Change log for openjdk-7 package in Ubuntu
1 → 50 of 172 results | First • Previous • Next • Last |
openjdk-7 (7u211-2.6.17-0ubuntu0.1) trusty-security; urgency=medium * IcedTea release 2.6.17 (based on 7u211). * Security fixes: - S8206290, CVE-2019-2422: Better FileChannel transfer performance. - S8209094, CVE_2019-2426: Improve web server connections. - S8210866, CVE-2018-11212: Improve JPEG processing. - S8199156: Better route routing. - S8199161: Better interface enumeration. - S8199166: Better interface lists. - S8199552: Update to build scripts. - S8200659: Improve BigDecimal support. - S8203955: Improve robot support. - S8204895: Better icon support. - S8205356: Choose printer defaults. - S8205709: Proper allocation handling. - S8205714: Initial class initialization. - S8206295: More reliable p11 transactions. - S8206301: Improve NIO stability. - S8208585: Make crypto code more robust. - S8210094: Better loading of classloader classes. - S8210606: Improved data set handling. - S8210610: Improved LSA authentication. - S8210870: Libsunmscapi improved interactions. * debian/patches/hotspot-S8207151-fix-bad-klassoop.patch, debian/patches/openjdk-jdk7u191-b01-jaxp.patch debian/patches/openjdk-jdk7u191-b01-jdk.patch debian/patches/openjdk-jdk7u201-b00-hotspot.patch debian/patches/openjdk-jdk7u201-b00-jaxp.patch debian/patches/openjdk-jdk7u201-b00-jdk.patch: removed, applied upstream. * debian/patches/zero-sparc.diff: updated to fix merge failure in file hotspot/src/share/vm/c1/c1_LIRAssembler.cpp. -- Tiago Stürmer Daitx <email address hidden> Wed, 20 Mar 2019 05:22:37 +0000
Available diffs
openjdk-7 (7u181-2.6.14-0ubuntu0.3) trusty-security; urgency=medium * Apply 7u201-b00 security patches. * Security fixes: - CVE-2018-3136, S8194534: Manifest better support. - CVE-2018-3139, S8196902: Better HTTP redirection support. - CVE-2018-3149, S8199177: Enhance JNDI lookups. - CVE-2018-3169, S8199226: Improve field accesses. - CVE-2018-3180, S8202613: Improve TLS connections stability. * debian/patches/jdk-freetypeScaler-crash.diff: removed, it caused a memory leak and has been fixed upstream already, albeit in a different way. Closes: #910672. * debian/patches/jdk-8132985-backport-double-free.patch, debian/patches/jdk-8139803-backport-warning.patch: fix crash in freetypescaler due to double free, thanks to Heikki Aitakangas for the report and patches. (Closes: #911847) * debian/rules: run only the hotspot testsuite for jamvm and zero alternative vms to make build faster. -- Tiago Stürmer Daitx <email address hidden> Thu, 11 Oct 2018 01:47:12 +0000
Available diffs
openjdk-7 (7u181-2.6.14-0ubuntu0.2) trusty-security; urgency=medium * Apply 8u181 security backports. * Security fixes: - CVE-2018-2938, S8197871: Support Derby connections. - CVE-2018-2952, S8199547: Exception to Pattern Syntax. - S8191239: Improve desktop file usage. - S8193419: Better Internet address support. - S8197925: Better stack walking. - S8200666: Improve LDAP support. * debian/patches/hotspot-S8207151-fix-bad-klassoop.patch: fix bug introduced by the backport of S8189123. LP: #1778930. -- Tiago Stürmer Daitx <email address hidden> Mon, 23 Jul 2018 20:03:03 +0000
Available diffs
openjdk-7 (7u181-2.6.14-0ubuntu0.1) trusty-security; urgency=medium * IcedTea release 2.6.14 (based on 7u181). Closes: #898976. * Security fixes: - S8162488: JDK should be updated to use LittleCMS 2.8 - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969, CVE-2018-2790: Manifest better manifest entries - S8189977, CVE-2018-2795: Improve permission portability - S8189981, CVE-2018-2796: Improve queuing portability - S8189985, CVE-2018-2797: Improve tabular data portability - S8189989, CVE-2018-2798: Improve container portability - S8189993, CVE-2018-2799: Improve document portability - S8189997, CVE-2018-2794: Enhance keystore mechanisms - S8190478: Improved interface method selection - S8190877: Better handling of abstract classes - S8191696: Better mouse positioning - S8192025, CVE-2018-2814: Less referential references - S8192030: Better MTSchema support - S8192757, CVE-2018-2815: Improve stub classes implementation - S8193409: Improve AES supporting classes - S8193414: Improvements in MethodType lookups - S8193833, CVE-2018-2800: Better RMI connection support * debian/patches/hotspot-disable-exec-shield-workaround.patch: removed, upstream fixed i386 stack guard support in S8197429 (hotspot's mercurial commit 6636:d673ec579604). * debian/patches/hotspot-powerpcspe.diff: removed, support added upstream by S8186461 in hotspot's mercurial commit 6638:7517e77dd338. * debian/patches/it-patch-updates.diff: remove unnecessary hunks. * debian/rules: remove hotspot-powerpcspe.diff and hotspot-disable-exec-shield-workaround.patch from applied patches. -- Tiago Stürmer Daitx <email address hidden> Mon, 04 Jun 2018 23:11:45 +0000
