[ubuntu/precise-security] openjdk-7 7u9-2.3.4-0ubuntu1.12.04.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Fri Jan 18 19:09:14 UTC 2013


openjdk-7 (7u9-2.3.4-0ubuntu1.12.04.1) precise-security; urgency=low

  * Update for precise

openjdk-7 (7u9-2.3.4-1) experimental; urgency=low

  * IcedTea7 2.3.4 release.
  * Security fixes
    - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries.
    - S8006017, CVE-2013-0422: Improve lookup resolutions.
    - S8006125: Update MethodHandles library interactions.
  * Bug fixes
    - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit
      shifts.
    - G422525: Fix building with PaX enabled kernels.

  [ Matthias Klose ]
  * Loosen OpenGL dependency. Closes: #695028.
  * Fix error parsing drop files parameter from pcmanfm (Alberto Fernández
    Martínez). Closes: #695992.

  [ Thorsten Glaser ]
  * debian/rules: Use gcj-4.6-jdk for m68k builds.
  * d/patches/text-relocations.patch: build with -fPIC on all archs.

openjdk-7 (7u9-2.3.3-1) experimental; urgency=low

  * Upload to experimental.

openjdk-7 (7u9-2.3.3-0ubuntu1) quantal-security; urgency=low

  * IcedTea7 2.3.3 release.
  * Security fixes
    - S6631398, CVE-2012-3216: FilePermission improved path checking.
    - S7093490: adjust package access in rmiregistry.
    - S7143535, CVE-2012-5068: ScriptEngine corrected permissions.
    - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp.
    - S7158807: Revise stack management with volatile call sites.
    - S7163198, CVE-2012-5076: Tightened package accessibility.
    - S7167656, CVE-2012-5077: Multiple Seeders are being created.
    - S7169884, CVE-2012-5073: LogManager checks do not work correctly for
      sub-types.
    - S7169887, CVE-2012-5074: Tightened package accessibility.
    - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI
      connector.
    - S7172522, CVE-2012-5072: Improve DomainCombiner checking.
    - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC.
    - S7189103, CVE-2012-5069: Executors needs to maintain state.
    - S7189490: More improvements to DomainCombiner checking.
    - S7189567, CVE-2012-5085: java net obselete protocol.
    - S7192975, CVE-2012-5071: Issue with JMX reflection.
    - S7195194, CVE-2012-5084: Better data validation for Swing.
    - S7195549, CVE-2012-5087: Better bean object persistence.
    - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be
      improved.
    - S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without
      needing to create instance.
    - S7196190, CVE-2012-5088: Improve method of handling MethodHandles.
    - S7198296, CVE-2012-5089: Refactor classloader usage.
    - S7158800: Improve storage of symbol tables.
    - S7158801: Improve VM CompileOnly option.
    - S7158804: Improve config file parsing.
    - S7198606, CVE-2012-4416: Improve VM optimization.

Date: 2013-01-16 21:35:11.892023+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openjdk-7/7u9-2.3.4-0ubuntu1.12.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Precise-changes mailing list