[ubuntu/vivid-security] openjdk-6 6b37-1.13.9-1ubuntu0.15.04.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Dec 3 10:47:18 UTC 2015 

openjdk-6 (6b37-1.13.9-1ubuntu0.15.04.1) vivid-security; urgency=medium

  * Backport to Ubuntu 15.04.

openjdk-6 (6b37-1.13.9-1) experimental; urgency=medium

  [ Tiago Stürmer Daitx ]
  * IcedTea 1.13.9 release.
  * Security fixes:
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081760: Better group dynamics
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8130078, CVE-2015-4911: Document better processing
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation

openjdk-6 (6b36-1.13.8-1) experimental; urgency=medium

  * IcedTea 1.13.8 release.
  * Security fixes:
    - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
    - S8067694, CVE-2015-2625: Improved certification checking.
    - S8071715, CVE-2015-4760: Tune font layout engine.
    - S8071731: Better scaling for C1.
    - S8072490: Better font morphing redux.
    - S8072887: Better font handling improvements.
    - S8073334: Improved font substitutions.
    - S8073773: Presume path preparedness.
    - S8073894: Getting to the root of certificate chains.
    - S8074330: Set font anchors more solidly.
    - S8074335: Substitute for substitution formats.
    - S8074865, CVE-2015-2601: General crypto resilience changes.
    - S8074871: Adjust device table handling.
    - S8075374, CVE-2015-4748: Responding to OCSP responses.
    - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
    - S8075738: Better multi-JVM sharing.
    - S8075838: Method for typing MethodTypes.
    - S8075853, CVE-2015-2621: Proxy for MBean proxies.
    - S8076328, CVE-2015-4000: Enforce key exchange constraints.
    - S8076376, CVE-2015-2628: Enhance IIOP operations.
    - S8076397, CVE-2015-4731: Better MBean connections.
    - S8076401, CVE-2015-2590: Serialize OIS data.
    - S8076405, CVE-2015-4732: Improve serial serialization.
    - S8076409, CVE-2015-4733: Reinforce RMI framework.
    - S8077520, CVE-2015-2632: Morph tables into improved form.
    - PR2488, CVE-2015-4000: Make jdk8 mode the default for
      jdk.tls.ephemeralDHKeySize.
  * Refresh patches.

Date: 2015-11-24 20:50:32.161920+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-6/6b37-1.13.9-1ubuntu0.15.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Vivid-changes mailing list