Available diffs
openjdk-7 (7u171-2.6.13-0ubuntu0.14.04.2) trusty-security; urgency=medium * IcedTea release 2.6.13 (based on 7u171). (Closes: #891330). * Security fixes: - S8160104: CORBA communication improvements - S8172525, CVE-2018-2579: Improve key keying case - S8174756: Extra validation for public keys - S8175932: Improve host instance supports - S8176458: Revise default document styling - S8178449, CVE-2018-2588: Improve LDAP logins - S8178458: Better use of certificates in LDAP - S8178466: Better RSA parameters - S8179536: Cleaner print job handling - S8179990: Cleaner palette entry handling - S8180011: Cleaner native graphics device handling - S8180015: Cleaner AWT robot handling - S8180020: Improve SymbolHashMap entry handling - S8180433: Cleaner CLR invocation handling - S8180877: More deeply colored ICC spaces - S8181664: Improve JVM UTF String handling - S8181670: Improve implementation of keystores - S8182125, CVE-2018-2599: Improve reliability of DNS lookups - S8182387, CVE-2018-2603: Improve PKCS usage - S8182601, CVE-2018-2602: Improve usage messages - S8185292, CVE-2018-2618: Stricter key generation - S8185325, CVE-2018-2641: Improve GTK initialization - S8186080: Transform XML interfaces - S8186212, CVE-2018-2629: Improve GSS handling - S8186600, CVE-2018-2634: Improve property negotiations - S8186606, CVE-2018-2633: Improve LDAP lookup robustness - S8186867: Improve native glyph layouts - S8186998, CVE-2018-2637: Improve JMX supportive features - S8189284, CVE-2018-2663: More refactoring for deserialization cases - S8190289, CVE-2018-2677: More refactoring for client deserialization cases - S8191142, CVE-2018-2678: More refactoring for naming deserialization cases * Remove multiarch-support pre-dependency. (Closes: #887858).
Available diffs
openjdk-7 (7u151-2.6.11-2ubuntu0.14.04.1) trusty-security; urgency=medium * Backport to 14.04. * debian/patches/hotspot-aarch64-S8145438-fix-field-too-big-for-insn.patch: the S8144028 fix was incomplete and followed up by S8145438; without it aarch64 JVM can fail with "Internal Error, failed: Field too big for insn". -- Tiago Stürmer Daitx <email address hidden> Tue, 21 Nov 2017 02:10:21 +0000
Available diffs
openjdk-7 (7u151-2.6.11-0ubuntu1.14.04.1) trusty-security; urgency=medium * IcedTea release 2.6.11 (based on 7u151). Closes: #869816. * Security fixes: - S8163958, CVE-2017-10102: Improved garbage collection. - S8167228: Update to libpng 1.6.28. - S8169209, CVE-2017-10053: Improved image post-processing steps. - S8169392, CVE-2017-10067: Additional jar validation steps. - S8170966, CVE-2017-10081: Right parenthesis issue. - S8172204, CVE-2017-10087: Better Thread Pool execution. - S8172461, CVE-2017-10089: Service Registration Lifecycle. - S8172465, CVE-2017-10090: Better handling of channel groups. - S8172469, CVE-2017-10096: Transform Transformer Exceptions. - S8173286, CVE-2017-10101: Better reading of text catalogs. - S8173697, CVE-2017-10107: Less Active Activations. - S8173770, CVE-2017-10074: Image conversion improvements. - S8174098, CVE-2017-10110: Better image fetching. - S8174105, CVE-2017-10108: Better naming attribution. - S8174113, CVE-2017-10109: Better sourcing of code. - S8174770: Check registry registration location. - S8174873: Improved certificate processing. - S8175106, CVE-2017-10115: Higher quality DSA operations. - S8175110, CVE-2017-10118: Higher quality ECDSA operations. - S8176055: JMX diagnostic improvements. - S8176067, CVE-2017-10116: Proper directory lookup processing. - S8176760, CVE-2017-10135: Better handling of PKCS8 material. - S8178135, CVE-2017-10176: Additional elliptic curve support. - S8181420, CVE-2017-10074: PPC: Image conversion improvements. - S8182054, CVE-2017-10243: Improve wsdl