-
openjdk-7 (7u55-2.4.7-1ubuntu1~0.13.10.1) saucy-security; urgency=medium
* Backport for Ubuntu 13.10 (LP: #1283828)
openjdk-7 (7u55-2.4.7-1ubuntu1) trusty-security; urgency=medium
* Regenerate the control file.
openjdk-7 (7u55-2.4.7-1) unstable; urgency=high
* IcedTea7 2.4.7 release.
* Security fixes
- S8023046: Enhance splashscreen support.
- S8025005: Enhance CORBA initializations.
- S8025010, CVE-2014-2412: Enhance AWT contexts.
- S8025030, CVE-2014-2414: Enhance stream handling.
- S8025152, CVE-2014-0458: Enhance activation set up.
- S8026067: Enhance signed jar verification.
- S8026163, CVE-2014-2427: Enhance media provisioning.
- S8026188, CVE-2014-2423: Enhance envelope factory.
- S8026200: Enhance RowSet Factory.
- S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling.
- S8026736, CVE-2014-2398: Enhance Javadoc pages.
- S8026797, CVE-2014-0451: Enhance data transfers.
- S8026801, CVE-2014-0452: Enhance endpoint addressing.
- S8027766, CVE-2014-0453: Enhance RSA processing.
- S8027775: Enhance ICU code.
- S8027841, CVE-2014-0429: Enhance pixel manipulations.
- S8028385: Enhance RowSet Factory.
- S8029282, CVE-2014-2403: Enhance CharInfo set up.
- S8029286: Enhance subject delegation.
- S8029699: Update Poller demo.
- S8029730: Improve audio device additions.
- S8029735: Enhance service mgmt natives.
- S8029740, CVE-2014-0446: Enhance handling of loggers.
- S8029745, CVE-2014-0454: Enhance algorithm checking.
- S8029750: Enhance LCMS color processing (LCMS 2 only).
- S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg).
- S8029844, CVE-2014-0455: Enhance argument validation.
- S8029854, CVE-2014-2421: Enhance JPEG decodings.
- S8029858, CVE-2014-0456: Enhance array copies.
- S8030731, CVE-2014-0460: Improve name service robustness.
- S8031330: Refactor ObjectFactory.
- S8031335, CVE-2014-0459: Better color profiling.
- S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng).
- S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader.
- S8031395: Enhance LDAP processing.
- S8032686, CVE-2014-2413: Issues with method invoke.
- S8033618, CVE-2014-1876: Correct logging output.
- S8034926, CVE-2014-2397: Attribute classes properly.
- S8036794, CVE-2014-0461: Manage JavaScript instances.
* AArch64 fixes.
openjdk-7 (7u51-2.4.6-1ubuntu4) trusty; urgency=medium
* AArch64 hotspot fixes (Ed Nevill):
- Use gcc __clear_cache instead of doing it ourselves.
- Preserve callee save FP registers around call to java code.
openjdk-7 (7u51-2.4.6-1ubuntu3) trusty; urgency=medium
* Don't search ecj.jar when it is not required for the build.
openjdk-7 (7u51-2.4.6-1ubuntu2) trusty; urgency=medium
* Fix the AArch64 build.
* Regenerate the control file.
openjdk-7 (7u51-2.4.6-1) unstable; urgency=medium
* IcedTea7 2.4.6 release.
* Explicitly use AC_MAINTAINER_MODE and automake-1.11 to create the
debian .orig tarball. Addresses: #740289.
* Apply patch from upstream to fix bold fonts in Swing applications using
GTK L&F (Ryan Tandy). LP: #937200.
* Explicitly build-depend on libkrb5-dev.
* On AArch64 don't use the hotsport backport for the zero build.
openjdk-7 (7u51-2.4.6~pre1-1) unstable; urgency=medium
* IcedTea7 2.4.6 prerelease.
* Fix icedtea-web build failure on kfreebsd-* (unable to find
sun.security.util.SecurityConstants). Steven Chamberlain. Closes: #739032.
* Update the AArch64 Hotspot.
openjdk-7 (7u51-2.4.5-2) unstable; urgency=medium
* Update the KFreeBSD patch (Steven Chamberlain). Closes: #736291.
openjdk-7 (7u51-2.4.5-1) unstable; urgency=medium
* IcedTea7 2.4.5 release.
* Build Hotspot client and server vms for AArch64.
