This bug was fixed in the package openjdk-6 - 6b23~pre11-0ubuntu1.11.10
--------------- openjdk-6 (6b23~pre11-0ubuntu1.11.10) oneiric-security; urgency=low
* Build for oneiric.
openjdk-6 (6b23~pre11-1) unstable; urgency=high
* Build with jpeg8. Closes: #644070. * Tighten inter-package dependencies for Debian builds. Closes: #641240.
openjdk-6 (6b23~pre11-0ubuntu1) precise; urgency=low
* Update from the IcedTea6 branch (20111019) LP: #878684. - Security fixes: - S7000600, CVE-2011-3547: InputStream skip() information leak. - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor. - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow. - S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager. - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak. - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine. - S7055902, CVE-2011-3521: IIOP deserialization code execution. - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks. - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST). - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer. - S7077466, CVE-2011-3556: RMI DGC server remote code execution. - S7083012, CVE-2011-3557: RMI registry privileged code execution. - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection. - Update JamVM. - Implement classlibCheckIfOnLoad(). - Make thread states JVMTI compatible. - Handle 'g' when specifying memory + extra checks. - Make command line compatibility options table-driven. - Update CACAO.
openjdk-6 (6b23~pre10-1) unstable; urgency=low
[ Matthias Klose ] * Fix exception on trying to start PulseAudio playback on ARM (Xerxes Rånby, David Henningsson). LP: #862286.
[ Damien Raude-Morvan ] * Add myself to Uploaders. * d/rules: Fix java.policy to include jre/lib/ext/* files (instead of non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar to sun.* code. (Closes: #642734, #642598). -- Matthias Klose <email address hidden> Thu, 20 Oct 2011 18:05:17 +0200
This bug was fixed in the package openjdk-6 - 6b23~pre11- 0ubuntu1. 11.10
--------------- 0ubuntu1. 11.10) oneiric-security; urgency=low
openjdk-6 (6b23~pre11-
* Build for oneiric.
openjdk-6 (6b23~pre11-1) unstable; urgency=high
* Build with jpeg8. Closes: #644070.
* Tighten inter-package dependencies for Debian builds. Closes: #641240.
openjdk-6 (6b23~pre11- 0ubuntu1) precise; urgency=low
* Update from the IcedTea6 branch (20111019) LP: #878684.
SecurityManage r.
PorterStemmer.
HttpsURLConnec tion. OnLoad( ).
- Security fixes:
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
error checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
- Update JamVM.
- Implement classlibCheckIf
- Make thread states JVMTI compatible.
- Handle 'g' when specifying memory + extra checks.
- Make command line compatibility options table-driven.
- Update CACAO.
openjdk-6 (6b23~pre10-1) unstable; urgency=low
[ Matthias Klose ]
* Fix exception on trying to start PulseAudio playback on ARM (Xerxes
Rånby, David Henningsson). LP: #862286.
[ Damien Raude-Morvan ]
* Add myself to Uploaders.
* d/rules: Fix java.policy to include jre/lib/ext/* files (instead of
non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar
to sun.* code. (Closes: #642734, #642598).
-- Matthias Klose <email address hidden> Thu, 20 Oct 2011 18:05:17 +0200