support. - S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements. - S8184119, CVE-2017-10111: Incorrect return processing for the LF editor of MethodHandles.permuteArguments. * d/control.in: - remove @bd_compress@ dependency. - replace @bd_autotools@ with fixed dependencies. * d/control.tests: package to hold all tests artifacts and logs. * d/repack: fixed and simplified download script. * d/rules: - include openjdk-7-tests package on Ubuntu derivatives only. - only save the full jtreg results when the openjdk-7-tests package is being built, otherwise stick to old behaviour (keep compressed test summaries + failed test results). Closes: #863007, #865533. - only run the long jdk testsuite when default vm is a hotspot. - only run the full testsuite for zero alternative vm on very fast systems, otherwise stick to the hotspot testsuite to avoid long build times. - try /etc/os-release before lsb-release; allow distrel to be set from the command line. - remove with_nss as all supported releases have it now. - remove gcc/g++ configurations for EOL releases. - keep libjpeg8 dependency on wheezy, replace it with libjpeg62-turbo on other Debian releases and libjpeg-turbo8 on Ubuntu. Closes: #766601. - remove old logic to depend on libcupsys2. - always set rhino_source, all supported releases have dpkg > 1.16.2. - remove bd_compress and pkg_compress as they haven't been used for quite a while. - remove with_wgy_zenhai logic, lenny is EOL. - remove bd_autotools logic if/then, call dh_autoreconf and dh_autoreconf_clean. - simplify bootstrap dependency logic and remove EOL releases. - remove EOL releases from gcc/g++ dependency logic. - remove unused jamvm_defaults and simplify jamvm_archs logic. - use ttf-indic-fonts for trusty, otherwise stick to fonts-indic. - have build rule depend on debian/control in order to fail if it is ever regenerated at build time. - patch configure after dh_autoreconf call to include additional /usr/lib/jvm directories; setting DEB_HOST_ARCH=alpha to check if patches apply correctly fails because alpha requires a jdk for bootstrap and IcedTea does not look into our usual directories. * d/p/fontconfig-arphic-uming.diff: removed, not used since lenny. * d/p/jdk-getAccessibleValue.diff: libatk-wrapper-java: File selection dialog not refreshed when changing directory. Kindly provided by Samuel Thibault. Closes: #827741. * d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch: deleted, included in IcedTea 2.6.10. * d/p/kfreebsd-support-jdk.diff: updated, was failing to apply due to jdk changes in NetworkInterface.c. * d/p/sec-webrev-8u131-*.patch: deleted, included in IcedTea 2.6.10. * d/p/zero-sparc.diff: commented out chaitin.hpp hunk #1 as that #ifdef has been removed by JDK-8011621 (backported by IcedTea 2.6.10); this was also backported to 7u131 through JDK-8160961 but then backed out, better keep the hunk in case IcedTea decides to back it out as well. -- Tiago Stürmer Daitx <email address hidden> Thu, 18 May 2017 02:53:34 +0000
Available diffs
openjdk-7 (7u131-2.6.9-0ubuntu0.14.04.2) trusty-security; urgency=medium * Fix JDK regression introduced by 7u131 upgrade: (LP: #1691126) - d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch: fix "IllegalArgumentException: jdk.tls.namedGroups" backported from http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f5d0aadb4d1c -- Tiago Stürmer Daitx <email address hidden> Wed, 17 May 2017 00:39:54 +0000
Available diffs
- diff from 7u101-2.6.6-0ubuntu0.14.04.2~gcctest.2 (in ~ubuntu-security-proposed/ubuntu/ppa) to 7u131-2.6.9-0ubuntu0.14.04.2 (pending)
- diff from 7u131-2.6.9-0ubuntu0.14.04.1 to 7u131-2.6.9-0ubuntu0.14.04.2 (5.0 KiB)
openjdk-7 (7u131-2.6.9-0ubuntu0.14.04.1) trusty-security; urgency=medium * IcedTea release 2.6.9 (based on 7u131): * Security fixes - S8167110, CVE-2017-3514: Windows peering issue. - S8163528, CVE-2017-3511: Better library loading. - S8169011, CVE-2017-3526: Resizing XML parse trees. - S8163520, CVE-2017-3509: Reuse cache entries. - S8171533, CVE-2017-3544: Better email transfer. - S8170222, CVE-2017-3533: Better transfers of files. - S8171121, CVE-2017-3539: Enhancing jar checking. - S8172299: Improve class processing. * debian/compat: updated from 5 to 9. * debian/watch: using watch version 4 to download both icedtea and icedtea-sound. LP: #1642420. * debian/repack: simplified tarball