This bug was fixed in the package openjdk-6b18 - 6b18-1.8.7-0ubuntu2
--------------- openjdk-6b18 (6b18-1.8.7-0ubuntu2) natty; urgency=low
* Browser plugin and Webstart are built from icedtea-web. LP: #726845.
openjdk-6b18 (6b18-1.8.7-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.7 release. - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption. - S6907662, CVE-2010-4465: Swing timer-based security manager bypass. - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation. - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets. - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries. - S6985453, CVE-2010-4471: Java2D font-related system property leak. - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation. - CVE-2011-0706: Multiple signers privilege escalation.
* IcedTea6 1.8.6 release. - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
openjdk-6b18 (6b18-1.8.5-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.5 release. - CVE-2011-0025: IcedTea jarfile signature verification bypass. -- Matthias Klose <email address hidden> Wed, 02 Mar 2011 19:55:46 +0100
This bug was fixed in the package openjdk-6b18 - 6b18-1.8.7-0ubuntu2
--------------- 8.7-0ubuntu2) natty; urgency=low
openjdk-6b18 (6b18-1.
* Browser plugin and Webstart are built from icedtea-web. LP: #726845.
openjdk-6b18 (6b18-1. 8.7-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.7 release.
- S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption.
- S6907662, CVE-2010-4465: Swing timer-based security manager bypass.
- S6994263, CVE-2010-4472: Untrusted code allowed to replace
DSIG/C14N implementation.
- S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets.
- S6983554, CVE-2010-4450: Launcher incorrect processing of empty
library path entries.
- S6985453, CVE-2010-4471: Java2D font-related system property leak.
- S6927050, CVE-2010-4470: JAXP untrusted component state manipulation.
- CVE-2011-0706: Multiple signers privilege escalation.
* IcedTea6 1.8.6 release.
- S4421494, CVE-2010-4476: infinite loop while parsing double literal.
openjdk-6b18 (6b18-1. 8.5-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass.
-- Matthias Klose <email address hidden> Wed, 02 Mar 2011 19:55:46 +0100