-- Jamie Strandboge <email address hidden> Thu, 17 Apr 2014 14:40:32 -0500
-
openjdk-7 (7u51-2.4.4-0ubuntu0.13.10.1) saucy-security; urgency=medium
* Backport for Ubuntu 13.10
openjdk-7 (7u51-2.4.4-1ubuntu1) trusty; urgency=medium
* Regenerate the control file.
openjdk-7 (7u51-2.4.4-1) unstable; urgency=medium
* IcedTea7 2.4.4 release.
* Security fixes
- S6727821: Enhance JAAS Configuration.
- S7068126, CVE-2014-0373: Enhance SNMP statuses.
- S8010935: Better XML handling.
- S8011786, CVE-2014-0368: Better applet networking.
- S8021257, S8025022, CVE-2013-5896 : com.sun.corba.se.** should be
on restricted package list.
- S8021271, S8021266, CVE-2014-0408: Better buffering in ObjC code.
- S8022904: Enhance JDBC Parsers.
- S8022927: Input validation for byte/endian conversions.
- S8022935: Enhance Apache resolver classes.
- S8022945: Enhance JNDI implementation classes.
- S8023057: Enhance start up image display.
- S8023069, CVE-2014-0411: Enhance TLS connections.
- S8023245, CVE-2014-0423: Enhance Beans decoding.
- S8023301: Enhance generic classes.
- S8023338: Update jarsigner to encourage timestamping.
- S8023672: Enhance jar file validation.
- S8024302: Clarify jar verifications.
- S8024306, CVE-2014-0416: Enhance Subject consistency.
- S8024530: Enhance font process resilience.
- S8024867: Enhance logging start up.
- S8025014: Enhance Security Policy.
- S8025018, CVE-2014-0376: Enhance JAX-P set up.
- S8025026, CVE-2013-5878: Enhance canonicalization.
- S8025034, CVE-2013-5907: Improve layout lookups.
- S8025448: Enhance listening events.
- S8025758, CVE-2014-0422: Enhance Naming management.
- S8025767, CVE-2014-0428: Enhance IIOP Streams.
- S8026172: Enhance UI Management.
- S8026176: Enhance document printing.
- S8026193, CVE-2013-5884: Enhance CORBA stub factories.
- S8026204: Enhance auth login contexts.
- S8026417, CVE-2013-5910: Enhance XML canonicalization.
- S8026502: java/lang/invoke/MethodHandleConstants.java fails on all
platforms.
- S8027201, CVE-2014-0376: Enhance JAX-P set up.
- S8029507, CVE-2013-5893: Enhance JVM method processing.
- S8029533: REGRESSION: closed/java/lang/invoke/8008140/Test8008140.java
fails agains.
* Remove alpha from stage1_gcj_archs.
* Use the langtools and jdk tarballs as provided by IcedTea.
* Hotspot is dead on sparc. Build the zero interpreter as the default.
* Blindly update the KF***BSD patches.
openjdk-7 (7u45-2.4.3-5) unstable; urgency=medium
* Run the jtreg tests on powerpcspe, tested by Roland Stigge.
* Fix zero builds on 64k page kernel configs.
* Fix more IcedTea bits to build on x32.
openjdk-7 (7u45-2.4.3-4) unstable; urgency=low
* Re-enable running the testsuite on powerpc.
* Run the testsuite on AArch64.
* Fix IcedTea bits to build on x32.
openjdk-7 (7u45-2.4.3-3) unstable; urgency=low
* Don't build on s390 anymore.
* Update hotspot-mips-align patch (Aurelien Jarno). Closes: #732528).
* Build for ppc64el.
* Try to build zero on x32.
* Configure with --enable-zero on sparc and sparc64.
openjdk-7 (7u45-2.4.3-2.3) unstable; urgency=medium
* Disable bootstrap build on alpha. Closes: #719671.
* Disable running the jdk jtreg tests on the hotspot architectures.
Hanging on the buildds.
* Re-enable the jexec patch, program logic confused by running jexec
outside the assumed java home. Closes: #731961.
* Don't apply the s390 patches on s390x. s390 is successfully dead.
* Fix zero builds on little endian architectures, taken from the trunk.
openjdk-7 (7u45-2.4.3-1) unstable; urgency=medium
* IcedTea7 2.4.3 release.
* Security fixes:
- S8006900, CVE-2013-3829: Add new date/time capability.
- S8008589: Better MBean permission validation.
- S8011071, CVE-2013-5780: Better crypto provider handling.
- S8011081, CVE-2013-5772: Improve jhat.
- S8011157, CVE-2013-5814: Improve CORBA portablility.
