[ubuntu/saucy-proposed] openjdk-7 7u25-2.3.10-1ubuntu1 (Accepted)
Matthias Klose
doko at ubuntu.com
Mon Jul 1 10:10:22 UTC 2013
openjdk-7 (7u25-2.3.10-1ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.10-1) unstable; urgency=high
* IcedTea7 2.3.10 release.
* Security fixes
* S6741606, CVE-2013-2407: Integrate Apache Santuario.
* S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
* S7170730, CVE-2013-2451: Improve Windows network stack support.
* S8000638, CVE-2013-2450: Improve deserialization.
* S8000642, CVE-2013-2446: Better handling of objects for transportation.
* S8001032: Restrict object access.
* S8001033, CVE-2013-2452: Refactor network address handling in virtual
machine identifiers.
* S8001034, CVE-2013-1500: Memory management improvements.
* S8001038, CVE-2013-2444: Resourcefully handle resources.
* S8001043: Clarify definition restrictions.
* S8001308: Update display of applet windows.
* S8001309: Better handling of annotation interfaces.
* S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
InetAddress.getLocalHost.
* S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only).
* S8003703, CVE-2013-2412: Update RMI connection dialog box.
* S8004288, CVE-2013-2449: (fs) Files.probeContentType problems.
* S8004584: Augment applet contextualization.
* S8005007: Better glyph processing.
* S8006328, CVE-2013-2448: Improve robustness of sound classes.
* S8006611: Improve scripting.
* S8007467: Improve robustness of JMX internal APIs.
* S8007471: Improve MBean notifications.
* S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes.
* S8007925: Improve cmsStageAllocLabV2ToV4curves.
* S8007926: Improve cmsPipelineDup.
* S8007927: Improve cmsAllocProfileSequenceDescription.
* S8007929: Improve CurvesAlloc.
* S8008120, CVE-2013-2457: Improve JMX class checking.
* S8008124, CVE-2013-2453: Better compliance testing.
* S8008128: Better API coherence for JMX.
* S8008132, CVE-2013-2456: Better serialization support.
* S8008585: Better JMX data handling.
* S8008593: Better URLClassLoader resource management.
* S8008603: Improve provision of JMX providers.
* S8008607: Better input checking in JMX.
* S8008611: Better handling of annotations in JMX.
* S8008615: Improve robustness of JMX internal APIs.
* S8008623: Better handling of MBeanServers.
* S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
* S8008982: Adjust JMX for underlying interface changes.
* S8009004: Better implementation of RMI connections.
* S8009008: Better manage management-api.
* S8009013: Better handling of T2K glyphs.
* S8009034: Improve resulting notifications in JMX.
* S8009038: Improve JMX notification support.
* S8009057, CVE-2013-2448: Improve MIDI event handling.
* S8009067: Improve storing keys in KeyStore.
* S8009071, CVE-2013-2459: Improve shape handling.
* S8009235: Improve handling of TSA data.
* S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change.
* S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields.
* S8009654: Improve stability of cmsnamed.
* S8010209, CVE-2013-2460: Better provision of factories.
* S8011243, CVE-2013-2470: Improve ImagingLib.
* S8011248, CVE-2013-2471: Better Component Rasters.
* S8011253, CVE-2013-2472: Better Short Component Rasters.
* S8011257, CVE-2013-2473: Better Byte Component Rasters.
* S8012375, CVE-2013-1571: Improve Javadoc framing.
* S8012421: Better positioning of PairPositioning.
* S8012438, CVE-2013-2463: Better image validation.
* S8012597, CVE-2013-2465: Better image channel verification.
* S8012601, CVE-2013-2469: Better validation of image layouts.
* S8014281, CVE-2013-2461: Better checking of XML signature.
* S8015997: Additional improvement in Javadoc framing.
* Breaks icedtea-netx (<< 1.4-2).
Date: Sun, 30 Jun 2013 22:39:51 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
https://launchpad.net/ubuntu/saucy/+source/openjdk-7/7u25-2.3.10-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 30 Jun 2013 22:39:51 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm openjdk-7-jre-zero
Architecture: source
Version: 7u25-2.3.10-1ubuntu1
Distribution: saucy
Urgency: high
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
openjdk-7-jdk - OpenJDK Development Kit (JDK)
openjdk-7-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-7-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-7-source - OpenJDK Development Kit (JDK) source files
Changes:
openjdk-7 (7u25-2.3.10-1ubuntu1) saucy; urgency=low
.
* Regenerate the control file.
.
openjdk-7 (7u25-2.3.10-1) unstable; urgency=high
.
* IcedTea7 2.3.10 release.
* Security fixes
* S6741606, CVE-2013-2407: Integrate Apache Santuario.
* S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
* S7170730, CVE-2013-2451: Improve Windows network stack support.
* S8000638, CVE-2013-2450: Improve deserialization.
* S8000642, CVE-2013-2446: Better handling of objects for transportation.
