[ubuntu/precise-security] openjdk-7 7u85-2.6.1-5ubuntu0.12.04.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Wed Oct 28 07:21:34 UTC 2015 

openjdk-7 (7u85-2.6.1-5ubuntu0.12.04.1) precise-security; urgency=medium

  * Backport to Ubuntu 12.04 LTS.

openjdk-7 (7u85-2.6.1-5ubuntu0.15.10.1) wily-security; urgency=medium

  * SECURITY UPDATE:
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081744, CVE-2015-4868: Clear out list corner case
    - S8081760: Better group dynamics
    - S8086092. CVE-2015-4840: More palette improvements
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8129611: Accessbridge error handling improvement
    - S8130078, CVE-2015-4911: Document better processing
    - S8130185: More accessible access switch
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation
  * S6966259: Make PrincipalName and Realm immutable, required for S8048030
  * S8078822: 8068842 fix missed one new file
    PrimeNumberSequenceGenerator.java

openjdk-7 (7u85-2.6.1-5) unstable; urgency=medium

  * Fix passing --disable-system-sctp for non-linux targets.

openjdk-7 (7u85-2.6.1-4) unstable; urgency=medium

  * Build again with pulseaudio on alpha.
  * Update the kfreebsd support patches (Steven Chamberlain). Closes: #798123.
  * Fix parallel build. Closes: #798124.
  * Disable again the atk bridge, too many regressions. Reopens: #797595.

openjdk-7 (7u85-2.6.1-3) unstable; urgency=medium

  * Configure with --disable-system-sctp on KFreeBSD.
  * Stop building jamvm on mips and mipsel, fails to build.

openjdk-7 (7u85-2.6.1-2) unstable; urgency=medium

  * Stop building zero on AArch64, broken on the merged IcedTea Hotspot.
  * Only build-depend on libsctp-dev on linux architectures. 
  * Configure for zero on sparc64, Hotspot build fails too.

openjdk-7 (7u85-2.6.1-1) unstable; urgency=medium

  * IcedTea7 2.6.1 release (based on OpenJDK 7u85).
  * Configure for Hotspot on sparc64.
  * Add mips to the openjdk stage1 architectures.
  * Sort the enums and the annotations in the package-tree.html files (Emmanuel
    Bourg). Closes: #787159.
  * Re-enable the atk bridge for releases with a fixed atk bridge.
    Closes: #797595.
  * Make derivatives builds the same as the parent distro. Closes: #797662.

openjdk-7 (7u79-2.5.6-2) unstable; urgency=medium

  * Fix installing the openjdk.desktop file when cautious-launch is available.
    LP: #1448548.

openjdk-7 (7u79-2.5.6-1) unstable; urgency=medium

  * IcedTea7 2.5.6 release (based on OpenJDK 7u79).
  * Security fixes
    - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
    - S8067694, CVE-2015-2625: Improved certification checking.
    - S8071715, CVE-2015-4760: Tune font layout engine.
    - S8071731: Better scaling for C1.
    - S8072490: Better font morphing redux.
    - S8072887: Better font handling improvements.
    - S8073334: Improved font substitutions.
    - S8073773: Presume path preparedness.
    - S8073894: Getting to the root of certificate chains.
    - S8074330: Set font anchors more solidly.
    - S8074335: Substitute for substitution formats.
    - S8074865, CVE-2015-2601: General crypto resilience changes.
    - S8074871: Adjust device table handling.
    - S8075374, CVE-2015-4748: Responding to OCSP responses.
    - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
    - S8075738: Better multi-JVM sharing.
    - S8075833, CVE-2015-2613: Straighter Elliptic Curves.
    - S8075838: Method for typing MethodTypes.
    - S8075853, CVE-2015-2621: Proxy for MBean proxies.
    - S8076328, CVE-2015-4000: Enforce key exchange constraints.
    - S8076376, CVE-2015-2628: Enhance IIOP operations.
    - S8076397, CVE-2015-4731: Better MBean connections.
    - S8076401, CVE-2015-2590: Serialize OIS data.
    - S8076405, CVE-2015-4732: Improve serial serialization.
    - S8076409, CVE-2015-4733: Reinforce RMI framework.
    - S8077520, CVE-2015-2632: Morph tables into improved form.
    - PR2487, CVE-2015-4000: Make jdk8 mode the default for
      jdk.tls.ephemeralDHKeySize.
  * Update the kfreebsd hotspot support patch (Steven Chamberlain).
    Closes: #788982.
  * openjdk-7-jre: Recommend the real libgconf2-4 and libgnome2-0 packages.
    Closes: #786594.

Date: 2015-10-22 06:15:14.127240+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-7/7u85-2.6.1-5ubuntu0.12.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list