- S8012071, CVE-2013-5790: Better Building of Beans.
- S8012147: Improve tool support.
- S8012277: CVE-2013-5849: Improve AWT DataFlavor.
- S8012425, CVE-2013-5802: Transform TransformerFactory.
- S8013503, CVE-2013-5851: Improve stream factories.
- S8013506: Better Pack200 data handling.
- S8013510, CVE-2013-5809: Augment image writing code.
- S8013514: Improve stability of cmap class.
- S8013739, CVE-2013-5817: Better LDAP resource management.
- S8013744, CVE-2013-5783: Better tabling for AWT.
- S8014085: Better serialization support in JMX classes.
- S8014093, CVE-2013-5782: Improve parsing of images.
- S8014098: Better profile validation.
- S8014102, CVE-2013-5778: Improve image conversion.
- S8014341, CVE-2013-5803: Better service from Kerberos servers.
- S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic
in some class loader configurations.
- S8014530, CVE-2013-5825: Better digital signature processing.
- S8014534: Better profiling support.
- S8014987, CVE-2013-5842: Augment serialization handling.
- S8015614: Update build settings.
- S8015731: Subject java.security.auth.subject to improvements.
- S8015743, CVE-2013-5774: Address internet addresses.
- S8016256: Make finalization final.
- S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters
in names.
- S8016675, CVE-2013-5797: Make Javadoc pages more robust.
- S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately.
- S8017287, CVE-2013-5829: Better resource disposal.
- S8017291, CVE-2013-5830: Cast Proxies Aside.
- S8017298, CVE-2013-4002: Better XML support.
- S8017300, CVE-2013-5784: Improve Interface Implementation.
- S8017505, CVE-2013-5820: Better Client Service.
- S8019292: Better Attribute Value Exceptions.
- S8019617: Better view of objects.
- S8020293: JVM crash.
- S8021275, CVE-2013-5805: Better screening for ScreenMenu.
- S8021282, CVE-2013-5806: Better recycling of object instances.
- S8021286: Improve MacOS resourcing.
- S8021290, CVE-2013-5823: Better signature validation.
- S8022931, CVE-2013-5800: Enhance Kerberos exceptions.
- S8022940: Enhance CORBA translations.
- S8023683: Enhance class file parsing.
* Fix build failure on mips* (Aurelien Jarno). Closes: #729448).
* Run autoreconf. Closes: #724083.
* Merge the -jre-lib package into -jre-headless. Simplifies the packaging
and the savings were not as big as wanted, because the rt.jar is still
architecture dependant. Closes: #641049, #722510.
openjdk-7 (7u25-2.3.12-4ubuntu3) saucy; urgency=low
* Apply missing patch to fix arm64/AArch64 detection.
openjdk-7 (7u25-2.3.12-4ubuntu2) saucy; urgency=low
* openjdk-jre-headless: Loosen the dependency on -jre-lib.
openjdk-7 (7u25-2.3.12-4ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.12-4) unstable; urgency=low
* Add the hotspot patches for AArch64, which apparently were not
included in the IcedTea release by intent.
* Don't interpret arm64 as an ARM architecture, but as AArch64. So
much for Debian calling this port arm64 ...
* Use host macros instead of build macros for corba and hotspot config.
* Re-add multiarch library directories to the default library path.
Closes: #712567.
* Enable the two-stage build on alpha. Closes: #719671.
* Build for powerpcspe (Roland Stigge). Closes: #712686.
* Recommend fonts-dejavu-extra instead of ttf-dejavu-extra for current
releases. Closes: #718839.
openjdk-7 (7u25-2.3.12-3) unstable; urgency=low
* Fix kFreeBSD builds (Thanks to Christoph Egger for his help).
openjdk-7 (7u25-2.3.12-2) unstable; urgency=low
[ Matthias Klose ]
* Regenerate the hotspot-s390 patch.
[ Damien Raude-Morvan ]
* Update kfreebsd patches.
openjdk-7 (7u25-2.3.12-1) unstable; urgency=low
* IcedTea7 2.3.12 release.
* Don't build with pulseaudio on arm64.
* Disable bootstraped build on s390 and sparc.
openjdk-7 (7u25-2.3.10-2ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.10-2) unstable; urgency=low
[ Matthias Klose ]
* Fix gcj-jdk build dependency on ia64 and s390.
* Build zero on arm64.
