-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-1263 2011-02-10 20:46:20 --------------------------------------------------------------------------------
Name : java-1.6.0-openjdk Product : Fedora 14 Version : 1.6.0.0 Release : 52.1.9.6.fc14 URL : http://icedtea.classpath.org/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment. -------------------------------------------------------------------------------- Update Information: * Security updates - S4421494, CVE-2010-4476: infinite loop while parsing double literal. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 9 2011 Jiri Vanek <[email protected]> 1:1.6.0.0-52.1.9.6 - updated to icedtea 1.9.6 - Security updates - S4421494, CVE-2010-4476: infinite loop while parsing double literal. * Fri Jan 28 2011 Jiri Vanek <[email protected]> 1:1.6.0.0-51.1.9.5 - updated to icedtea 1.9.5 - Resolves: rhbz#672262 - Security updates - RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass - Backports - S6687968: PNGImageReader leaks native memory through an Inflater - S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk - S6782079: PNG: reading metadata may cause OOM on truncated images - Fixes - RH647157, RH582455: Update fontconfig files for rhel 6 - PR619: Improper finalization by the plugin can crash the browser * Wed Jan 5 2011 Jiri Vanek <[email protected]> - 1:1.6.0.0-50.1.9.4 - Updated to IcedTea 1.9.4 * Wed Dec 1 2010 Deepak Bhole <[email protected]> - 1:1.6.0.0-49.1.9.3 - Updated to IcedTea 1.9.3 - Re-enable Compressed Oops by default as upstream bug# 7002666 is fixed * Tue Nov 30 2010 Deepak Bhole <[email protected]> - 1:1.6.0.0-49.1.9.2 - Update to IcedTea 1.9.2 - Resolves: rhbz# 645843 - Resolves: rhbz# 647737 - Resolves: rhbz# 643674 - Remove patch that disabled Compressed Oops. It is now the default upstream. * Mon Nov 29 2010 Jiri Vanek <[email protected]> -1:1.6.0-48.1.9.1 - Resolves: rhbz#657491 - Removed Asian and Indic font dependencies. * Mon Nov 22 2010 Jiri Vanek <[email protected]> -1:1.6.0-47.1.9.1 - added fonts dependencies * Mon Nov 8 2010 Deepak Bhole <[email protected]> - 1:1.6.0.0-46.1.9.1 - Temporarily resolve rhbz#647737: - Put hs19 back, but disable Compressed Oops * Mon Nov 8 2010 Deepak Bhole <[email protected]> - 1:1.6.0.0-45.1.9.1 - Temporarily resolve rhbz#647737: - Build with default hotspot (hs17) - From Jiri Vanek ([email protected]): -Fixing rhbz#648499 - BuildRequires: redhat-lsb -------------------------------------------------------------------------------- References: [ 1 ] Bug #674336 - CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service https://bugzilla.redhat.com/show_bug.cgi?id=674336 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update java-1.6.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
