[ubuntu/saucy-proposed] openjdk-6 6b27-1.12.6-1ubuntu1 (Accepted)

Matthias Klose doko at ubuntu.com
Thu Jul 11 14:55:21 UTC 2013 

openjdk-6 (6b27-1.12.6-1ubuntu1) saucy; urgency=low

  * Merge with Debian.

openjdk-6 (6b27-1.12.6-1) unstable; urgency=high

  * IcedTea 1.12.6 release.
  * Security fixes:
    - S6741606, CVE-2013-2407: Integrate Apache Santuario.
    - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
    - S7170730, CVE-2013-2451: Improve Windows network stack support.
    - S8000638, CVE-2013-2450: Improve deserialization.
    - S8000642, CVE-2013-2446: Better handling of objects for transportation.
    - S8001032: Restrict object access.
    - S8001033, CVE-2013-2452: Refactor network address handling in virtual
      machine identifiers.
    - S8001034, CVE-2013-1500: Memory management improvements.
    - S8001038, CVE-2013-2444: Resourcefully handle resources.
    - S8001043: Clarify definition restrictions.
    - S8001309: Better handling of annotation interfaces.
    - S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
      InetAddress.getLocalHost.
    - S8001330, CVE-2013-2443: Improve on checking order.
    - S8003703, CVE-2013-2412: Update RMI connection dialog box.
    - S8004584: Augment applet contextualization.
    - S8005007: Better glyph processing.
    - S8006328, CVE-2013-2448: Improve robustness of sound classes.
    - S8006611: Improve scripting.
    - S8007467: Improve robustness of JMX internal APIs.
    - S8007471: Improve MBean notifications.
    - S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic
      for some classes.
    - S8008120, CVE-2013-2457: Improve JMX class checking.
    - S8008124, CVE-2013-2453: Better compliance testing.
    - S8008128: Better API coherence for JMX.
    - S8008132, CVE-2013-2456: Better serialization support.
    - S8008585: Better JMX data handling.
    - S8008593: Better URLClassLoader resource management.
    - S8008603: Improve provision of JMX providers.
    - S8008611: Better handling of annotations in JMX.
    - S8008615: Improve robustness of JMX internal APIs.
    - S8008623: Better handling of MBeanServers.
    - S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
    - S8008982: Adjust JMX for underlying interface changes.
    - S8009004: Better implementation of RMI connections.
    - S8009013: Better handling of T2K glyphs.
    - S8009034: Improve resulting notifications in JMX.
    - S8009038: Improve JMX notification support.
    - S8009067: Improve storing keys in KeyStore.
    - S8009071, CVE-2013-2459: Improve shape handling.
    - S8009235: Improve handling of TSA data.
    - S8011243, CVE-2013-2470: Improve ImagingLib.
    - S8011248, CVE-2013-2471: Better Component Rasters.
    - S8011253, CVE-2013-2472: Better Short Component Rasters.
    - S8011257, CVE-2013-2473: Better Byte Component Rasters.
    - S8012375, CVE-2013-1571: Improve Javadoc framing.
    - S8012421: Better positioning of PairPositioning.
    - S8012438, CVE-2013-2463: Better image validation.
    - S8012597, CVE-2013-2465: Better image channel verification.
    - S8012601, CVE-2013-2469: Better validation of image layouts.
    - S8014281, CVE-2013-2461: Better checking of XML signature.
    - S8015997: Additional improvement in Javadoc framing.
  * Backports:
    - See the NEWS file for a complete list of the backports.