[ Gianfranco Costamagna ]
* Fix build failure on kfreebsd (Closes: #714528)
-- Jamie Strandboge <email address hidden> Wed, 15 Jan 2014 14:48:27 -0600
-
openjdk-7 (7u25-2.3.12-4ubuntu3) saucy; urgency=low
* Apply missing patch to fix arm64/AArch64 detection.
-- Matthias Klose <email address hidden> Fri, 11 Oct 2013 17:51:33 +0200
-
openjdk-7 (7u25-2.3.12-4ubuntu2) saucy; urgency=low
* openjdk-jre-headless: Loosen the dependency on -jre-lib.
-- Matthias Klose <email address hidden> Wed, 09 Oct 2013 16:29:15 +0200
-
openjdk-7 (7u25-2.3.12-4ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.12-4) unstable; urgency=low
* Add the hotspot patches for AArch64, which apparently were not
included in the IcedTea release by intent.
* Don't interpret arm64 as an ARM architecture, but as AArch64. So
much for Debian calling this port arm64 ...
* Use host macros instead of build macros for corba and hotspot config.
* Re-add multiarch library directories to the default library path.
Closes: #712567.
* Enable the two-stage build on alpha. Closes: #719671.
* Build for powerpcspe (Roland Stigge). Closes: #712686.
* Recommend fonts-dejavu-extra instead of ttf-dejavu-extra for current
releases. Closes: #718839.
openjdk-7 (7u25-2.3.12-3) unstable; urgency=low
* Fix kFreeBSD builds (Thanks to Christoph Egger for his help).
openjdk-7 (7u25-2.3.12-2) unstable; urgency=low
[ Matthias Klose ]
* Regenerate the hotspot-s390 patch.
[ Damien Raude-Morvan ]
* Update kfreebsd patches.
-- Matthias Klose <email address hidden> Fri, 16 Aug 2013 12:09:47 +0200
-
openjdk-7 (7u25-2.3.12-1ubuntu1) saucy; urgency=low
* Upload to saucy.
openjdk-7 (7u25-2.3.12-1) unstable; urgency=low
* IcedTea7 2.3.12 release.
* Don't build with pulseaudio on arm64.
* Disable bootstraped build on s390 and sparc.
-- Matthias Klose <email address hidden> Fri, 02 Aug 2013 15:52:26 +0000
-
openjdk-7 (7u25-2.3.10-2ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.10-2) unstable; urgency=low
[ Matthias Klose ]
* Fix gcj-jdk build dependency on ia64 and s390.
* Build zero on arm64.
[ Gianfranco Costamagna ]
* Fix build failure on kfreebsd (Closes: #714528)
-- Matthias Klose <email address hidden> Mon, 15 Jul 2013 23:59:45 +0200
-
openjdk-7 (7u25-2.3.10-1ubuntu1) saucy; urgency=low
* Regenerate the control file.
openjdk-7 (7u25-2.3.10-1) unstable; urgency=high
* IcedTea7 2.3.10 release.
* Security fixes
* S6741606, CVE-2013-2407: Integrate Apache Santuario.
* S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls.
* S7170730, CVE-2013-2451: Improve Windows network stack support.
* S8000638, CVE-2013-2450: Improve deserialization.
* S8000642, CVE-2013-2446: Better handling of objects for transportation.
* S8001032: Restrict object access.
* S8001033, CVE-2013-2452: Refactor network address handling in virtual
machine identifiers.
* S8001034, CVE-2013-1500: Memory management improvements.
* S8001038, CVE-2013-2444: Resourcefully handle resources.
* S8001043: Clarify definition restrictions.
* S8001308: Update display of applet windows.
* S8001309: Better handling of annotation interfaces.
* S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with
InetAddress.getLocalHost.
* S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only).
* S8003703, CVE-2013-2412: Update RMI connection dialog box.
* S8004288, CVE-2013-2449: (fs) Files.probeContentType problems.
* S8004584: Augment applet contextualization.
* S8005007: Better glyph processing.
* S8006328, CVE-2013-2448: Improve robustness of sound classes.
* S8006611: Improve scripting.
* S8007467: Improve robustness of JMX internal APIs.
* S8007471: Improve MBean notifications.
* S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes.
* S8007925: Improve cmsStageAllocLabV2ToV4curves.
* S8007926: Improve cmsPipelineDup.
* S8007927: Improve cmsAllocProfileSequenceDescription.
* S8007929: Improve CurvesAlloc.
* S8008120, CVE-2013-2457: Improve JMX class checking.
* S8008124, CVE-2013-2453: Better compliance testing.
* S8008128: Better API coherence for JMX.
