Comment 3 for bug 878684

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-6 - 6b23~pre11-0ubuntu1.11.10

---------------
openjdk-6 (6b23~pre11-0ubuntu1.11.10) oneiric-security; urgency=low

  * Build for oneiric.

openjdk-6 (6b23~pre11-1) unstable; urgency=high

  * Build with jpeg8. Closes: #644070.
  * Tighten inter-package dependencies for Debian builds. Closes: #641240.

openjdk-6 (6b23~pre11-0ubuntu1) precise; urgency=low

  * Update from the IcedTea6 branch (20111019) LP: #878684.
    - Security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak.
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
      - S7032417, CVE-2011-3552: excessive default UDP socket limit under
        SecurityManager.
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
      - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
        engine.
      - S7055902, CVE-2011-3521: IIOP deserialization code execution.
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
        error checks.
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
        against SSL/TLS (BEAST).
      - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
        PorterStemmer.
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution.
      - S7083012, CVE-2011-3557: RMI registry privileged code execution.
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection.
    - Update JamVM.
      - Implement classlibCheckIfOnLoad().
      - Make thread states JVMTI compatible.
      - Handle 'g' when specifying memory + extra checks.
      - Make command line compatibility options table-driven.
    - Update CACAO.

openjdk-6 (6b23~pre10-1) unstable; urgency=low

  [ Matthias Klose ]
  * Fix exception on trying to start PulseAudio playback on ARM (Xerxes
    Rånby, David Henningsson). LP: #862286.

  [ Damien Raude-Morvan ]
  * Add myself to Uploaders.
  * d/rules: Fix java.policy to include jre/lib/ext/* files (instead of
    non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar
    to sun.* code. (Closes: #642734, #642598).
 -- Matthias Klose <email address hidden> Thu, 20 Oct 2011 18:05:17 +0200