Date: Thu, 11 Jul 2013 16:50:08 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
https://launchpad.net/ubuntu/saucy/+source/openjdk-6/6b27-1.12.6-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 11 Jul 2013 16:50:08 +0200
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea-6-jre-cacao icedtea-6-jre-jamvm openjdk-6-jre-zero
Architecture: source
Version: 6b27-1.12.6-1ubuntu1
Distribution: saucy
Urgency: high
Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea-6-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-6-source - OpenJDK Development Kit (JDK) source files
Changes: 
 openjdk-6 (6b27-1.12.6-1ubuntu1) saucy; urgency=low
 .
   * Merge with Debian.
 .
 openjdk-6 (6b27-1.12.6-1) unstable; urgency=high
 .
   * IcedTea 1.12.6 release.
   * Security fixes:
     - S6741606, CVE-2013-2407: Integrate Apache Santuario.
     - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
     - S7170730, CVE-2013-2451: Improve Windows network stack support.
     - S8000638, CVE-2013-2450: Improve deserialization.
     - S8000642, CVE-2013-2446: Better handling of objects for transportation.
     - S8001032: Restrict object access.
     - S8001033, CVE-2013-2452: Refactor network address handling in virtual
       machine identifiers.
     - S8001034, CVE-2013-1500: Memory management improvements.
     - S8001038, CVE-2013-2444: Resourcefully handle resources.
     - S8001043: Clarify definition restrictions.
     - S8001309: Better handling of annotation interfaces.
     - S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
       InetAddress.getLocalHost.
     - S8001330, CVE-2013-2443: Improve on checking order.
     - S8003703, CVE-2013-2412: Update RMI connection dialog box.
     - S8004584: Augment applet contextualization.
     - S8005007: Better glyph processing.
     - S8006328, CVE-2013-2448: Improve robustness of sound classes.
     - S8006611: Improve scripting.
     - S8007467: Improve robustness of JMX internal APIs.
     - S8007471: Improve MBean notifications.
     - S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic
       for some classes.
     - S8008120, CVE-2013-2457: Improve JMX class checking.
     - S8008124, CVE-2013-2453: Better compliance testing.
     - S8008128: Better API coherence for JMX.
     - S8008132, CVE-2013-2456: Better serialization support.
     - S8008585: Better JMX data handling.
     - S8008593: Better URLClassLoader resource management.
     - S8008603: Improve provision of JMX providers.
     - S8008611: Better handling of annotations in JMX.
     - S8008615: Improve robustness of JMX internal APIs.
     - S8008623: Better handling of MBeanServers.
     - S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
     - S8008982: Adjust JMX for underlying interface changes.
     - S8009004: Better implementation of RMI connections.
     - S8009013: Better handling of T2K glyphs.
     - S8009034: Improve resulting notifications in JMX.
     - S8009038: Improve JMX notification support.
     - S8009067: Improve storing keys in KeyStore.
     - S8009071, CVE-2013-2459: Improve shape handling.
     - S8009235: Improve handling of TSA data.
     - S8011243, CVE-2013-2470: Improve ImagingLib.
     - S8011248, CVE-2013-2471: Better Component Rasters.
     - S8011253, CVE-2013-2472: Better Short Component Rasters.
     - S8011257, CVE-2013-2473: Better Byte Component Rasters.
     - S8012375, CVE-2013-1571: Improve Javadoc framing.
     - S8012421: Better positioning of PairPositioning.
     - S8012438, CVE-2013-2463: Better image validation.
     - S8012597, CVE-2013-2465: Better image channel verification.
     - S8012601, CVE-2013-2469: Better validation of image layouts.
     - S8014281, CVE-2013-2461: Better checking of XML signature.
     - S8015997: Additional improvement in Javadoc framing.
   * Backports:
     - See the NEWS file for a complete list of the backports.
Checksums-Sha1: 
 286e0cf6ca906ec21c19b815f9ba2cc462b71ad1 2889 openjdk-6_6b27-1.12.6-1ubuntu1.dsc
 6a0b963b892437becfe11423397b2c5c66699ae3 63653337 openjdk-6_6b27-1.12.6.orig.tar.gz
 58c75e5826813bef7d25a6f6554e358b182d5cb9 166485 openjdk-6_6b27-1.12.6-1ubuntu1.diff.gz
Checksums-Sha256: 
 69e6ff6fa9e7cbcbc80e13078b31d5156e78e0d9cd8f39d2530d2d7b62ae33ee 2889 openjdk-6_6b27-1.12.6-1ubuntu1.dsc
 72e458a7bb8938179d4a0aa65e5162acbfb5b25e3d03b752e5d1fc11750b450e 63653337 openjdk-6_6b27-1.12.6.orig.tar.gz
 3290b3732cdafd9cbd1cb9208e03238cd1c7a6c95b983d5421a5e29e9d7b2fcb 166485 openjdk-6_6b27-1.12.6-1ubuntu1.diff.gz
Files: 
 0f46df59a07b42f746a1b7c111677e1e 2889 java optional openjdk-6_6b27-1.12.6-1ubuntu1.dsc
 fe76edb82392b52b23fda873459d799b 63653337 java optional openjdk-6_6b27-1.12.6.orig.tar.gz
 487c98e19ce9101dcd224dd09abfb8cf 166485 java optional openjdk-6_6b27-1.12.6-1ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlHexroACgkQStlRaw+TLJzWzgCgtLPhPTvAslGWlxBA6EkSaV22
6VkAoJRnv6hkyi7/nd8DKCwY9SY4WQrh
=1nQ7
-----END PGP SIGNATURE-----

More information about the Saucy-changes mailing list