| 574
|
|
openjdk-6 (6b39-1.13.11-1) experimental; urgency=medium
[ Tiago Stürmer Daitx ]
* IcedTea 1.13.11 release.
* Security fixes:
- S8129952, CVE-2016-0686: Ensure thread consistency
- S8132051, CVE-2016-0687: Better byte behavior
- S8138593, CVE-2016-0695: Make DSA more fair
- S8139008: Better state table management
- S8143167, CVE-2016-3425: Better buffering of XML strings
- S8144430, CVE-2016-3427: Improve JMX connections
- S8146494: Better ligature substitution
- S8146498: Better device table adjustments
* debian/rules: remove deprecated dh_desktop call. Closes #817302
[ Matthias Klose ]
* Fix handling of /usr/lib/jvm/*/jre/lib/zi if internal tzdata is used.
Addresses: #821858.
* Build on ARM using the zero port (without the ARM assembler interpreter).
Broken in the security update.
-- Matthias Klose <doko@ubuntu.com> Fri, 06 May 2016 21:32:49 +0200
openjdk-6 (6b38-1.13.10-1) experimental; urgency=medium
[ Tiago Stürmer Daitx ]
* IcedTea 1.13.10 release.
* Security fixes:
- S8059054, CVE-2016-0402: Better URL processing
- S8130710, CVE-2016-0448: Better attributes processing
- S8133962, CVE-2016-0466: More general limits
- S8137060: JMX memory management improvements
- S8139012: Better font substitutions
- S8139017, CVE-2016-0483: More stable image decoding
- S8140543, CVE-2016-0494: Arrange font actions
- S8143185: Cleanup for handling proxies
- S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays
* Other fixes:
- S7169111, PR2757: Unreadable menu bar with Ambiance theme in GTK L&F
(LP: #932274)
* debian/rules: removed old @op@, @pkg_version@, and @pkg_sversion@
* debian/control.in: replaced @op@ with =, @pkg_version@ with
${binary:Version}, and @pkg_sversion@ by ${source:Version}
* debian/control.cacao-jre: same
* debian/control.jamvm-jre: same
* debian/control.zero-jre: same
[ Matthias Klose ]
* Fix clean-up of dependency generation.
-- Matthias Klose <doko@ubuntu.com> Tue, 26 Jan 2016 12:46:18 +0100
|
Matthias Klose |
9 years ago
|
 |
|
| 573
|
|
openjdk-6 (6b37-1.13.9-1) experimental; urgency=medium
[ Tiago Stürmer Daitx ]
* IcedTea 1.13.9 release.
* Security fixes:
- S8048030, CVE-2015-4734: Expectations should be consistent
- S8068842, CVE-2015-4803: Better JAXP data handling
- S8076339, CVE-2015-4903: Better handling of remote object invocation
- S8076383, CVE-2015-4835: Better CORBA exception handling
- S8076387, CVE-2015-4882: Better CORBA value handling
- S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
- S8076413, CVE-2015-4883: Better JRMP message handling
- S8078427, CVE-2015-4842: More supportive home environment
- S8078440: Safer managed types
- S8080541: More direct property handling
- S8080688, CVE-2015-4860: Service for DGC services
- S8081760: Better group dynamics
- S8086733, CVE-2015-4893: Improve namespace handling
- S8087350: Improve array conversions
- S8103671, CVE-2015-4805: More objective stream classes
- S8103675: Better Binary searches
- S8130078, CVE-2015-4911: Document better processing
- S8130193, CVE-2015-4806: Improve HTTP connections
- S8130864: Better server identity handling
- S8130891, CVE-2015-4843: (bf) More direct buffering
- S8131291, CVE-2015-4872: Perfect parameter patterning
- S8132042, CVE-2015-4844: Preserve layout presentation
-- Matthias Klose <doko@ubuntu.com> Thu, 19 Nov 2015 01:12:55 +0100
|
Matthias Klose |
9 years ago
|
|
|
| 572
|
|
openjdk-6 (6b36-1.13.8-1) experimental; urgency=medium
* IcedTea 1.13.8 release.