download. * debian/rules: - removed 8u121 patches as they have been applied to 7u131. - building icedtea-sound on build/ directory - replaced 'dh_strip -k' calls by dh_prep - have the 'build' rule depend on 'debian/control' rule to force failure if debian/control gets regenerated. - added file 'security/blacklisted.cert' to be copied to etc dir (introduced by S8011402). - simplified build dependencies. - removed jtreg's xvfb-run call since icedtea takes care of calling it. - removed window manager as there are no additional significant failures on the jdk tests when not running one. - re-enabled jdk jtreg tests. - removed lpia arch. - use fonts-wqy-microhei and fonts-wqy-zenhei instead of transitional package names. - drop Recommends on obsolete GNOME libraries so they are not in a default GNOME desktop installation (Simon McVittie). Closes: #850270. + sun.net.spi.DefaultProxySelector prefers libglib2.0-0 (>= 2.24) over obsolete libgconf2-4. + sun.nio.fs.GnomeFileTypeDetector prefers libglib2.0-0 (>= 2.24) over libgnomevfs-2-0. + sun.xawt.awt_Desktop prefers libgtk2.0-0 (>= 2.14) over libgnomevfs2-0. * debian/control.in: added static build dependencies as their previous selection logic in debian/rules is no longer required. * debian/control: regenerated. * debian/patches/icedtea-sound.diff: removed, now packing icedtea-sound 1.0.1 which includes those fixes. * debian/upstream/signing-key.asc: add new signing key. -- Tiago Stürmer Daitx <email address hidden> Mon, 08 May 2017 23:02:52 +0000
Available diffs
openjdk-7 (7u121-2.6.8-1ubuntu0.12.04.3) precise-security; urgency=medium * Backport to 12.04
openjdk-7 (7u121-2.6.8-1ubuntu0.14.04.3) trusty-security; urgency=medium * Security fixes from 8u121: - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. -- Tiago Stürmer Daitx <email address hidden> Tue, 07 Feb 2017 17:55:31 +0000
openjdk-7 (7u121-2.6.8-1ubuntu0.14.04.1) trusty-security; urgency=medium * Backport to Ubuntu 14.04. * IcedTea release 2.6.8 (based on 7u121): * Security fixes - S8151921: Improved page resolution - S8155968: Update command line options - S8155973, CVE-2016-5542: Tighten jar checks - S8157176: Improved classfile parsing - S8157739, CVE-2016-5554: Classloader Consistency Checking - S8157749: Improve handling of DNS error replies - S8157753: Audio replay enhancement - S8157759: LCMS Transform Sampling Enhancement - S8157764: Better handling of interpolation plugins - S8158302: Handle contextual glyph substitutions - S8158993, CVE-2016-5568: Service Menu services - S8159495: Fix index offsets - S8159503: Amend Annotation Actions - S8159511: Stack map validation - S8159515: Improve indy validation - S8159519, CVE-2016-5573: Reformat JDWP messages - S8160090: Better signature handling in pack200 - S8160094: Improve pack200 layout - S8160098: Clean up color profiles - S8160591, CVE-2016-5582: Improve internal array handling - S8160838, CVE-2016-5597: Better HTTP service - PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() -- Tiago Stürmer Daitx <email address hidden> Tue, 15 Nov 2016 22:26:23 +0000
Available diffs
openjdk-7 (7u121-2.6.8-1ubuntu0.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04.
Available diffs
openjdk-7 (7u111-2.6.7-0ubuntu0.14.04.3) trusty-security; urgency=medium * debian/rules: - fix typo (aarch64 -> arm64) and disable precompiled headers for arm64 - remove compile file generated by automake during debian cleanup
openjdk-7 (7u111-2.6.7-0ubuntu0.12.04.2) precise-security; urgency=medium * Backport to Ubuntu 12.04.
openjdk-7 (7u101-2.6.6-0ubuntu0.15.10.1) wily-security; urgency=medium * IcedTea release 2.6.6 (based on 7u101): * Security fixes - S8129952, CVE-2016-0686: Ensure thread consistency - S8132051, CVE-2016-0687: Better byte behavior - S8138593, CVE-2016-0695: Make DSA more fair - S8139008: Better state table management - S8143167, CVE-2016-3425: Better buffering of XML strings - S8144430, CVE-2016-3427: Improve JMX connections - S8146494: Better ligature substitution - S8146498: Better device table adjustments * debian/patches/jdk-8152335-improve-methodhandle-consistency.patch: removed, fix is upstream since 2.6.5 * Disable arm32-jit for armhf and armel, broken by hotspot security patches.
openjdk-7 (7u101-2.6.6-0ubuntu0.14.04.1) trusty-security; urgency=medium * Backport to Ubuntu 14.04.
