-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-0930 2012-01-25 21:59:07 --------------------------------------------------------------------------------
Name : java-1.6.0-openjdk Product : Fedora 15 Version : 1.6.0.0 Release : 62.1.10.5.fc15 URL : http://icedtea.classpath.org/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment. -------------------------------------------------------------------------------- Update Information: Backports S7034464: Support transparent large pages on Linux S7037939: NUMA: Disable adaptive resizing if SHM large pages are used S7102369, RH751203: remove java.rmi.server.codebase property parsing from registyimpl S7094468, RH751203: rmiregistry clean up S7103725, RH767129: REGRESSION – 6u29 breaks ssl connectivity using TLS_DH_anon_WITH_AES_128_CBC_SHA S6851973, PR830: ignore incoming channel binding if acceptor does not set one S7091528: javadoc attempts to parse .class files -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 24 2012 Jiri Vanek <[email protected]> - 1:1.6.0.0-62.1.10.5 - updated to icedtea6 1.10.5 - Backports S7034464, Support transparent large pages on Linux S7037939, NUMA: Disable adaptive resizing if SHM large pages are used S7102369, RH751203: remove java.rmi.server.codebase property parsing from registyimpl S7094468, RH751203: rmiregistry clean up S7103725, RH767129: REGRESSION – 6u29 breaks ssl connectivity using TLS_DH_anon_WITH_AES_128_CBC_SHA S6851973, PR830: ignore incoming channel binding if acceptor does not set one S7091528, javadoc attempts to parse .class files * Fri Nov 25 2011 Omair Majid <[email protected]> - 1:1.6.0.0-61.1.10.4 - Fix rhbz#741821 * Thu Oct 13 2011 Jiri Vanek <[email protected]> - 1:1.6.0.0-60.1.10.4 - updated to icedtea6 1.10.4 - Security fixes - S7000600, CVE-2011-3547: InputStream skip() information leak - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow - S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine - S7055902, CVE-2011-3521: IIOP deserialization code execution - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer - S7077466, CVE-2011-3556: RMI DGC server remote code execution - S7083012, CVE-2011-3557: RMI registry privileged code execution - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection - Bug fixes - RH727195 : Japanese font mappings are broken - Backports - S6826104, RH730015: Getting a NullPointer exception when clicked on Application & Toolkit Modal dialog - Zero/Shark - PR690: Shark fails to JIT using hs20. - PR696: Zero fails to handle fast_aldc and fast_aldc_w in hs20. * Fri Jul 22 2011 Jiri Vanek <[email protected]> - 1:1.6.0.0-59.1.10.3 - updated to icedtea6 1.10.3 - http://blog.fuseyism.com/index.php/2011/07/21/icedtea6-1103-released/ * Fri Jun 10 2011 Jiri Vanek <[email protected]> - 1:1.6.0.0-58.1.10.2 - added requires: fontconfig - resolves: rhbz#708201 * Mon Jun 6 2011 Jiri Vanek <[email protected]> - 1:1.6.0.0-58.1.10.2 - Resolves: rhbz#709375 - Bumped to IcedTea6 1.10.2 - RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) - RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization - RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() (win) - RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code - RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings - RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ - RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ - RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero - RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc - RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update java-1.6.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