* Security fixes:
- S8043202, CVE-2015-2808: Prohibit RC4 cipher suites.
- S8067694, CVE-2015-2625: Improved certification checking.
- S8071715, CVE-2015-4760: Tune font layout engine.
- S8071731: Better scaling for C1.
- S8072490: Better font morphing redux.
- S8072887: Better font handling improvements.
- S8073334: Improved font substitutions.
- S8073773: Presume path preparedness.
- S8073894: Getting to the root of certificate chains.
- S8074330: Set font anchors more solidly.
- S8074335: Substitute for substitution formats.
- S8074865, CVE-2015-2601: General crypto resilience changes.
- S8074871: Adjust device table handling.
- S8075374, CVE-2015-4748: Responding to OCSP responses.
- S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling.
- S8075738: Better multi-JVM sharing.
- S8075838: Method for typing MethodTypes.
- S8075853, CVE-2015-2621: Proxy for MBean proxies.
- S8076328, CVE-2015-4000: Enforce key exchange constraints.
- S8076376, CVE-2015-2628: Enhance IIOP operations.
- S8076397, CVE-2015-4731: Better MBean connections.
- S8076401, CVE-2015-2590: Serialize OIS data.
- S8076405, CVE-2015-4732: Improve serial serialization.
- S8076409, CVE-2015-4733: Reinforce RMI framework.
- S8077520, CVE-2015-2632: Morph tables into improved form.
- PR2488, CVE-2015-4000: Make jdk8 mode the default for
jdk.tls.ephemeralDHKeySize.
* Refresh patches.
-- Matthias Klose <doko@ubuntu.com> Fri, 31 Jul 2015 16:24:22 +0200
|
Matthias Klose |
9 years ago
|
|
|
| 571
|
|
openjdk-6 (6b35-1.13.7-1) unstable; urgency=medium
* IcedTea 1.13.7 release.
* Security fixes:
- S8059064: Better G1 log caching.
- S8060461: Fix for JDK-8042609 uncovers additional issue.
- S8064601, CVE-2015-0480: Improve jar file handling.
- S8065286: Fewer subtable substitutions.
- S8065291: Improved font lookups.
- S8066479: Better certificate chain validation.
- S8067050: Better font consistency checking.
- S8067684: Better font substitutions.
- S8067699, CVE-2015-0469: Better glyph storage.
- S8068320, CVE-2015-0477: Limit applet requests.
- S8068720, CVE-2015-0488: Better certificate options checking.
- S8069198: Upgrade image library.
- S8071726, CVE-2015-0478: Better RSA optimizations.
- S8071818: Better vectorization on SPARC.
- S8071931, CVE-2015-0460: Return of the phantom menace.
-- Matthias Klose <doko@ubuntu.com> Wed, 15 Apr 2015 16:18:56 +0200
openjdk-6 (6b34-1.13.6-1) unstable; urgency=high
* IcedTea 1.13.6 release.
* Security fixes:
- S8046656: Update protocol support.
- S8047125, CVE-2015-0395: (ref) More phantom object references.
- S8047130: Fewer escapes from escape analysis.
- S8048035, CVE-2015-0400: Ensure proper proxy protocols.
- S8049253: Better GC validation.
- S8050807, CVE-2015-0383: Better performing performance data handling.
- S8054367, CVE-2015-0412: More references for endpoints.
- S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel.
- S8055309, CVE-2015-0408: RMI needs better transportation considerations.
- S8055479: TLAB stability.
- S8055489, CVE-2014-6585: Better substitution formats.
- S8056264, CVE-2014-6587: Multicast support improvements.
- S8056276, CVE-2014-6591: Fontmanager feature improvements.
- S8057555, CVE-2014-6593: Less cryptic cipher suite management.
- S8058982, CVE-2014-6601: Better verification of an exceptional
invokespecial.
- S8059485, CVE-2015-0410: Resolve parsing ambiguity.
- S8061210, CVE-2014-3566: Issues in TLS.
* Fix applying the fontconfig-dejavu patch for older releases.
* Fix build on mips64 and mips64el. Addresses #776295.