Available diffs
- diff from 7u85-2.6.1-5ubuntu0.14.04.2 (in ~ubuntu-security-proposed/ubuntu/ppa) to 7u101-2.6.6-0ubuntu0.14.04.1 (pending)
- diff from 7u95-2.6.4-0ubuntu0.14.04.2 (in ~openjdk-r/ubuntu/security-deletedppa) to 7u101-2.6.6-0ubuntu0.14.04.1 (111.2 MiB)
- diff from 7u95-2.6.4-0ubuntu0.14.04.2a~2rebuild~gcc46 to 7u101-2.6.6-0ubuntu0.14.04.1 (111.2 MiB)
openjdk-7 (7u101-2.6.6-0ubuntu0.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04.
Deleted in xenial-release (Reason: lp: #1563986, openjdk-7 removal) |
Superseded in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium [ Tiago Stürmer Daitx ] * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency [ Matthias Klose ] * Use internal tzdata for builds in stretch, unstable, experimental. Closes: #818308. -- Matthias Klose <email address hidden> Thu, 24 Mar 2016 15:24:32 +0100
Available diffs
- diff from 7u95-2.6.4-1 to 7u95-2.6.4-3 (3.8 KiB)
openjdk-7 (7u95-2.6.4-0ubuntu0.15.10.2) wily-security; urgency=medium * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency -- Tiago Stürmer Daitx <email address hidden> Wed, 23 Mar 2016 17:55:30 +0000
openjdk-7 (7u95-2.6.4-0ubuntu0.14.04.2) trusty-security; urgency=high * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency -- Tiago Stürmer Daitx <email address hidden> Wed, 23 Mar 2016 17:55:30 +0000
Available diffs
- diff from 7u95-2.6.4-0ubuntu0.14.04.1 (in ~tdaitx/ubuntu/openjdk-deletedppa) to 7u95-2.6.4-0ubuntu0.14.04.2 (3.6 KiB)
- diff from 7u79-2.5.6-0ubuntu1.14.04.1 (in ~ubuntu-security/ubuntu/ppa) to 7u95-2.6.4-0ubuntu0.14.04.2 (130.6 MiB)
- diff from 7u91-2.6.3-0ubuntu0.14.04.1 to 7u95-2.6.4-0ubuntu0.14.04.2 (111.2 MiB)
openjdk-7 (7u95-2.6.4-0ubuntu0.12.04.2) precise-security; urgency=medium * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency -- Tiago Stürmer Daitx <email address hidden> Wed, 23 Mar 2016 17:55:30 +0000
Available diffs
- diff from 7u95-2.6.4-0ubuntu0.12.04.1 (in ~tdaitx/ubuntu/openjdk-deletedppa) to 7u95-2.6.4-0ubuntu0.12.04.2 (4.2 KiB)
- diff from 7u79-2.5.6-0ubuntu1.12.04.1 (in ~ubuntu-security/ubuntu/ppa) to 7u95-2.6.4-0ubuntu0.12.04.2 (130.6 MiB)
- diff from 7u91-2.6.3-0ubuntu0.12.04.1 to 7u95-2.6.4-0ubuntu0.12.04.2 (111.2 MiB)
openjdk-7 (7u95-2.6.4-1) unstable; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.4 (based on 7u95): * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed [ Matthias Klose ] * Remove obsolete IcedTea configure options. * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. * Don't run the test on mips, still having stone age buildd hardware and empty promises to fix these issues since 2010. -- Matthias Klose <email address hidden> Thu, 21 Jan 2016 13:17:54 +0100
Available diffs
- diff from 7u91-2.6.3-3 to 7u95-2.6.4-1 (111.2 MiB)
openjdk-7 (7u95-2.6.4-0ubuntu0.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04.
Available diffs
- diff from 7u91-2.6.3-0ubuntu0.12.04.1 (in ~openjdk-r/ubuntu/security-deletedppa) to 7u95-2.6.4-0ubuntu0.12.04.1 (111.2 MiB)
- diff from 7u91-2.6.2-0ubuntu1~pre02~20151023015049~precise to 7u95-2.6.4-0ubuntu0.12.04.1 (pending)
openjdk-7 (7u95-2.6.4-0ubuntu0.14.04.1) trusty-security; urgency=high * Backport to Ubuntu 14.04.
Available diffs
- diff from 7u91-2.6.3-0ubuntu0.14.04.1 (in ~openjdk-r/ubuntu/security-deletedppa) to 7u95-2.6.4-0ubuntu0.14.04.1 (111.2 MiB)
- diff from 7u91-2.6.2-0ubuntu1~pre02~20151023015049ubuntu1 to 7u95-2.6.4-0ubuntu0.14.04.1 (pending)
openjdk-7 (7u95-2.6.4-0ubuntu0.15.04.1) vivid-security; urgency=medium * Backport to Ubuntu 15.04.
