Format: 1.8 Date: Fri, 15 Oct 2010 16:05:20 +0200 Source: sun-java6 Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo sun-java6-source sun-java6-javadb Architecture: amd64 amd64_translations Version: 6.22-0ubuntu1~9.10.1 Distribution: karmic Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Matthias Klose Description: ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit) ia32-sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 (32-bit) sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture dependent sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE) sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6 sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independen sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files Changes: sun-java6 (6.22-0ubuntu1~9.10.1) karmic-security; urgency=low . * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2010-3556): JDK unspecified vulnerability in 2D component - (CVE-2010-3562): JDK IndexColorModel double-free - (CVE-2010-3565): JDK JPEG writeImage remote code execution - (CVE-2010-3566): JDK ICC Profile remote code execution - (CVE-2010-3567): Crash in ICU Opentype layout engine due to mismatch in character counts - (CVE-2010-3571): JDK unspecified vulnerability in 2D component - (CVE-2010-3554): JDK corba reflection vulnerabilities - (CVE-2010-3563): JDK unspecified vulnerability in Deployment component - (CVE-2010-3568): JDK Deserialization Race condition - (CVE-2010-3569): JDK Serialization inconsistencies - (CVE-2010-3558): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3552): JDK unspecified vulnerability in New Java Plugin component - (CVE-2010-3559): JDK unspecified vulnerability in Sound component - (CVE-2010-3572): JDK unspecified vulnerability in Sound component - (CVE-2010-3553): UIDefault.ProxyLazyValue has unsafe reflection usage - (CVE-2010-3555): JDK unspecified vulnerability in Deployment component - (CVE-2010-3550): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3570): JDK unspecified vulnerability in Deployment Toolkit - (CVE-2010-3561): Privileged ServerSocket.accept allows receiving connections from any host - (CVE-2009-3555): TLS: MITM attacks via session renegotiation - (CVE-2010-1321): krb5: null pointer dereference in GSS-API library leads to DoS - (CVE-2010-3549): HttpURLConnection chunked encoding issue (Http request splitting) - (CVE-2010-3557): JDK Swing mutable static - (CVE-2010-3541): limit setting of some request headers in HttpURLConnection - (CVE-2010-3573): limit HTTP request cookie headers in HttpURLConnection - (CVE-2010-3574): limit use of TRACE method in HttpURLConnection - (CVE-2010-3548): JDK DNS server IP address information leak - (CVE-2010-3551): NetworkInterface reveals local network address to untrusted code - (CVE-2010-3560): JDK unspecified vulnerability in Networking component Checksums-Sha1: 2ab7b3345e121686110dfcaed577e296fac4cd3e 27935224 sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb ecf1cd4da12bf9c8f377ac89a03d558dd4690580 1898 sun-java6-plugin_6.22-0ubuntu1~9.10.1_amd64.deb 91b98ee70b3ff4683b5f09095c062a05046a44ad 29686592 ia32-sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb e5e448c592fddbf541c1401374313c24d20f37c2 19881000 sun-java6-jdk_6.22-0ubuntu1~9.10.1_amd64.deb e1b6aded9d1efc4950d9c78f6fbb35929c1cf200 12164034 sun-java6-demo_6.22-0ubuntu1~9.10.1_amd64.deb 798f12dc9ec77f41adb44f8c5422a738f4e23c66 15662 sun-java6_6.22-0ubuntu1~9.10.1_amd64_translations.tar.gz Checksums-Sha256: 37d743e02ee0ec9417e5ecd125d92cd90c12f0837b713fcf302a8d88fd1c49ed 27935224 sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb 6fa02a3556c9603fbe42750222621f8aa78bc71ac9cf06ac045898c156e66dd0 1898 sun-java6-plugin_6.22-0ubuntu1~9.10.1_amd64.deb d4e9a8681488b1a95ce9a01cc444df504c303883f248f364ed12a79d06c8bd2b 29686592 ia32-sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb 9a9303999cad29c3f9802af2dcc67935c6a63ffd8495bda9ba789033f6701aac 19881000 sun-java6-jdk_6.22-0ubuntu1~9.10.1_amd64.deb 8fe714b2deddc044b6451286014dc53ee96ac8ec66a9062d694f3862c38e6f89 12164034 sun-java6-demo_6.22-0ubuntu1~9.10.1_amd64.deb c5c8f4d2514210cee523ee54f29b460520cbde78b2a705b2366114a7ef2b0469 15662 sun-java6_6.22-0ubuntu1~9.10.1_amd64_translations.tar.gz Files: c59dd01984c719a8031ed164c15c9c26 27935224 non-free/java optional sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb e945bfbc5de5d7ed49696734e48e69bc 1898 non-free/web optional sun-java6-plugin_6.22-0ubuntu1~9.10.1_amd64.deb e33ef14afa362855027df721ec90e829 29686592 non-free/java optional ia32-sun-java6-bin_6.22-0ubuntu1~9.10.1_amd64.deb 8b0acf257edd852ed7c31d1fff275ff1 19881000 non-free/java optional sun-java6-jdk_6.22-0ubuntu1~9.10.1_amd64.deb 691d509306f34fbd1835c72ecca47e00 12164034 non-free/java optional sun-java6-demo_6.22-0ubuntu1~9.10.1_amd64.deb 9b798a65a01656dd675bcd8390639258 15662 raw-translations - sun-java6_6.22-0ubuntu1~9.10.1_amd64_translations.tar.gz Original-Maintainer: Debian Java Maintainers