-- Matthias Klose <doko@ubuntu.com> Mon, 26 Jan 2015 13:48:18 +0100
|
Matthias Klose |
10 years ago
|
|
|
| 570
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 569
|
|
openjdk-6 (6b33-1.13.5-2) unstable; urgency=medium
* Fix libjpeg runtime dependency.
* Fix regression running JamVM after the 2.5.3 security update.
* Fix regression running CACAO after the 2.5.3 security update.
* Fix typo in package description. Closes: #706341.
-- Matthias Klose <doko@ubuntu.com> Thu, 13 Nov 2014 12:15:51 +0100
openjdk-6 (6b33-1.13.5-1) unstable; urgency=medium
* IcedTea 1.13.5 release.
* Security fixes:
- S8015256: Better class accessibility.
- S8022783, CVE-2014-6504: Optimize C2 optimizations.
- S8035162: Service printing service.
- S8035781: Improve equality for annotations.
- S8036805: Correct linker method lookup.
- S8036810: Correct linker field lookup.
- S8037066, CVE-2014-6457: Secure transport layer.
- S8037846, CVE-2014-6558: Ensure streaming of input cipher streams.
- S8038899: Safer safepoints.
- S8038903: More native monitor monitoring.
- S8038908: Make Signature more robust.
- S8038913: Bolster XML support.
- S8039509, CVE-2014-6512: Wrap sockets more thoroughly.
- S8039533, CVE-2014-6517: Higher resolution resolvers.
- S8041540, CVE-2014-6511: Better use of pages in font processing.
- S8041545: Better validation of generated rasters.
- S8041564, CVE-2014-6506: Improved management of logger resources.
- S8041717, CVE-2014-6519: Issue with class file parser.
- S8042609, CVE-2014-6513: Limit splashiness of splash images.
- S8042797, CVE-2014-6502: Avoid strawberries in LogRecord.
- S8044274, CVE-2014-6531: Proper property processing.
* Update to JamVM-2.0.0.
* Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo
(Ondřej Surý). Closes: #763488.
* Depend on libnss3 instead of libnss3-1d for recent releases.
Closes: #760122.
-- Matthias Klose <doko@ubuntu.com> Wed, 15 Oct 2014 09:43:32 +0200
|
Matthias Klose |
10 years ago
|
|
|
| 568
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 567
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 566
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 565
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 564
|
|
|
Matthias Klose |
10 years ago
|
|
|
| 563
|
|
openjdk-6 (6b32-1.13.4-1) unstable; urgency=high
* IcedTea 1.13.4 release.
* Security fixes:
- S8029755, CVE-2014-4209: Enhance subject class.
- S8030763: Validate global memory allocation.
- S8031346, CVE-2014-4244: Enhance RSA key handling.
- S8031540: Introduce document horizon.
- S8032536: JVM resolves wrong method in some unusual cases.
- S8033055: Issues in 2d.
- S8033301, CVE-2014-4266: Build more informative InfoBuilder.
- S8034267: Probabilistic native crash.
- S8034272: Do not cram data into CRAM arrays.
- S8035004, CVE-2014-4252: Provider provides less service.
- S8035009, CVE-2014-4218: Make Proxy representations consistent.
- S8035119, CVE-2014-4219: Fix exceptions to bytecode verification.
- S8035699, CVE-2014-4268: File choosers should be choosier.
- S8036571: (process) Process process arguments carefully.
- S8036800: Attribute OOM to correct part of code.
- S8037046: Validate libraries to be loaded.
- S8037157: Verify <init> call.
- S8037076, CVE-2014-2490: Check constant pool constants.
- S8037162, CVE-2014-4263: More robust DH exchanges.
- S8037167, CVE-2014-4216: Better method signature resolution.
- S8039520, CVE-2014-4262: More atomicity of atomic updates.
-- Matthias Klose <doko@ubuntu.com> Wed, 16 Jul 2014 02:22:50 +0200
|
Matthias Klose |
10 years ago
|
|
|
| 562
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 561
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 560
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 559
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 558
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 557
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 556
|
|
|
Matthias Klose |
11 years ago
|
|
|
| 555
|
|
|
Matthias Klose |
11 years ago
|
|
|
collapse all