openjdk-7 (7u95-2.6.4-0ubuntu0.15.10.1) wily-security; urgency=medium * Icedtea release 2.6.4 (based on 7u95) * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed
Available diffs
- diff from 7u91-2.6.3-0ubuntu0.15.10.1 (in ~openjdk-r/ubuntu/security-deletedppa) to 7u95-2.6.4-0ubuntu0.15.10.1 (111.2 MiB)
- diff from 7u91-2.6.2-0ubuntu1~pre02~20151023015049 to 7u95-2.6.4-0ubuntu0.15.10.1 (pending)
openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium * Fix stripping packages (use bash instead of expr substring). * openjdk-jre-headless: Add dependency on the package containing the mountpoint binary. Closes: #803717. * openjdk-7-jdk: Fix typo in sdk provides. Closes: #803150. * Build using giflib 5. -- Matthias Klose <email address hidden> Mon, 30 Nov 2015 06:27:48 +0100
Available diffs
- diff from 7u91-2.6.3-2 to 7u91-2.6.3-3 (2.0 KiB)
openjdk-7 (7u91-2.6.3-2) unstable; urgency=medium * Enable sparc64 for hotspot (John Paul Adrian Glaubitz). * Add debian/patches/sparc-libproc-fix.diff to include missing headers on sparc64 (David Matthew Mattli). Closes: #805846. -- Matthias Klose <email address hidden> Wed, 25 Nov 2015 23:38:54 +0100
Available diffs
- diff from 7u91-2.6.3-1 to 7u91-2.6.3-2 (936 bytes)
openjdk-7 (7u91-2.6.3-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * Icedtea release 2.6.3 (based on 7u91): * Security fixes - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed -- Matthias Klose <email address hidden> Thu, 19 Nov 2015 01:27:25 +0100
Available diffs
- diff from 7u91-2.6.2-1 to 7u91-2.6.3-1 (111.1 MiB)
openjdk-7 (7u91-2.6.3-0ubuntu0.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04.
openjdk-7 (7u91-2.6.3-0ubuntu0.14.04.1) trusty-security; urgency=medium * Backport to Ubuntu 14.04.
openjdk-7 (7u91-2.6.3-0ubuntu0.15.04.1) vivid-security; urgency=medium * Backport to Ubuntu 15.04.
openjdk-7 (7u91-2.6.3-0ubuntu0.15.10.1) wily-security; urgency=medium * Icedtea release 2.6.3 (based on 7u91): * Security fixes - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed * Bad merge in IcedTea caused 2.6.1 to leak shmem chunks, affecting other applications such as QT and VLC, thanks Andrew Hughes for the fix in 2.6.2. (LP: #1512760)
openjdk-7 (7u91-2.6.2-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * IcedTea release 2.6.2 (based on 7u91): * Security fixes - S8048030, CVE-2015-4734: Expectations should be consistent - S8068842, CVE-2015-4803: Better JAXP data handling - S8076339, CVE-2015-4903: Better handling of remote object invocation - S8076383, CVE-2015-4835: Better CORBA exception handling - S8076387, CVE-2015-4882: Better CORBA value handling - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency - S8076413, CVE-2015-4883: Better JRMP message handling - S8078427, CVE-2015-4842: More supportive home environment - S8078440: Safer managed types - S8080541: More direct property handling - S8080688, CVE-2015-4860: Service for DGC services - S8081760: Better group dynamics - S8086092, CVE-2015-4840: More palette improvements - S8086733, CVE-2015-4893: Improve namespace handling - S8087350: Improve array conversions - S8103671, CVE-2015-4805: More objective stream classes - S8103675: Better Binary searches - S8130078, CVE-2015-4911: Document better processing - S8130193, CVE-2015-4806: Improve HTTP connections - S8130864: Better server identity handling - S8130891, CVE-2015-4843: (bf) More direct buffering - S8131291, CVE-2015-4872: Perfect parameter patterning - S8132042, CVE-2015-4844: Preserve layout presentation * d/patches/it-debian-build-flags.diff: refreshed * d/patches/it-set-compiler.diff: refreshed * d/patches/it-use-quilt.diff: refreshed and updated * d/patches/it-jamvm-2.0.diff: refreshed * d/patches/xrender: removed as it was applied upstream -- Matthias Klose <email address hidden> Sun, 25 Oct 2015 22:30:06 +0100
Available diffs
- diff from 7u85-2.6.1-5 to 7u91-2.6.2-1 (111.1 MiB)
- diff from 7u85-2.6.1-6 to 7u91-2.6.2-1 (111.2 MiB)
