Hello community, here is the log from the commit of package java-1_6_0-openjdk for openSUSE:Factory checked in at Fri Jun 10 14:14:29 CEST 2011.
-------- --- java-1_6_0-openjdk/java-1_6_0-openjdk.changes 2011-04-19 10:52:20.000000000 +0200 +++ /mounts/work_src_done/STABLE/java-1_6_0-openjdk/java-1_6_0-openjdk.changes 2011-06-09 11:51:06.000000000 +0200 @@ -1,0 +2,26 @@ +Wed Jun 8 12:45:01 UTC 2011 - [email protected] + +- fix bnc#698739: icedtea6-1.10.2 released +- Security fixes + * S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) + * S6618658, CVE-2011-0865: Vulnerability in deserialization + * S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() + * S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code + * S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings + * S7013971, CVE-2011-0869: Vulnerability in SAAJ + * S7016340, CVE-2011-0870: Vulnerability in SAAJ + * S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero + * S7020198, CVE-2011-0871: ImageIcon creates Component with null acc + * S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables +- Backports + * S7043054: REGRESSION - wrong userBounds in Paint.createContext() + * S7043963, RH698295: Window manager workaround in AWT was not applied to mutter. Now it is. +- add commented bouncycastle provider into java.security allowing easy enable it from rpm + requested by rgarrigue + +------------------------------------------------------------------- +Thu Jun 2 09:45:19 UTC 2011 - [email protected] + +- fix bnc#695858 - call update-ca-certificates in posttrans + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- icedtea6-1.10.1.tar.gz New: ---- icedtea6-1.10.2-bouncycastle-provider-support.patch icedtea6-1.10.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_6_0-openjdk.spec ++++++ --- /var/tmp/diff_new_pack.94KrNr/_old 2011-06-10 14:13:52.000000000 +0200 +++ /var/tmp/diff_new_pack.94KrNr/_new 2011-06-10 14:13:52.000000000 +0200 @@ -36,7 +36,7 @@ # If runtests is 0 test suites will not be run. %define runtests 0 -%define icedteaver 1.10.1 +%define icedteaver 1.10.2 %define icedteasnapshot %{nil} %define openjdkver b22 %define openjdkdate 28_feb_2011 @@ -134,7 +134,7 @@ Name: java-1_6_0-openjdk Version: 1.6.0.0_%{openjdkver}.%{icedteaver} -Release: 3 +Release: 1 Summary: Java runtime environment based on OpenJDK 6 and IcedTea 6 Group: Development/Languages/Java License: GPLv2 ; - with the OpenJDK Assembly Exception and the GNU Classpath Exception @@ -199,6 +199,9 @@ Patch133: openjdk-6-src-b20-stringcompare.patch # PATCH-FIX-OPENSUSE: gcj on 11.2/x86_64 returns the NPE on this file - assume because of comments Patch134: openjdk-6-src-b20-gcj-workaround.patch +# PATCH-FIX-OPENSUSE: forward support for bouncycastle provider - requested by rgarrigue, +# will be sent to fedora as well. Applied only on systems with enabled nss (11.2+) +Patch135: icedtea6-1.10.2-bouncycastle-provider-support.patch # PATCH-FIX-UPSTREAM bnc#524505 Patch1000: java-1_6_0-openjdk-suse-desktop-files.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -532,6 +535,9 @@ %{PATCH134} \ %{PATCH133} \ %endif +%if 0%{?suse_version} >= 1120 + %{PATCH135} \ +%endif %{PATCH129} do qpatch -p1 ${PATCH} @@ -861,7 +867,7 @@ %posttrans # if there's no java, certificates are not generated if [ ! -f /var/lib/ca-certificates/java-cacerts ]; then - /usr/lib/ca-certificates/update.d/java.run + /usr/sbin/update-ca-certificates fi # remove the default empty cacert file, if it's installed ++++++ icedtea6-1.10.2-bouncycastle-provider-support.patch ++++++ Index: icedtea6-1.10.2/openjdk/jdk/src/share/lib/security/java.security =================================================================== --- icedtea6-1.10.2.orig/openjdk/jdk/src/share/lib/security/java.security +++ icedtea6-1.10.2/openjdk/jdk/src/share/lib/security/java.security @@ -52,6 +52,9 @@ security.provider.6=com.sun.security.sas security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC security.provider.9=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg +# bouncycastle.org API support +# will be enabled after installation of bouncycastle.rpm +#security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider # # Select the source of seed data for SecureRandom. By default an ++++++ icedtea6-1.10.1.tar.gz -> icedtea6-1.10.2.tar.gz ++++++ java-1_6_0-openjdk/icedtea6-1.10.1.tar.gz /mounts/work_src_done/STABLE/java-1_6_0-openjdk/icedtea6-1.10.2.tar.gz differ: char 5, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
