validation.
    - S8004336, CVE-2013-2431: Better handling of method handle
      intrinsic frames.
    - S8004986, CVE-2013-2383: Better handling of glyph table.
    - S8004987, CVE-2013-2384: Improve font layout.
    - S8004994, CVE-2013-1569: Improve checking of glyph table.
    - S8005432: Update access to JAX-WS.
    - S8005943: (process) Improved Runtime.exec.
    - S8006309: More reliable control panel operation.
    - S8006435, CVE-2013-2424: Improvements in JMX.
    - S8006790: Improve checking for windows.
    - S8006795: Improve font warning messages.
    - S8007406: Improve accessibility of AccessBridge.
    - S8007617, CVE-2013-2420: Better validation of images.
    - S8007667, CVE-2013-2430: Better image reading.
    - S8007918, CVE-2013-2429: Better image writing.
    - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
    - S8009305, CVE-2013-0401: Improve AWT data transfer.
    - S8009699, CVE-2013-2421: Methodhandle lookup.
    - S8009814, CVE-2013-1488: Better driver management.
    - S8009857, CVE-2013-2422: Problem with plugin.
    - RH952389: Temporary files created with insecure permissions.
  * Backports;
    - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle
      > 32 bit shifts
    - S7036559: ConcurrentHashMap footprint and contention improvements.
    - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom
      BeanInfo: Class param (with WeakCache from S6397609).
    - S6501644: Sync LayoutEngine *code* structure to match ICU.
    - S6886358: Layout code update.
    - S6963811: Deadlock-prone locking changes in Introspector.
    - S7017324: Kerning crash in JDK 7 since ICU layout update.
    - S7064279: Introspector.getBeanInfo() should release some resources
      in timely manner.
    - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01.
    - S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial
      for S6657673).
    - S8009530: ICU Kern table support broken.
  * Bug fixes:
    - OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906).
    - PR1362: Fedora 19 / rawhide FTBFS SIGILL.
    - PR1338: Remove dependency on libXp.
    - PR1339: Simplify the rhino class rewriter to avoid use of concurrency.
    - PR1319: Correct #ifdef to #if
    - Give xalan/xerces access to their own internal packages.

openjdk-6 (6b27-1.12.4-1) unstable; urgency=high

  * IcedTea 1.12.4 release.
  * Security fixes:
    - S8007014, CVE-2013-0809: Improve image handling.
    - S8007675, CVE-2013-1493: Improve color conversion.

openjdk-6 (6b27-1.12.3-1) unstable; urgency=high

  * IcedTea 1.12.3 release.
  * Security fixes:
    - S8006446: Restrict MBeanServer access.
    - S8006777: Improve TLS handling of invalid messages.
    - S8007688: Blacklist known bad certificate.
  * Backports:
    - S8007393: Possible race condition after JDK-6664509.
    - S8007611: logging behavior in applet changed.
  * Disable bootstrap build on alpha, currently broken.

Date: 2013-04-25 14:35:13.579451+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Oneiric-changes mailing list