Superseded in xenial-proposed |
openjdk-7 (7u85-2.6.1-6) unstable; urgency=high [ Tiago Stürmer Daitx ] * Security fixes - S8048030, CVE-2015-4734: Expectations should be consistent - S8068842, CVE-2015-4803: Better JAXP data handling - S8076339, CVE-2015-4903: Better handling of remote object invocation - S8076383, CVE-2015-4835: Better CORBA exception handling - S8076387, CVE-2015-4882: Better CORBA value handling - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency - S8076413, CVE-2015-4883: Better JRMP message handling - S8078427, CVE-2015-4842: More supportive home environment - S8078440: Safer managed types - S8080541: More direct property handling - S8080688, CVE-2015-4860: Service for DGC services - S8081744, CVE-2015-4868: Clear out list corner case - S8081760: Better group dynamics - S8086092. CVE-2015-4840: More palette improvements - S8086733, CVE-2015-4893: Improve namespace handling - S8087350: Improve array conversions - S8103671, CVE-2015-4805: More objective stream classes - S8103675: Better Binary searches - S8129611: Accessbridge error handling improvement - S8130078, CVE-2015-4911: Document better processing - S8130185: More accessible access switch - S8130193, CVE-2015-4806: Improve HTTP connections - S8130864: Better server identity handling - S8130891, CVE-2015-4843: (bf) More direct buffering - S8131291, CVE-2015-4872: Perfect parameter patterning - S8132042, CVE-2015-4844: Preserve layout presentation * S6966259: Make PrincipalName and Realm immutable, required for S8048030 * S8078822: 8068842 fix missed one new file PrimeNumberSequenceGenerator.java [ Matthias Klose ] * Re-enable the atk bridge for releases with a fixed atk bridge. Again closes: #797595. -- Matthias Klose <email address hidden> Thu, 22 Oct 2015 00:42:34 +0200
openjdk-7 (7u85-2.6.1-5ubuntu0.15.10.1) wily-security; urgency=medium * SECURITY UPDATE: - S8048030, CVE-2015-4734: Expectations should be consistent - S8068842, CVE-2015-4803: Better JAXP data handling - S8076339, CVE-2015-4903: Better handling of remote object invocation - S8076383, CVE-2015-4835: Better CORBA exception handling - S8076387, CVE-2015-4882: Better CORBA value handling - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency - S8076413, CVE-2015-4883: Better JRMP message handling - S8078427, CVE-2015-4842: More supportive home environment - S8078440: Safer managed types - S8080541: More direct property handling - S8080688, CVE-2015-4860: Service for DGC services - S8081744, CVE-2015-4868: Clear out list corner case - S8081760: Better group dynamics - S8086092. CVE-2015-4840: More palette improvements - S8086733, CVE-2015-4893: Improve namespace handling - S8087350: Improve array conversions - S8103671, CVE-2015-4805: More objective stream classes - S8103675: Better Binary searches - S8129611: Accessbridge error handling improvement - S8130078, CVE-2015-4911: Document better processing - S8130185: More accessible access switch - S8130193, CVE-2015-4806: Improve HTTP connections - S8130864: Better server identity handling - S8130891, CVE-2015-4843: (bf) More direct buffering - S8131291, CVE-2015-4872: Perfect parameter patterning - S8132042, CVE-2015-4844: Preserve layout presentation * S6966259: Make PrincipalName and Realm immutable, required for S8048030 * S8078822: 8068842 fix missed one new file PrimeNumberSequenceGenerator.java -- Tiago Stürmer Daitx <email address hidden> Tue, 20 Oct 2015 03:24:22 +0000
Available diffs
openjdk-7 (7u85-2.6.1-5ubuntu0.15.04.1) vivid-security; urgency=medium * Backport to Ubuntu 15.04.
openjdk-7 (7u85-2.6.1-5ubuntu0.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04 LTS.
Available diffs
- diff from 7u79-2.5.6-0ubuntu1.12.04.1 (in ~ubuntu-security/ubuntu/ppa) to 7u85-2.6.1-5ubuntu0.12.04.1 (110.2 MiB)
- diff from 7u79-2.5.5-0ubuntu2 to 7u85-2.6.1-5ubuntu0.12.04.1 (pending)
openjdk-7 (7u85-2.6.1-5ubuntu0.14.04.1) trusty-security; urgency=medium * Backport to Ubuntu 14.04 LTS.
