[ubuntu/precise-updates] openjdk-7 7u25-2.3.10-1ubuntu0.12.04.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Jul 16 16:59:29 UTC 2013


openjdk-7 (7u25-2.3.10-1ubuntu0.12.04.2) precise-security; urgency=low

  * Backport for precise
  * debian/control{,.in}: Breaks icedtea-netx (<< 1.3.2-1ubuntu0.12.10.3)

openjdk-7 (7u25-2.3.10-1ubuntu1) saucy; urgency=low

  * Regenerate the control file.

openjdk-7 (7u25-2.3.10-1) unstable; urgency=high

  * IcedTea7 2.3.10 release.
  * Security fixes
    * S6741606, CVE-2013-2407: Integrate Apache Santuario.
    * S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
    * S7170730, CVE-2013-2451: Improve Windows network stack support.
    * S8000638, CVE-2013-2450: Improve deserialization.
    * S8000642, CVE-2013-2446: Better handling of objects for transportation.
    * S8001032: Restrict object access.
    * S8001033, CVE-2013-2452: Refactor network address handling in virtual
      machine identifiers.
    * S8001034, CVE-2013-1500: Memory management improvements.
    * S8001038, CVE-2013-2444: Resourcefully handle resources.
    * S8001043: Clarify definition restrictions.
    * S8001308: Update display of applet windows.
    * S8001309: Better handling of annotation interfaces.
    * S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
      InetAddress.getLocalHost.
    * S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only).
    * S8003703, CVE-2013-2412: Update RMI connection dialog box.
    * S8004288, CVE-2013-2449: (fs) Files.probeContentType problems.
    * S8004584: Augment applet contextualization.
    * S8005007: Better glyph processing.
    * S8006328, CVE-2013-2448: Improve robustness of sound classes.
    * S8006611: Improve scripting.
    * S8007467: Improve robustness of JMX internal APIs.
    * S8007471: Improve MBean notifications.
    * S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes.
    * S8007925: Improve cmsStageAllocLabV2ToV4curves.
    * S8007926: Improve cmsPipelineDup.
    * S8007927: Improve cmsAllocProfileSequenceDescription.
    * S8007929: Improve CurvesAlloc.
    * S8008120, CVE-2013-2457: Improve JMX class checking.
    * S8008124, CVE-2013-2453: Better compliance testing.
    * S8008128: Better API coherence for JMX.
    * S8008132, CVE-2013-2456: Better serialization support.
    * S8008585: Better JMX data handling.
    * S8008593: Better URLClassLoader resource management.
    * S8008603: Improve provision of JMX providers.
    * S8008607: Better input checking in JMX.
    * S8008611: Better handling of annotations in JMX.
    * S8008615: Improve robustness of JMX internal APIs.
    * S8008623: Better handling of MBeanServers.
    * S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
    * S8008982: Adjust JMX for underlying interface changes.
    * S8009004: Better implementation of RMI connections.
    * S8009008: Better manage management-api.
    * S8009013: Better handling of T2K glyphs.
    * S8009034: Improve resulting notifications in JMX.
    * S8009038: Improve JMX notification support.
    * S8009057, CVE-2013-2448: Improve MIDI event handling.
    * S8009067: Improve storing keys in KeyStore.
    * S8009071, CVE-2013-2459: Improve shape handling.
    * S8009235: Improve handling of TSA data.
    * S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change.
    * S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields.
    * S8009654: Improve stability of cmsnamed.
    * S8010209, CVE-2013-2460: Better provision of factories.
    * S8011243, CVE-2013-2470: Improve ImagingLib.
    * S8011248, CVE-2013-2471: Better Component Rasters.
    * S8011253, CVE-2013-2472: Better Short Component Rasters.
    * S8011257, CVE-2013-2473: Better Byte Component Rasters.
    * S8012375, CVE-2013-1571: Improve Javadoc framing.
    * S8012421: Better positioning of PairPositioning.
    * S8012438, CVE-2013-2463: Better image validation.
    * S8012597, CVE-2013-2465: Better image channel verification.
    * S8012601, CVE-2013-2469: Better validation of image layouts.
    * S8014281, CVE-2013-2461: Better checking of XML signature.
    * S8015997: Additional improvement in Javadoc framing.
  * Breaks icedtea-netx (<< 1.4-2).

openjdk-7 (7u21-2.3.9-5) unstable; urgency=low

  * Update kFreeBSD support (Guido Guenther). Closes: #708818.
  * Stop building the transitional cacao package for sid.

openjdk-7 (7u21-2.3.9-4) unstable; urgency=high

  * Build the transitional cacao package for sid as well. Apparently
    some buildds are not updated to list wheezy as the code name for
    the current distribution.

openjdk-7 (7u21-2.3.9-3) unstable; urgency=high

  * Disable the cacao build again, causing build failures on i386 and s390.
  * Build a transitional cacao jre package instead.

openjdk-7 (7u21-2.3.9-2) unstable; urgency=high

  * On ia64, use gcj-4.7 for the bootstrap build.
  * Drop the cacao jre from recommends to suggests.
  * Re-enable cacao, was enabled in the 2.1.x series.

openjdk-7 (7u21-2.3.9-1) unstable; urgency=high

  * IcedTea7 2.3.9 release.
  * Security fixes:
    - S6657673, CVE-2013-1518: Issues with JAXP.
    - S7200507: Refactor Introspector internals.
    - S8000724, CVE-2013-2417: Improve networking serialization.
    - S8001031, CVE-2013-2419: Better font processing.
    - S8001040, CVE-2013-1537: Rework RMI model.
    - S8001322: Refactor deserialization.
    - S8001329, CVE-2013-1557: Augment RMI logging.
    - S8003335: Better handling of Finalizer thread.
    - S8003445: Adjust JAX-WS to focus on API.
    - S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
    - S8004261: Improve input validation.
    - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames.
    - S8004986, CVE-2013-2383: Better handling of glyph table.
    - S8004987, CVE-2013-2384: Improve font layout.
    - S8004994, CVE-2013-1569: Improve checking of glyph table.
    - S8005432: Update access to JAX-WS.
    - S8005943: (process) Improved Runtime.exec.
    - S8006309: More reliable control panel operation.
    - S8006435, CVE-2013-2424: Improvements in JMX.
    - S8006790: Improve checking for windows.
    - S8006795: Improve font warning messages.
    - S8007406: Improve accessibility of AccessBridge.
    - S8007617, CVE-2013-2420: Better validation of images.
    - S8007667, CVE-2013-2430: Better image reading.
    - S8007918, CVE-2013-2429: Better image writing.
    - S8008140: Better method handle resolution.
    - S8009049, CVE-2013-2436: Better method handle binding.
    - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
    - S8009305, CVE-2013-0401: Improve AWT data transfer.
    - S8009677, CVE-2013-2423: Better setting of setters.
    - S8009699, CVE-2013-2421: Methodhandle lookup.
    - S8009814, CVE-2013-1488: Better driver management.
    - S8009857, CVE-2013-2422: Problem with plugin.
  * Backports:
    - S7130662: GTK file dialog crashes with a NPE.
  * Bug fixes
    - PR1363: Fedora 19 / rawhide FTBFS SIGILL.
    - PR1401: Fix Zero build on 2.3.8.
    - Fix offset problem in ICU LETableReference.
    - Change -Werror fix to preserve OpenJDK default.
    - PR1303: Correct #ifdef to #if.
    - PR1404: Failure to bootstrap with ecj 4.2.

Date: 2013-07-15 20:10:14.416204+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/precise/+source/openjdk-7/7u25-2.3.10-1ubuntu0.12.04.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Precise-changes mailing list