* S8008132, CVE-2013-2456: Better serialization support.
* S8008585: Better JMX data handling.
* S8008593: Better URLClassLoader resource management.
* S8008603: Improve provision of JMX providers.
* S8008607: Better input checking in JMX.
* S8008611: Better handling of annotations in JMX.
* S8008615: Improve robustness of JMX internal APIs.
* S8008623: Better handling of MBeanServers.
* S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606.
* S8008982: Adjust JMX for underlying interface changes.
* S8009004: Better implementation of RMI connections.
* S8009008: Better manage management-api.
* S8009013: Better handling of T2K glyphs.
* S8009034: Improve resulting notifications in JMX.
* S8009038: Improve JMX notification support.
* S8009057, CVE-2013-2448: Improve MIDI event handling.
* S8009067: Improve storing keys in KeyStore.
* S8009071, CVE-2013-2459: Improve shape handling.
* S8009235: Improve handling of TSA data.
* S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change.
* S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields.
* S8009654: Improve stability of cmsnamed.
* S8010209, CVE-2013-2460: Better provision of factories.
* S8011243, CVE-2013-2470: Improve ImagingLib.
* S8011248, CVE-2013-2471: Better Component Rasters.
* S8011253, CVE-2013-2472: Better Short Component Rasters.
* S8011257, CVE-2013-2473: Better Byte Component Rasters.
* S8012375, CVE-2013-1571: Improve Javadoc framing.
* S8012421: Better positioning of PairPositioning.
* S8012438, CVE-2013-2463: Better image validation.
* S8012597, CVE-2013-2465: Better image channel verification.
* S8012601, CVE-2013-2469: Better validation of image layouts.
* S8014281, CVE-2013-2461: Better checking of XML signature.
* S8015997: Additional improvement in Javadoc framing.
* Breaks icedtea-netx (<< 1.4-2).
-- Matthias Klose <email address hidden> Sun, 30 Jun 2013 22:39:51 +0200
-
openjdk-7 (7u21-2.3.9-1ubuntu1) raring; urgency=low
* Regenerate the control file.
openjdk-7 (7u21-2.3.9-1) unstable; urgency=high
* IcedTea7 2.3.9 release.
* Security fixes:
- S6657673, CVE-2013-1518: Issues with JAXP.
- S7200507: Refactor Introspector internals.
- S8000724, CVE-2013-2417: Improve networking serialization.
- S8001031, CVE-2013-2419: Better font processing.
- S8001040, CVE-2013-1537: Rework RMI model.
- S8001322: Refactor deserialization.
- S8001329, CVE-2013-1557: Augment RMI logging.
- S8003335: Better handling of Finalizer thread.
- S8003445: Adjust JAX-WS to focus on API.
- S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
- S8004261: Improve input validation.
- S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames.
- S8004986, CVE-2013-2383: Better handling of glyph table.
- S8004987, CVE-2013-2384: Improve font layout.
- S8004994, CVE-2013-1569: Improve checking of glyph table.
- S8005432: Update access to JAX-WS.
- S8005943: (process) Improved Runtime.exec.
- S8006309: More reliable control panel operation.
- S8006435, CVE-2013-2424: Improvements in JMX.
- S8006790: Improve checking for windows.
- S8006795: Improve font warning messages.
- S8007406: Improve accessibility of AccessBridge.
- S8007617, CVE-2013-2420: Better validation of images.
- S8007667, CVE-2013-2430: Better image reading.
- S8007918, CVE-2013-2429: Better image writing.
- S8008140: Better method handle resolution.
- S8009049, CVE-2013-2436: Better method handle binding.
- S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
- S8009305, CVE-2013-0401: Improve AWT data transfer.
- S8009677, CVE-2013-2423: Better setting of setters.
- S8009699, CVE-2013-2421: Methodhandle lookup.
- S8009814, CVE-2013-1488: Better driver management.
- S8009857, CVE-2013-2422: Problem with plugin.
* Backports:
- S7130662: GTK file dialog crashes with a NPE.
* Bug fixes
- PR1363: Fedora 19 / rawhide FTBFS SIGILL.
- PR1401: Fix Zero build on 2.3.8.
- Fix offset problem in ICU LETableReference.
- Change -Werror fix to preserve OpenJDK default.
- PR1303: Correct #ifdef to #if.
- PR1404: Failure to bootstrap with ecj 4.2.
-- Matthias Klose <email address hidden> Mon, 22 Apr 2013 03:45:39 +0200