[ubuntu/precise-security] openjdk-7 7u79-2.5.6-0ubuntu1.12.04.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Jul 30 10:39:05 UTC 2015 

openjdk-7 (7u79-2.5.6-0ubuntu1.12.04.1) precise-security; urgency=medium

  * Backport to Ubuntu 12.04 LTS.

openjdk-7 (7u79-2.5.6-1) unstable; urgency=medium

  * IcedTea7 2.5.6 release (based on OpenJDK 7u79).
  * Security fixes
    - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
    - S8067694, CVE-2015-2625: Improved certification checking.
    - S8071715, CVE-2015-4760: Tune font layout engine.
    - S8071731: Better scaling for C1.
    - S8072490: Better font morphing redux.
    - S8072887: Better font handling improvements.
    - S8073334: Improved font substitutions.
    - S8073773: Presume path preparedness.
    - S8073894: Getting to the root of certificate chains.
    - S8074330: Set font anchors more solidly.
    - S8074335: Substitute for substitution formats.
    - S8074865, CVE-2015-2601: General crypto resilience changes.
    - S8074871: Adjust device table handling.
    - S8075374, CVE-2015-4748: Responding to OCSP responses.
    - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
    - S8075738: Better multi-JVM sharing.
    - S8075833, CVE-2015-2613: Straighter Elliptic Curves.
    - S8075838: Method for typing MethodTypes.
    - S8075853, CVE-2015-2621: Proxy for MBean proxies.
    - S8076328, CVE-2015-4000: Enforce key exchange constraints.
    - S8076376, CVE-2015-2628: Enhance IIOP operations.
    - S8076397, CVE-2015-4731: Better MBean connections.
    - S8076401, CVE-2015-2590: Serialize OIS data.
    - S8076405, CVE-2015-4732: Improve serial serialization.
    - S8076409, CVE-2015-4733: Reinforce RMI framework.
    - S8077520, CVE-2015-2632: Morph tables into improved form.
    - PR2487, CVE-2015-4000: Make jdk8 mode the default for
      jdk.tls.ephemeralDHKeySize.
  * Update the kfreebsd hotspot support patch (Steven Chamberlain).
    Closes: #788982.
  * openjdk-7-jre: Recommend the real libgconf2-4 and libgnome2-0 packages.
    Closes: #786594.

openjdk-7 (7u79-2.5.5-1) unstable; urgency=high

  * IcedTea7 2.5.5 release (based on OpenJDK 7u79).
  * Security fixes
    - S8059064: Better G1 log caching.
    - S8060461: Fix for JDK-8042609 uncovers additional issue.
    - S8064601, CVE-2015-0480: Improve jar file handling.
    - S8065286: Fewer subtable substitutions.
    - S8065291: Improved font lookups.
    - S8066479: Better certificate chain validation.
    - S8067050: Better font consistency checking.
    - S8067684: Better font substitutions.
    - S8067699, CVE-2015-0469: Better glyph storage.
    - S8068320, CVE-2015-0477: Limit applet requests.
    - S8068720, CVE-2015-0488: Better certificate options checking.
    - S8069198: Upgrade image library.
    - S8071726, CVE-2015-0478: Better RSA optimizations.
    - S8071818: Better vectorization on SPARC.
    - S8071931, CVE-2015-0460: Return of the phantom menace.
  * Build the documentation when building with a Hotspot VM. Closes: #781577.
  * openjdk-7-jre.preinst: Fix version for alternatives cleanup.
    Closes: #775072.
  * Re-enable HotSpot on SPARC; zero doesn't workm and there seems to be
    some work ongoing upstream.
  * Refresh patches.
  * Only install the openjdk-java.desktop file when using cautious-launcher.

Date: 2015-07-24 07:43:28.712728+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-7/7u79-2.5.6-0ubuntu1.12.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list