[ubuntu/precise-updates] openjdk-7 7u75-2.5.4-1~precise1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Feb 3 22:39:22 UTC 2015

openjdk-7 (7u75-2.5.4-1~precise1) precise-security; urgency=medium

  * Backport to precise

openjdk-7 (7u75-2.5.4-1) unstable; urgency=high

  * IcedTea7 2.5.4 release (based on OpenJDK 7u75).
  * Security fixes
    - S8046656: Update protocol support.
    - S8047125, CVE-2015-0395: (ref) More phantom object references.
    - S8047130: Fewer escapes from escape analysis.
    - S8048035, CVE-2015-0400: Ensure proper proxy protocols.
    - S8049253: Better GC validation.
    - S8050807, CVE-2015-0383: Better performing performance data handling.
    - S8054367, CVE-2015-0412: More references for endpoints.
    - S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel.
    - S8055309, CVE-2015-0408: RMI needs better transportation considerations.
    - S8055479: TLAB stability.
    - S8055489, CVE-2014-6585: Better substitution formats.
    - S8056264, CVE-2014-6587: Multicast support improvements.
    - S8056276, CVE-2014-6591: Fontmanager feature improvements.
    - S8057555, CVE-2014-6593: Less cryptic cipher suite management.
    - S8058982, CVE-2014-6601: Better verification of an exceptional invokespecial.
    - S8059485, CVE-2015-0410: Resolve parsing ambiguity.
    - S8061210, CVE-2014-3566: Issues in TLS.

openjdk-7 (7u71-2.5.3-2) unstable; urgency=medium

  * Regenerate the .orig.tar to omit a third hotspot tarball.
  * Really fix the libjpeg runtime dependency for sid and jessie.
    Closes: #766601.
  * Fix regression running JamVM after the 2.5.3 security update.
    Closes: #767771. LP: #1382205.
  * Fix regression running CACAO after the 2.5.3 security update.
  * Backport S8000897, VM crash in CompileBroker. Closes: #768747.
  * Fix building icedtea-sound on x32 (patch dropped in 7u71-2.5.3-1).
    Closes: #766610.
  * Don't use the compatibility path names from the ttf-dejavu packages
    for recent releases. LP: #1362099.

openjdk-7 (7u71-2.5.3-1) unstable; urgency=high

  * IcedTea7 2.5.3 release (based on OpenJDK 7u71).
  * Security fixes:
    - S8015256: Better class accessibility.
    - S8022783, CVE-2014-6504: Optimize C2 optimizations.
    - S8035162: Service printing service.
    - S8035781: Improve equality for annotations.
    - S8036805: Correct linker method lookup.
    - S8036810: Correct linker field lookup.
    - S8036936: Use local locales.
    - S8037066, CVE-2014-6457: Secure transport layer.
    - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams.
    - S8038364: Use certificate exceptions correctly.
    - S8038899: Safer safepoints.
    - S8038903: More native monitor monitoring.
    - S8038908: Make Signature more robust.
    - S8038913: Bolster XML support.
    - S8039509, CVE-2014-6512: Wrap sockets more thoroughly.
    - S8039533, CVE-2014-6517: Higher resolution resolvers.
    - S8041540, CVE-2014-6511: Better use of pages in font processing.
    - S8041529: Better parameterization of parameter lists.
    - S8041545: Better validation of generated rasters.
    - S8041564, CVE-2014-6506: Improved management of logger resources.
    - S8041717, CVE-2014-6519: Issue with class file parser.
    - S8042609, CVE-2014-6513: Limit splashiness of splash images.
    - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord.
    - S8044274, CVE-2014-6531: Proper property processing.

  [ Matthias Klose ]
  * Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo
    (Ondřej Surý). Closes: #763489.
  * Depend on libnss3 instead of libnss3-1d for recent releases.
    Addresses: #760122.
  * Ship the apt binary and man page again. Closes: #765037.

  [ Bill Huey ]
  * Icedtea 2.5.3, jamvm-2.0.0 and icetea-sound-1.0.1 packaging updates.

Date: 2015-01-27 15:59:13.096479+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: OpenJDK <openjdk at lists.launchpad.net>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list