[ubuntu/precise] openjdk-7 7~b147-2.0-1ubuntu1 (Accepted)
Matthias Klose
doko at ubuntu.com
Thu Oct 20 15:10:26 UTC 2011
openjdk-7 (7~b147-2.0-1ubuntu1) precise; urgency=low
* Regenerate the control file.
openjdk-7 (7~b147-2.0-1) unstable; urgency=low
* New upstream IcedTea7 release.
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager.
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error
checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer.
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection.
[ Matthias Klose ]
* Merge debian packaging r501 from openjdk-6:
- Tighten inter-package dependencies for Debian builds. Closes: #641240.
* Build-depend on wdiff.
openjdk-7 (7~b147-2.0~pre6-2) unstable; urgency=low
* d/rules: Fix java.policy to include jre/lib/ext/* files (instead of
non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar
to sun.* code.
* d/patches/s390_hotspot_fix.diff: Update to fix FTBFS on s390.
Date: Thu, 20 Oct 2011 16:51:34 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
https://launchpad.net/ubuntu/precise/+source/openjdk-7/7~b147-2.0-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 20 Oct 2011 16:51:34 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm openjdk-7-jre-zero
Architecture: source
Version: 7~b147-2.0-1ubuntu1
Distribution: precise
Urgency: low
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
openjdk-7-jdk - OpenJDK Development Kit (JDK)
openjdk-7-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-7-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-7-source - OpenJDK Development Kit (JDK) source files
Closes: 641240
Changes:
openjdk-7 (7~b147-2.0-1ubuntu1) precise; urgency=low
.
* Regenerate the control file.
.
openjdk-7 (7~b147-2.0-1) unstable; urgency=low
.
* New upstream IcedTea7 release.
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager.
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error
checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer.
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection.
.
[ Matthias Klose ]
* Merge debian packaging r501 from openjdk-6:
- Tighten inter-package dependencies for Debian builds. Closes: #641240.
* Build-depend on wdiff.
.
openjdk-7 (7~b147-2.0~pre6-2) unstable; urgency=low
.
* d/rules: Fix java.policy to include jre/lib/ext/* files (instead of
non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar
to sun.* code.
* d/patches/s390_hotspot_fix.diff: Update to fix FTBFS on s390.
Checksums-Sha1:
2ef23874ac49fdcfccb5d05457844f862d662be3 2896 openjdk-7_7~b147-2.0-1ubuntu1.dsc
5bfa912635b91472aa97227829c4f99ef2884915 61793429 openjdk-7_7~b147-2.0.orig.tar.gz
1089a7a32f3621b8b62df0eee0d5d944f8d9be95 173617 openjdk-7_7~b147-2.0-1ubuntu1.diff.gz
Checksums-Sha256:
b57cda7768339cff90b1fa924f5a88b3f9280977302106d7a54e8ea03029e083 2896 openjdk-7_7~b147-2.0-1ubuntu1.dsc
2f4a6a87d573f517829477406bfa2985bdde9ef5dc1d99900526c0c7bde92424 61793429 openjdk-7_7~b147-2.0.orig.tar.gz
b19a2982f4acf7f79f03f03388a7bf7cb4807133a06e13656e01d4195b5e181c 173617 openjdk-7_7~b147-2.0-1ubuntu1.diff.gz
Files:
9ffdc7cd8e20414d3ed786c13b752374 2896 java optional openjdk-7_7~b147-2.0-1ubuntu1.dsc
ea8484583b5437b2811e43192f7e7d76 61793429 java optional openjdk-7_7~b147-2.0.orig.tar.gz
014c818c995b9c44631266ec4c3b7f2d 173617 java optional openjdk-7_7~b147-2.0-1ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6gN90ACgkQStlRaw+TLJzjuACeN/wlZ2c+mzacMoHt+Sx+5sdB
xw8An16XpUhzajyddcRhy4HM89LHUvGD
=m/Y6
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list