[ubuntu/precise-security] openjdk-7 7u9-2.3.3-0ubuntu1~12.04.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Fri Oct 26 14:39:30 UTC 2012 

openjdk-7 (7u9-2.3.3-0ubuntu1~12.04.1) precise-security; urgency=low

  * Build IcedTea7 2.3.3 for precise.

openjdk-7 (7u9-2.3.3-0ubuntu1) quantal-security; urgency=low

  * IcedTea7 2.3.3 release.
  * Security fixes
    - S6631398, CVE-2012-3216: FilePermission improved path checking.
    - S7093490: adjust package access in rmiregistry.
    - S7143535, CVE-2012-5068: ScriptEngine corrected permissions.
    - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp.
    - S7158807: Revise stack management with volatile call sites.
    - S7163198, CVE-2012-5076: Tightened package accessibility.
    - S7167656, CVE-2012-5077: Multiple Seeders are being created.
    - S7169884, CVE-2012-5073: LogManager checks do not work correctly for
      sub-types.
    - S7169887, CVE-2012-5074: Tightened package accessibility.
    - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI
      connector.
    - S7172522, CVE-2012-5072: Improve DomainCombiner checking.
    - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC.
    - S7189103, CVE-2012-5069: Executors needs to maintain state.
    - S7189490: More improvements to DomainCombiner checking.
    - S7189567, CVE-2012-5085: java net obselete protocol.
    - S7192975, CVE-2012-5071: Issue with JMX reflection.
    - S7195194, CVE-2012-5084: Better data validation for Swing.
    - S7195549, CVE-2012-5087: Better bean object persistence.
    - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be
      improved.
    - S7195919, CVE-2012-5079: (sl) ServiceLoader can throw CCE without
      needing to create instance.
    - S7196190, CVE-2012-5088: Improve method of handling MethodHandles.
    - S7198296, CVE-2012-5089: Refactor classloader usage.
    - S7158800: Improve storage of symbol tables.
    - S7158801: Improve VM CompileOnly option.
    - S7158804: Improve config file parsing.
    - S7198606, CVE-2012-4416: Improve VM optimization.

openjdk-7 (7u7-2.3.2a-1ubuntu1) quantal; urgency=low

  * Build a transitional icedtea-7-jre-cacao package to ease upgrades.

openjdk-7 (7u7-2.3.2a-1) experimental; urgency=low

  * Upload to experimental.

openjdk-7 (7u7-2.3.2a-0ubuntu1) quantal; urgency=low

  * Repackage the source to drop the cacao tarball (and packaging files).
  * Depend again on system provided tzdata-java and restore the zi
    symlink on upgrade. LP: #1050404.
  * libgnome2-0, libgnomevfs2-0, libgconf2-4 are not prepared for multiarch.
    Don't depend on these so that openjdk-7 can be installed as a multiarch
    package.

Date: 2012-10-24 18:30:13.344419+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK <openjdk at lists.launchpad.net>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openjdk-7/7u9-2.3.3-0ubuntu1~12.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list