[ubuntu/precise-security] openjdk-7 7u111-2.6.7-0ubuntu0.12.04.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Aug 16 23:03:48 UTC 2016 

openjdk-7 (7u111-2.6.7-0ubuntu0.12.04.2) precise-security; urgency=medium

  * Backport to Ubuntu 12.04.

openjdk-7 (7u111-2.6.7-0ubuntu0.14.04.2) trusty-security; urgency=medium

  * debian/patches/it-jamvm-8158260-unsafe-methods.patch: fix JAMVM
    after the introduction of two new Unsafe methods in the OpenJDK
    hotspot. Closes: #833933. (LP: #1611598)

openjdk-7 (7u111-2.6.7-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Backport to Ubuntu 12.04.

openjdk-7 (7u111-2.6.7-0ubuntu0.14.04.1) trusty-security; urgency=medium

  [ Matthias Klose ]
  * Fix handling of /usr/lib/jvm/*/jre/lib/zi if internal tzdata is used
    (Andreas Beckmann). Closes: #821858.
  * Add missing includes for aarch64 hotspot backport (building without pch).
  * Use in-tree lcms for backports.

  [ Tiago Stürmer Daitx ]
  * IcedTea release 2.6.7 (based on 7u111):
  * Security fixes
    - S8079718, CVE-2016-3458: IIOP Input Stream Hooking
    - S8145446, CVE-2016-3485: Perfect pipe placement (Windows only)
    - S8147771: Construction of static protection domains under Javax
      custom policy
    - S8148872, CVE-2016-3500: Complete name checking
    - S8149962, CVE-2016-3508: Better delineation of XML processing
    - S8150752: Share Class Data
    - S8151925: Font reference improvements
    - S8152479, CVE-2016-3550: Coded byte streams
    - S8155981, CVE-2016-3606: Bolster bytecode verification
    - S8155985, CVE-2016-3598: Persistent Parameter Processing
    - S8158571, CVE-2016-3610: Additional method handle validation
  * debian/rules:
    - Create symbolic link in source package (thanks Avinash).
      Closes: #832720.
    - Use in-tree lcms (LP: #913434)
  * debian/JB-jre-headless.prerm.in: check for /var/lib/binfmts/jar
    instead of /var/lib/binfmts/@basename@ before removing jar entry
    from binfmts. Closes: #821146.

openjdk-7 (7u101-2.6.6-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Backport to Ubuntu 14.04.

openjdk-7 (7u101-2.6.6-0ubuntu0.15.10.1) wily-security; urgency=medium

  * IcedTea release 2.6.6 (based on 7u101):
  * Security fixes
    - S8129952, CVE-2016-0686: Ensure thread consistency
    - S8132051, CVE-2016-0687: Better byte behavior
    - S8138593, CVE-2016-0695: Make DSA more fair
    - S8139008: Better state table management
    - S8143167, CVE-2016-3425: Better buffering of XML strings
    - S8144430, CVE-2016-3427: Improve JMX connections
    - S8146494: Better ligature substitution
    - S8146498: Better device table adjustments
  * debian/patches/jdk-8152335-improve-methodhandle-consistency.patch:
    removed, fix is upstream since 2.6.5
  * Disable arm32-jit for armhf and armel, broken by hotspot security patches.

Date: 2016-08-10 20:55:13.860652+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-7/7u111-2.6.7-0ubuntu0.12.04.2
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list