[ubuntu/precise-updates] openjdk-7 7u15-2.3.7-0ubuntu1~12.04 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Feb 21 23:29:36 UTC 2013
openjdk-7 (7u15-2.3.7-0ubuntu1~12.04) precise-security; urgency=low
* Build for precise.
openjdk-7 (7u15-2.3.7-1) experimental; urgency=low
* IcedTea7 2.3.7 release.
* Security fixes:
- S8004937, CVE-2013-1484: Improve proxy construction.
- S8006439, CVE-2013-1485: Improve MethodHandles coverage.
- S8006446, CVE-2013-1486: Restrict MBeanServer access.
- S8006777, CVE-2013-0169: Improve TLS handling of invalid messages.
- S8007688: Blacklist known bad certificate.
* Backports:
- S8007393: Possible race condition after JDK-6664509.
- S8007611: logging behavior in applet changed.
* For zero builds, use the same hotspot version as in 2.1.6.
* Reenable bootstrap builds, except for alpha.
* Explicitly disable building on mips/mipsel. Not supported by the
Debian OpenJDK maintainers, the Debian mips porters, or the Debian
Java team.
openjdk-7 (7u13-2.3.6-1) experimental; urgency=low
* IcedTea7 2.3.6 release.
- Disable bootstrap builds, currently broken in IcedTea.
* Security fixes:
- S6563318, CVE-2013-0424: RMI data sanitization.
- S6664509, CVE-2013-0425: Add logging context.
- S6664528, CVE-2013-0426: Find log level matching its name or value given
at construction time.
- S6776941: CVE-2013-0427: Improve thread pool shutdown.
- S7141694, CVE-2013-0429: Improving CORBA internals.
- S7173145: Improve in-memory representation of splashscreens.
- S7186945: Unpack200 improvement.
- S7186946: Refine unpacker resource usage.
- S7186948: Improve Swing data validation.
- S7186952, CVE-2013-0432: Improve clipboard access.
- S7186954: Improve connection performance.
- S7186957: Improve Pack200 data validation.
- S7192392, CVE-2013-0443: Better validation of client keys.
- S7192393, CVE-2013-0440: Better Checking of order of TLS Messages.
- S7192977, CVE-2013-0442: Issue in toolkit thread.
- S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies.
- S7200491: Tighten up JTable layout code.
- S7200500: Launcher better input validation.
- S7201064: Better dialogue checking.
- S7201066, CVE-2013-0441: Change modifiers on unused fields.
- S7201068, CVE-2013-0435: Better handling of UI elements.
- S7201070: Serialization to conform to protocol.
- S7201071, CVE-2013-0433: InetSocketAddress serialization issue.
- S8000210: Improve JarFile code quality.
- S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class.
- S8000540, CVE-2013-1475: Improve IIOP type reuse management.
- S8000631, CVE-2013-1476: Restrict access to class constructor.
- S8001235, CVE-2013-0434: Improve JAXP HTTP handling.
- S8001242: Improve RMI HTTP conformance.
- S8001307: Modify ACC_SUPER behavior.
- S8001972, CVE-2013-1478: Improve image processing.
- S8002325, CVE-2013-1480: Improve management of images.
* Fix font suggestion for indic fonts in wheezy.
* Fix fontconfig definitions for japanese and korean fonts, fixing
compilation of the fontconfig file.
* Add Built-Using: rhino attribute for the -lib package.
* Don't use concurrent features to rewrite the rhino jar file.
* Enable class data sharing for the hotspot server VM.
Date: 2013-02-20 23:55:12.491070+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK <openjdk at lists.launchpad.net>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/precise/+source/openjdk-7/7u15-2.3.7-0ubuntu1~12.04
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list