[ubuntu/wily-security] openjdk-7 7u91-2.6.3-0ubuntu0.15.10.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Wed Nov 25 16:48:57 UTC 2015


openjdk-7 (7u91-2.6.3-0ubuntu0.15.10.1) wily-security; urgency=medium

  * Icedtea release 2.6.3 (based on 7u91):
  * Security fixes
    - S8142882, CVE-2015-4871: rebinding of the receiver of a 
       DirectMethodHandle may allow a protected method to be accessed
  * Bad merge in IcedTea caused 2.6.1 to leak shmem chunks, affecting 
    other applications such as QT and VLC, thanks Andrew Hughes for the
    fix in 2.6.2. (LP: #1512760)

openjdk-7 (7u91-2.6.2-1) unstable; urgency=medium

  [ Tiago Stürmer Daitx ]
  * IcedTea release 2.6.2 (based on 7u91):
  * Security fixes
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081760: Better group dynamics
    - S8086092, CVE-2015-4840: More palette improvements
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8130078, CVE-2015-4911: Document better processing
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation
  * d/patches/it-debian-build-flags.diff: refreshed
  * d/patches/it-set-compiler.diff: refreshed
  * d/patches/it-use-quilt.diff: refreshed and updated
  * d/patches/it-jamvm-2.0.diff: refreshed
  * d/patches/xrender: removed as it was applied upstream

openjdk-7 (7u85-2.6.1-6) unstable; urgency=medium

  [ Tiago Stürmer Daitx ]
  * Security fixes
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081744, CVE-2015-4868: Clear out list corner case
    - S8081760: Better group dynamics
    - S8086092. CVE-2015-4840: More palette improvements
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8129611: Accessbridge error handling improvement
    - S8130078, CVE-2015-4911: Document better processing
    - S8130185: More accessible access switch
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation
  * S6966259: Make PrincipalName and Realm immutable, required for S8048030
  * S8078822: 8068842 fix missed one new file
    PrimeNumberSequenceGenerator.java

  [ Matthias Klose ]
  * Re-enable the atk bridge for releases with a fixed atk bridge.
    Again closes: #797595.

Date: 2015-11-19 05:26:14.571866+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.15.10.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Wily-changes mailing list