[ubuntu/saucy-security] openjdk-7 7u55-2.4.7-1ubuntu1~0.13.10.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Wed Apr 30 13:16:19 UTC 2014 

openjdk-7 (7u55-2.4.7-1ubuntu1~0.13.10.1) saucy-security; urgency=medium

  * Backport for Ubuntu 13.10 (LP: #1283828)

openjdk-7 (7u55-2.4.7-1ubuntu1) trusty-security; urgency=medium

  * Regenerate the control file.

openjdk-7 (7u55-2.4.7-1) unstable; urgency=high

  * IcedTea7 2.4.7 release.
  * Security fixes
    - S8023046: Enhance splashscreen support.
    - S8025005: Enhance CORBA initializations.
    - S8025010, CVE-2014-2412: Enhance AWT contexts.
    - S8025030, CVE-2014-2414: Enhance stream handling.
    - S8025152, CVE-2014-0458: Enhance activation set up.
    - S8026067: Enhance signed jar verification.
    - S8026163, CVE-2014-2427: Enhance media provisioning.
    - S8026188, CVE-2014-2423: Enhance envelope factory.
    - S8026200: Enhance RowSet Factory.
    - S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling.
    - S8026736, CVE-2014-2398: Enhance Javadoc pages.
    - S8026797, CVE-2014-0451: Enhance data transfers.
    - S8026801, CVE-2014-0452: Enhance endpoint addressing.
    - S8027766, CVE-2014-0453: Enhance RSA processing.
    - S8027775: Enhance ICU code.
    - S8027841, CVE-2014-0429: Enhance pixel manipulations.
    - S8028385: Enhance RowSet Factory.
    - S8029282, CVE-2014-2403: Enhance CharInfo set up.
    - S8029286: Enhance subject delegation.
    - S8029699: Update Poller demo.
    - S8029730: Improve audio device additions.
    - S8029735: Enhance service mgmt natives.
    - S8029740, CVE-2014-0446: Enhance handling of loggers.
    - S8029745, CVE-2014-0454: Enhance algorithm checking.
    - S8029750: Enhance LCMS color processing (LCMS 2 only).
    - S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg).
    - S8029844, CVE-2014-0455: Enhance argument validation.
    - S8029854, CVE-2014-2421: Enhance JPEG decodings.
    - S8029858, CVE-2014-0456: Enhance array copies.
    - S8030731, CVE-2014-0460: Improve name service robustness.
    - S8031330: Refactor ObjectFactory.
    - S8031335, CVE-2014-0459: Better color profiling.
    - S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng).
    - S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader.
    - S8031395: Enhance LDAP processing.
    - S8032686, CVE-2014-2413: Issues with method invoke.
    - S8033618, CVE-2014-1876: Correct logging output.
    - S8034926, CVE-2014-2397: Attribute classes properly.
    - S8036794, CVE-2014-0461: Manage JavaScript instances.
  * AArch64 fixes.

openjdk-7 (7u51-2.4.6-1ubuntu4) trusty; urgency=medium

  * AArch64 hotspot fixes (Ed Nevill):
    - Use gcc __clear_cache instead of doing it ourselves.
    - Preserve callee save FP registers around call to java code.

openjdk-7 (7u51-2.4.6-1ubuntu3) trusty; urgency=medium

  * Don't search ecj.jar when it is not required for the build.

openjdk-7 (7u51-2.4.6-1ubuntu2) trusty; urgency=medium

  * Fix the AArch64 build.
  * Regenerate the control file.

openjdk-7 (7u51-2.4.6-1) unstable; urgency=medium

  * IcedTea7 2.4.6 release.
  * Explicitly use AC_MAINTAINER_MODE and automake-1.11 to create the
    debian .orig tarball. Addresses: #740289.
  * Apply patch from upstream to fix bold fonts in Swing applications using
    GTK L&F (Ryan Tandy). LP: #937200.
  * Explicitly build-depend on libkrb5-dev.
  * On AArch64 don't use the hotsport backport for the zero build.

openjdk-7 (7u51-2.4.6~pre1-1) unstable; urgency=medium

  * IcedTea7 2.4.6 prerelease.
  * Fix icedtea-web build failure on kfreebsd-* (unable to find
    sun.security.util.SecurityConstants). Steven Chamberlain. Closes: #739032.
  * Update the AArch64 Hotspot.

openjdk-7 (7u51-2.4.5-2) unstable; urgency=medium

  * Update the KFreeBSD patch (Steven Chamberlain). Closes: #736291.

openjdk-7 (7u51-2.4.5-1) unstable; urgency=medium

  * IcedTea7 2.4.5 release.
  * Build Hotspot client and server vms for AArch64.

openjdk-7 (7u51-2.4.4-1) unstable; urgency=medium

  * IcedTea7 2.4.4 release.
  * Security fixes
    - S6727821: Enhance JAAS Configuration.
    - S7068126, CVE-2014-0373: Enhance SNMP statuses.
    - S8010935: Better XML handling.
    - S8011786, CVE-2014-0368: Better applet networking.
    - S8021257, S8025022, CVE-2013-5896 : com.sun.corba.se.** should be
      on restricted package list.
    - S8021271, S8021266, CVE-2014-0408: Better buffering in ObjC code.
    - S8022904: Enhance JDBC Parsers.
    - S8022927: Input validation for byte/endian conversions.
    - S8022935: Enhance Apache resolver classes.
    - S8022945: Enhance JNDI implementation classes.
    - S8023057: Enhance start up image display.
    - S8023069, CVE-2014-0411: Enhance TLS connections.
    - S8023245, CVE-2014-0423: Enhance Beans decoding.
    - S8023301: Enhance generic classes.
    - S8023338: Update jarsigner to encourage timestamping.
    - S8023672: Enhance jar file validation.
    - S8024302: Clarify jar verifications.
    - S8024306, CVE-2014-0416: Enhance Subject consistency.
    - S8024530: Enhance font process resilience.
    - S8024867: Enhance logging start up.
    - S8025014: Enhance Security Policy.
    - S8025018, CVE-2014-0376: Enhance JAX-P set up.
    - S8025026, CVE-2013-5878: Enhance canonicalization.
    - S8025034, CVE-2013-5907: Improve layout lookups.
    - S8025448: Enhance listening events.
    - S8025758, CVE-2014-0422: Enhance Naming management.
    - S8025767, CVE-2014-0428: Enhance IIOP Streams.
    - S8026172: Enhance UI Management.
    - S8026176: Enhance document printing.
    - S8026193, CVE-2013-5884: Enhance CORBA stub factories.
    - S8026204: Enhance auth login contexts.
    - S8026417, CVE-2013-5910: Enhance XML canonicalization.
    - S8026502: java/lang/invoke/MethodHandleConstants.java fails on all
      platforms.
    - S8027201, CVE-2014-0376: Enhance JAX-P set up.
    - S8029507, CVE-2013-5893: Enhance JVM method processing.
    - S8029533: REGRESSION: closed/java/lang/invoke/8008140/Test8008140.java
      fails agains.
  * Remove alpha from stage1_gcj_archs.
  * Use the langtools and jdk tarballs as provided by IcedTea.
  * Hotspot is dead on sparc. Build the zero interpreter as the default.
  * Blindly update the KF***BSD patches.

Date: 2014-04-17 20:47:12.717426+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/openjdk-7/7u55-2.4.7-1ubuntu1~0.13.10.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Saucy-changes mailing list