[ubuntu/precise] openjdk-6 6b23~pre11-0ubuntu1 (Accepted)
Matthias Klose
doko at ubuntu.com
Wed Oct 19 16:35:38 UTC 2011
openjdk-6 (6b23~pre11-0ubuntu1) precise; urgency=low
* Update from the IcedTea6 branch (20111019).
- Security fixes:
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager.
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
error checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
PorterStemmer.
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection.
- Update JamVM.
- Implement classlibCheckIfOnLoad().
- Make thread states JVMTI compatible.
- Handle 'g' when specifying memory + extra checks.
- Make command line compatibility options table-driven.
- Update CACAO.
Date: Wed, 19 Oct 2011 18:03:26 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
https://launchpad.net/ubuntu/precise/+source/openjdk-6/6b23~pre11-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 19 Oct 2011 18:03:26 +0200
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea-6-jre-cacao icedtea-6-jre-jamvm openjdk-6-jre-zero
Architecture: source
Version: 6b23~pre11-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
icedtea-6-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-6-doc - OpenJDK Development Kit (JDK) documentation
openjdk-6-jdk - OpenJDK Development Kit (JDK)
openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-6-source - OpenJDK Development Kit (JDK) source files
Changes:
openjdk-6 (6b23~pre11-0ubuntu1) precise; urgency=low
.
* Update from the IcedTea6 branch (20111019).
- Security fixes:
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager.
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
error checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
PorterStemmer.
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection.
- Update JamVM.
- Implement classlibCheckIfOnLoad().
- Make thread states JVMTI compatible.
- Handle 'g' when specifying memory + extra checks.
- Make command line compatibility options table-driven.
- Update CACAO.
Checksums-Sha1:
1aa80d45af244ea8ae593a162af0ac7bdccd44a0 2528 openjdk-6_6b23~pre11-0ubuntu1.dsc
fda896ea62ab7389f283d42a91d1e105fdad9c18 66658463 openjdk-6_6b23~pre11.orig.tar.gz
1c7e9fe2f72a69f405cf091e5b421759fb77b483 138662 openjdk-6_6b23~pre11-0ubuntu1.diff.gz
Checksums-Sha256:
db8c392205c169d2899c03f382ff51bc5c4489cae8a1be4a500fbfea9d076c8c 2528 openjdk-6_6b23~pre11-0ubuntu1.dsc
aa1505ea0dfb1eb522152351821d4e29f30f3a8a02e802cba08256f4a174dfcd 66658463 openjdk-6_6b23~pre11.orig.tar.gz
ffffc01d49e9155f11362b8a1c8a5e7798e0e6365f64821d8b7e6b519139b5f1 138662 openjdk-6_6b23~pre11-0ubuntu1.diff.gz
Files:
22b83963dbe8656fb94e1425915b68ac 2528 java optional openjdk-6_6b23~pre11-0ubuntu1.dsc
b6a8ead27dc63b15d0be6ef645367e0b 66658463 java optional openjdk-6_6b23~pre11.orig.tar.gz
51bbb2f1da7a0be3cd0159af54ad6475 138662 java optional openjdk-6_6b23~pre11-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6e+ysACgkQStlRaw+TLJyHGgCeLvQ+kt2lgUIaPQflovtYyvFY
qQUAoKJFrvJ/xb/rDsunWaUb4ac0ai6t
=/5+/
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list