Ubuntu

“openjdk-6b18” 6b18-1.8.10-0ubuntu1~10.04.2 source package in Ubuntu

Changelog

openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.04.2) lucid-security; urgency=low

  * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
    - debian/patches/SOP-bypass-icedtea6-1.8.patch: Remove special
      case for SocketPermission.
    - CVE-2011-3377
    - Applied inline due to needing to apply patches only once for netx,
      not for every vm

openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
    - security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer
        overflow
      - S7032417, CVE-2011-3552: excessive default UDP socket limit
        under SecurityManager
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
      - S7046823, CVE-2011-3544: missing SecurityManager checks in
        scripting engine
      - S7055902, CVE-2011-3521: IIOP deserialization code execution
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files
        uncompress error checks
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
        attack against SSL/TLS (BEAST)
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution
      - S7083012, CVE-2011-3557: RMI registry privileged code execution
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection
    - unapplied previous updates inline changes as they were
      incorporated upstream; remaining changes in Makefile.{in,am} and
      ports/hotspot/make/linux/makefiles/zeroshark.make
 -- Steve Beattie <email address hidden>   Tue, 08 Nov 2011 14:08:52 -0800

Upload details

Uploaded by:
Steve Beattie on 2011-11-08
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
armel
Section:
java
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Lucid: [FULLYBUILT] armel

Downloads

File Size MD5 Checksum
openjdk-6b18_6b18-1.8.10.orig.tar.gz 70.0 MiB 905894e17fe7f6beb715aea497dbe393
openjdk-6b18_6b18-1.8.10-0ubuntu1~10.04.2.diff.gz 135.5 KiB 03f1389eae08d0c0737b5f189eaac36a
openjdk-6b18_6b18-1.8.10-0ubuntu1~10.04.2.dsc 3.1 KiB b88ac51af6b1b7b1e8bb3326cf1a7cde

Binary packages built by this source

icedtea-6-jre-cacao: Alternative JVM for OpenJDK, using Cacao

 The package provides an alternative runtime using the Cacao VM and the
 Cacao Just In Time Compiler (JIT). This is a somewhat faster alternative
 than the Zero port on architectures like alpha, armel, m68k, mips, mipsel,
 powerpc and s390.
 .
 The VM is started with the option `-cacao'. See the README.Debian for details.

icedtea6-plugin: web browser plugin to execute Java applets (dependency package)

 IcedTeaPlugin is a web browser plugin to execute Java applets, supporting
 LiveConnect/JavaScript. It is targeted for xulrunner-1.9 and compatible
 browsers that support the NPAPI.
 .
 This is a dependency package, it can be safely removed after upgrade.

openjdk-6-dbg: Java runtime based on OpenJDK (debugging symbols)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the debugging symbols.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-demo: Java runtime based on OpenJDK (demos and examples)

 OpenJDK Java runtime
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jdk: OpenJDK Development Kit (JDK)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre: OpenJDK Java runtime, using Hotspot Zero

 Full Java runtime environment - needed for executing Java GUI and Webstart
 programs. Using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-headless: OpenJDK Java runtime, using Hotspot Zero (headless)

 Minimal Java runtime - needed for executing non GUI Java programs.
 Using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.