-
Committer:
Bazaar Package Importer
-
Author(s):
Steve Beattie
-
Date:
2011-06-14 11:13:28 UTC
-
mfrom:
(0.54.1 upstream)
-
Revision ID:
james.westby@ubuntu.com-20110614111328-90qwm14xxcrm3lml
Tags: 6b20-1.9.8-0ubuntu1~10.10.1
* SECURITY UPDATE: IcedTea6 1.9.8 Release:
- S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP
urgent disabled get still selected for read ops (win)
- S6618658, CVE-2011-0865: Vulnerability in deserialization
- S7012520, CVE-2011-0815: Heap overflow vulnerability in
FileDialog.show()
- S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in
2D code
- S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
bindings
- S7013971, CVE-2011-0869: Vulnerability in SAAJ
- S7016340, CVE-2011-0870: Vulnerability in SAAJ
- S7016495, CVE-2011-0868: Crash in Java 2D transforming an image
with scale close to zero
- S7020198, CVE-2011-0871: ImageIcon creates Component with
null acc
- S7020373, CVE-2011-0864: JSR rewriting can overflow memory
address size variables
* debian/generate_debian_orig.sh: adjust settings to match the
generation of this update.
* Makefile.{am,in}: don't apply patches/jtreg-LastErrorString.patch as
it causes the testsuite runner to fail.