Viewing all changes in revision 559.
- Committer: Matthias Klose
- Date: 2014-07-17 10:14:51 UTC
- Revision ID: doko@18xx.org-20140717101451-2vwbf4y3zutbd7c5
openjdk-7 (7u65-2.5.1-1) unstable; urgency=high
* IcedTea7 2.5.1 release (based on OpenJDK 7u65).
* Security fixes:
- S8029755, CVE-2014-4209: Enhance subject class.
- S8030763: Validate global memory allocation.
- S8031340, CVE-2014-4264: Better TLS/EC management.
- S8031346, CVE-2014-4244: Enhance RSA key handling.
- S8031540: Introduce document horizon.
- S8032536: JVM resolves wrong method in some unusual cases.
- S8033055: Issues in 2d.
- S8033301, CVE-2014-4266: Build more informative InfoBuilder.
- S8034267: Probabilistic native crash.
- S8034272: Do not cram data into CRAM arrays.
- S8034985, CVE-2014-2483: Better form for Lambda Forms.
- S8035004, CVE-2014-4252: Provider provides less service.
- S8035009, CVE-2014-4218: Make Proxy representations consistent.
- S8035119, CVE-2014-4219: Fix exceptions to bytecode verification.
- S8035699, CVE-2014-4268: File choosers should be choosier.
- S8035788. CVE-2014-4221: Provide more consistency for lookups.
- S8035793, CVE-2014-4223: Maximum arity maxed out.
- S8036571: (process) Process process arguments carefully.
- S8036800: Attribute OOM to correct part of code.
- S8037046: Validate libraries to be loaded.
- S8037076, CVE-2014-2490: Check constant pool constants.
- S8037157: Verify <init> call.
- S8037162, CVE-2014-4263: More robust DH exchanges.
- S8037167, CVE-2014-4216: Better method signature resolution.
- S8039520, CVE-2014-4262: More atomicity of atomic updates.
* Build libjsig and libsaproc with hardening defaults.
* Fix some lintian warnings.
* Move libjavagtk into the -jre package. Closes: #754770.
* Recognize -dcevm as a jvm. Closes: #748625.
* Install the src.zip into an architecture independent path. Closes: #749648.
-- Matthias Klose <doko@ubuntu.com> Wed, 16 Jul 2014 21:27:01 +0200
* IcedTea7 2.5.1 release (based on OpenJDK 7u65).
* Security fixes:
- S8029755, CVE-2014-4209: Enhance subject class.
- S8030763: Validate global memory allocation.
- S8031340, CVE-2014-4264: Better TLS/EC management.
- S8031346, CVE-2014-4244: Enhance RSA key handling.
- S8031540: Introduce document horizon.
- S8032536: JVM resolves wrong method in some unusual cases.
- S8033055: Issues in 2d.
- S8033301, CVE-2014-4266: Build more informative InfoBuilder.
- S8034267: Probabilistic native crash.
- S8034272: Do not cram data into CRAM arrays.
- S8034985, CVE-2014-2483: Better form for Lambda Forms.
- S8035004, CVE-2014-4252: Provider provides less service.
- S8035009, CVE-2014-4218: Make Proxy representations consistent.
- S8035119, CVE-2014-4219: Fix exceptions to bytecode verification.
- S8035699, CVE-2014-4268: File choosers should be choosier.
- S8035788. CVE-2014-4221: Provide more consistency for lookups.
- S8035793, CVE-2014-4223: Maximum arity maxed out.
- S8036571: (process) Process process arguments carefully.
- S8036800: Attribute OOM to correct part of code.
- S8037046: Validate libraries to be loaded.
- S8037076, CVE-2014-2490: Check constant pool constants.
- S8037157: Verify <init> call.
- S8037162, CVE-2014-4263: More robust DH exchanges.
- S8037167, CVE-2014-4216: Better method signature resolution.
- S8039520, CVE-2014-4262: More atomicity of atomic updates.
* Build libjsig and libsaproc with hardening defaults.
* Fix some lintian warnings.
* Move libjavagtk into the -jre package. Closes: #754770.
* Recognize -dcevm as a jvm. Closes: #748625.
* Install the src.zip into an architecture independent path. Closes: #749648.
-- Matthias Klose <doko@ubuntu.com> Wed, 16 Jul 2014 21:27:01 +0200
- files added:
- patches/it-nss-softokn-config.diff
- files removed:
- patches/workaround_expand_exec_shield_cs_limit.diff
- files modified:
- JB-demo.overrides.in
expand all
collapse all
added
removed
