Changelog
openjdk-6b18 (6b18-1.8.7-0ubuntu3) natty; urgency=low
* Remove obsolete patch.
openjdk-6b18 (6b18-1.8.7-0ubuntu2) natty; urgency=low
* Browser plugin and Webstart are built from icedtea-web. LP: #726845.
openjdk-6b18 (6b18-1.8.7-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.7 release.
- S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption.
- S6907662, CVE-2010-4465: Swing timer-based security manager bypass.
- S6994263, CVE-2010-4472: Untrusted code allowed to replace
DSIG/C14N implementation.
- S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets.
- S6983554, CVE-2010-4450: Launcher incorrect processing of empty
library path entries.
- S6985453, CVE-2010-4471: Java2D font-related system property leak.
- S6927050, CVE-2010-4470: JAXP untrusted component state manipulation.
- CVE-2011-0706: Multiple signers privilege escalation.
* IcedTea6 1.8.6 release.
- S4421494, CVE-2010-4476: infinite loop while parsing double literal.
openjdk-6b18 (6b18-1.8.5-0ubuntu1) maverick-security; urgency=low
* IcedTea6 1.8.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass.
-- Matthias Klose <email address hidden> Wed, 02 Mar 2011 20:35:26 +0100
