[ubuntu/quantal-security] openjdk-7 7u13-2.3.6-0ubuntu0.12.10.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Thu Feb 14 21:15:19 UTC 2013

openjdk-7 (7u13-2.3.6-0ubuntu0.12.10.1) quantal-security; urgency=low

  * Update for quantal

openjdk-7 (7u13-2.3.6-1ubuntu1) raring; urgency=low

  * Regenerate the control file.

openjdk-7 (7u13-2.3.6-1) experimental; urgency=low

  * IcedTea7 2.3.6 release.
    - Disable bootstrap builds, currently broken in IcedTea.
  * Security fixes:
    - S6563318, CVE-2013-0424: RMI data sanitization.
    - S6664509, CVE-2013-0425: Add logging context.
    - S6664528, CVE-2013-0426: Find log level matching its name or value given
      at construction time.
    - S6776941: CVE-2013-0427: Improve thread pool shutdown.
    - S7141694, CVE-2013-0429: Improving CORBA internals.
    - S7173145: Improve in-memory representation of splashscreens.
    - S7186945: Unpack200 improvement.
    - S7186946: Refine unpacker resource usage.
    - S7186948: Improve Swing data validation.
    - S7186952, CVE-2013-0432: Improve clipboard access.
    - S7186954: Improve connection performance.
    - S7186957: Improve Pack200 data validation.
    - S7192392, CVE-2013-0443: Better validation of client keys.
    - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages.
    - S7192977, CVE-2013-0442: Issue in toolkit thread.
    - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies.
    - S7200491: Tighten up JTable layout code.
    - S7200500: Launcher better input validation.
    - S7201064: Better dialogue checking.
    - S7201066, CVE-2013-0441: Change modifiers on unused fields.
    - S7201068, CVE-2013-0435: Better handling of UI elements.
    - S7201070: Serialization to conform to protocol.
    - S7201071, CVE-2013-0433: InetSocketAddress serialization issue.
    - S8000210: Improve JarFile code quality.
    - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class.
    - S8000540, CVE-2013-1475: Improve IIOP type reuse management.
    - S8000631, CVE-2013-1476: Restrict access to class constructor.
    - S8001235, CVE-2013-0434: Improve JAXP HTTP handling.
    - S8001242: Improve RMI HTTP conformance.
    - S8001307: Modify ACC_SUPER behavior.
    - S8001972, CVE-2013-1478: Improve image processing.
    - S8002325, CVE-2013-1480: Improve management of images.
  * Fix font suggestion for indic fonts in wheezy.
  * Fix fontconfig definitions for japanese and korean fonts, fixing
    compilation of the fontconfig file.
  * Add Built-Using: rhino attribute for the -lib package.
  * Don't use concurrent features to rewrite the rhino jar file.
  * Enable class data sharing for the hotspot server VM.

openjdk-7 (7u9-2.3.4-1) experimental; urgency=low

  * IcedTea7 2.3.4 release.
  * Security fixes
    - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries.
    - S8006017, CVE-2013-0422: Improve lookup resolutions.
    - S8006125: Update MethodHandles library interactions.
  * Bug fixes
    - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit
    - G422525: Fix building with PaX enabled kernels.

  [ Matthias Klose ]
  * Loosen OpenGL dependency. Closes: #695028.
  * Fix error parsing drop files parameter from pcmanfm (Alberto Fernández
    Martínez). Closes: #695992.

  [ Thorsten Glaser ]
  * debian/rules: Use gcj-4.6-jdk for m68k builds.
  * d/patches/text-relocations.patch: build with -fPIC on all archs.

Date: 2013-02-13 02:45:11.042476+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Quantal-changes mailing list