Ubuntu

“openjdk-6” 6b20-1.9.10-0ubuntu1~10.04.2 source package in Ubuntu

Changelog

openjdk-6 (6b20-1.9.10-0ubuntu1~10.04.2) lucid-security; urgency=low

  * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
    - debian/patches/SOP-bypass-icedtea6-1.9.patch: Remove special
      case for SocketPermission.
    - CVE-2011-3377
    - Applied inline due to needing to apply patches only once for netx,
      not for every vm

openjdk-6 (6b20-1.9.10-0ubuntu1~10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.9.10 Release:
    - Security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak.
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
      - S7032417, CVE-2011-3552: excessive default UDP socket limit under
        SecurityManager.
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
      - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
        engine.
      - S7055902, CVE-2011-3521: IIOP deserialization code execution.
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
        error checks.
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
        against SSL/TLS (BEAST).
      - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
        PorterStemmer.
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution.
      - S7083012, CVE-2011-3557: RMI registry privileged code execution.
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection.
 -- Steve Beattie <email address hidden>   Tue, 08 Nov 2011 02:54:46 -0800

Upload details

Uploaded by:
Steve Beattie on 2011-11-08
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
java
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
openjdk-6_6b20-1.9.10.orig.tar.gz 70.5 MiB f97eed745eb846116fc9558b55442c54
openjdk-6_6b20-1.9.10-0ubuntu1~10.04.2.diff.gz 132.8 KiB 9e4dc9d06a85f775c313dcf0533db8b9
openjdk-6_6b20-1.9.10-0ubuntu1~10.04.2.dsc 3.1 KiB 9defc43d58d18375e7324f8d57c5f07d

Binary packages built by this source

icedtea-6-jre-cacao: Alternative JVM for OpenJDK, using Cacao

 The package provides an alternative runtime using the Cacao VM and the
 Cacao Just In Time Compiler (JIT). This is a somewhat faster alternative
 than the Zero port on architectures like alpha, armel, m68k, mips, mipsel,
 powerpc and s390.
 .
 The VM is started with the option `-cacao'. See the README.Debian for details.

icedtea6-plugin: web browser plugin to execute Java applets (dependency package)

 IcedTeaPlugin is a web browser plugin to execute Java applets, supporting
 LiveConnect/JavaScript. It is targeted for xulrunner-1.9 and compatible
 browsers that support the NPAPI.
 .
 This is a dependency package, it can be safely removed after upgrade.

openjdk-6-dbg: Java runtime based on OpenJDK (debugging symbols)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the debugging symbols.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-demo: Java runtime based on OpenJDK (demos and examples)

 OpenJDK Java runtime
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-doc: OpenJDK Development Kit (JDK) documentation

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the API documentation.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jdk: OpenJDK Development Kit (JDK)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre: OpenJDK Java runtime, using Hotspot Zero

 Full Java runtime environment - needed for executing Java GUI and Webstart
 programs. Using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-headless: OpenJDK Java runtime, using Hotspot Zero (headless)

 Minimal Java runtime - needed for executing non GUI Java programs.
 Using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-lib: OpenJDK Java runtime (architecture independent libraries)

 OpenJDK Java runtime, using Hotspot JIT.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-zero: Alternative JVM for OpenJDK, using Zero/Shark

 The package provides an alternative runtime using the Zero VM and the
 Shark Just In Time Compiler (JIT). Built on architectures in addition
 to the Hotspot VM as a debugging aid for those architectures which don't
 have a Hotspot VM.
 .
 The VM is started with the option `-zero'. See the README.Debian for details.

openjdk-6-source: OpenJDK Development Kit (JDK) source files

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the Java programming language source files
 (src.zip) for all classes that make up the Java core API.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.