* S8001032: Restrict object access.
* S8001033, CVE-2013-2452: Refactor network address handling in virtual
machine identifiers.
* S8001034, CVE-2013-1500: Memory management improvements.
* S8001038, CVE-2013-2444: Resourcefully handle resources.
* S8001043: Clarify definition restrictions.
* S8001308: Update display of applet windows.
* S8001309: Better handling of annotation interfaces.
* S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
InetAddress.getLocalHost.
* S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only).
* S8003703, CVE-2013-2412: Update RMI connection dialog box.
* S8004288, CVE-2013-2449: (fs) Files.probeContentType problems.
* S8004584: Augment applet contextualization.
* S8005007: Better glyph processing.
* S8006328, CVE-2013-2448: Improve robustness of sound classes.
* S8006611: Improve scripting.
* S8007467: Improve robustness of JMX internal APIs.
* S8007471: Improve MBean notifications.
* S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes.
* S8007925: Improve cmsStageAllocLabV2ToV4curves.
* S8007926: Improve cmsPipelineDup.
* S8007927: Improve cmsAllocProfileSequenceDescription.
* S8007929: Improve CurvesAlloc.
* S8008120, CVE-2013-2457: Improve JMX class checking.
* S8008124, CVE-2013-2453: Better compliance testing.
* S8008128: Better API coherence for JMX.
* S8008132, CVE-2013-2456: Better serialization support.
* S8008585: Better JMX data handling.
* S8008593: Better URLClassLoader resource management.
* S8008603: Improve provision of JMX providers.
* S8008607: Better input checking in JMX.
* S8008611: Better handling of annotations in JMX.
* S8008615: Improve robustness of JMX internal APIs.
* S8008623: Better handling of MBeanServers.
* S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
* S8008982: Adjust JMX for underlying interface changes.
* S8009004: Better implementation of RMI connections.
* S8009008: Better manage management-api.
* S8009013: Better handling of T2K glyphs.
* S8009034: Improve resulting notifications in JMX.
* S8009038: Improve JMX notification support.
* S8009057, CVE-2013-2448: Improve MIDI event handling.
* S8009067: Improve storing keys in KeyStore.
* S8009071, CVE-2013-2459: Improve shape handling.
* S8009235: Improve handling of TSA data.
* S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change.
* S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields.
* S8009654: Improve stability of cmsnamed.
* S8010209, CVE-2013-2460: Better provision of factories.
* S8011243, CVE-2013-2470: Improve ImagingLib.
* S8011248, CVE-2013-2471: Better Component Rasters.
* S8011253, CVE-2013-2472: Better Short Component Rasters.
* S8011257, CVE-2013-2473: Better Byte Component Rasters.
* S8012375, CVE-2013-1571: Improve Javadoc framing.
* S8012421: Better positioning of PairPositioning.
* S8012438, CVE-2013-2463: Better image validation.
* S8012597, CVE-2013-2465: Better image channel verification.
* S8012601, CVE-2013-2469: Better validation of image layouts.
* S8014281, CVE-2013-2461: Better checking of XML signature.
* S8015997: Additional improvement in Javadoc framing.
* Breaks icedtea-netx (<< 1.4-2).
Checksums-Sha1:
9b0e2322d069f822dddc8b268157319577810571 2973 openjdk-7_7u25-2.3.10-1ubuntu1.dsc
e4bdc74f3c98082c839a224ff1dd408bb40d5d54 77804591 openjdk-7_7u25-2.3.10.orig.tar.gz
a73c0b56b514927f3e27b7fc642a05721810ed7f 194087 openjdk-7_7u25-2.3.10-1ubuntu1.diff.gz
Checksums-Sha256:
668c37126b26f52530ced72ab8b0aa27cd0232bd5c1318e9fb006b3b8456db5b 2973 openjdk-7_7u25-2.3.10-1ubuntu1.dsc
cd775eb74ec83d1c2fffa20eca23f67876db5a60bc94e24104ca119c30017730 77804591 openjdk-7_7u25-2.3.10.orig.tar.gz
481d26c63666d9ec23f8fafeef001a2ea7eb72dba70f101857bc0b5bb1ce99f1 194087 openjdk-7_7u25-2.3.10-1ubuntu1.diff.gz
Files:
ebc628290acf1d029b91b34cc98760c4 2973 java optional openjdk-7_7u25-2.3.10-1ubuntu1.dsc
e7abc90f7f26e573594bdd571a1ca7cd 77804591 java optional openjdk-7_7u25-2.3.10.orig.tar.gz
aec94829c75a2126e432dae3d006eb88 194087 java optional openjdk-7_7u25-2.3.10-1ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlHRVIQACgkQStlRaw+TLJxmPQCZAZdExtRpMSyzr2WAtsLtr6Ji
uAMAnj9Nh52MAIogNygMBAe6GN2hP3kw
=IXKb
-----END PGP SIGNATURE-----
More information about the Saucy-changes
mailing list