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
openjdk-7 (7u85-2.6.1-5) unstable; urgency=medium * Fix passing --disable-system-sctp for non-linux targets. -- Matthias Klose <email address hidden> Thu, 08 Oct 2015 07:01:54 +0200
Available diffs
- diff from 7u85-2.6.1-4 to 7u85-2.6.1-5 (495 bytes)
openjdk-7 (7u85-2.6.1-4) unstable; urgency=medium * Build again with pulseaudio on alpha. * Update the kfreebsd support patches (Steven Chamberlain). Closes: #798123. * Fix parallel build. Closes: #798124. * Disable again the atk bridge, too many regressions. Reopens: #797595. -- Matthias Klose <email address hidden> Wed, 07 Oct 2015 16:24:40 +0200
Available diffs
- diff from 7u85-2.6.1-2 to 7u85-2.6.1-4 (16.7 KiB)
openjdk-7 (7u85-2.6.1-2) unstable; urgency=medium * Stop building zero on AArch64, broken on the merged IcedTea Hotspot. * Only build-depend on libsctp-dev on linux architectures. * Configure for zero on sparc64, Hotspot build fails too. -- Matthias Klose <email address hidden> Fri, 04 Sep 2015 17:47:56 +0200
Available diffs
openjdk-7 (7u85-2.6.1-1ubuntu1) wily; urgency=medium * Stop building zero on AArch64, broken on the merged IcedTea Hotspot. -- Matthias Klose <email address hidden> Thu, 03 Sep 2015 20:31:02 +0200
Available diffs
- diff from 7u79-2.5.6-1 to 7u85-2.6.1-1ubuntu1 (110.0 MiB)
- diff from 7u85-2.6.1-1 to 7u85-2.6.1-1ubuntu1 (905 bytes)
Superseded in wily-proposed |
openjdk-7 (7u85-2.6.1-1) unstable; urgency=medium * IcedTea7 2.6.1 release (based on OpenJDK 7u85). * Configure for Hotspot on sparc64. * Add mips to the openjdk stage1 architectures. * Sort the enums and the annotations in the package-tree.html files (Emmanuel Bourg). Closes: #787159. * Re-enable the atk bridge for releases with a fixed atk bridge. Closes: #797595. * Make derivatives builds the same as the parent distro. Closes: #797662. -- Matthias Klose <email address hidden> Thu, 03 Sep 2015 12:47:16 +0200
Available diffs
- diff from 7u79-2.5.6-1 to 7u85-2.6.1-1 (110.0 MiB)
openjdk-7 (7u79-2.5.6-0ubuntu1.12.04.1) precise-security; urgency=medium * Backport to Ubuntu 12.04 LTS. -- Steve Beattie <email address hidden> Thu, 23 Jul 2015 23:30:26 -0700
openjdk-7 (7u79-2.5.6-0ubuntu1.14.04.1) trusty-security; urgency=medium * Backport to Ubuntu 14.04 LTS. -- Steve Beattie <email address hidden> Thu, 23 Jul 2015 23:10:03 -0700
openjdk-7 (7u79-2.5.6-0ubuntu1.15.04.1) vivid-security; urgency=medium * Backport for Ubuntu 15.04. -- Steve Beattie <email address hidden> Thu, 23 Jul 2015 15:37:30 -0700
Available diffs
openjdk-7 (7u79-2.5.6-1) unstable; urgency=medium * IcedTea7 2.5.6 release (based on OpenJDK 7u79). * Security fixes - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites. - S8067694, CVE-2015-2625: Improved certification checking. - S8071715, CVE-2015-4760: Tune font layout engine. - S8071731: Better scaling for C1. - S8072490: Better font morphing redux. - S8072887: Better font handling improvements. - S8073334: Improved font substitutions. - S8073773: Presume path preparedness. - S8073894: Getting to the root of certificate chains. - S8074330: Set font anchors more solidly. - S8074335: Substitute for substitution formats. - S8074865, CVE-2015-2601: General crypto resilience changes. - S8074871: Adjust device table handling. - S8075374, CVE-2015-4748: Responding to OCSP responses. - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling. - S8075738: Better multi-JVM sharing. - S8075833, CVE-2015-2613: Straighter Elliptic Curves. - S8075838: Method for typing MethodTypes. - S8075853, CVE-2015-2621: Proxy for MBean proxies. - S8076328, CVE-2015-4000: Enforce key exchange constraints. - S8076376, CVE-2015-2628: Enhance IIOP operations. - S8076397, CVE-2015-4731: Better MBean connections. - S8076401, CVE-2015-2590: Serialize OIS data. - S8076405, CVE-2015-4732: Improve serial serialization. - S8076409, CVE-2015-4733: Reinforce RMI framework. - S8077520, CVE-2015-2632: Morph tables into improved form. - PR2487, CVE-2015-4000: Make jdk8 mode the default for jdk.tls.ephemeralDHKeySize. * Update the kfreebsd hotspot support patch (Steven Chamberlain). Closes: #788982. * openjdk-7-jre: Recommend the real libgconf2-4 and libgnome2-0 packages. Closes: #786594. -- Matthias Klose <email address hidden> Thu, 23 Jul 2015 17:19:35 +0200
Available diffs
- diff from 7u79-2.5.5-0ubuntu1 to 7u79-2.5.6-1 (130.4 MiB)
openjdk-7 (7u79-2.5.5-0ubuntu0.12.04.1) precise-security; urgency=medium * Backport to 12.04 LTS.
Available diffs
1 → 50 of 172 results | First • Previous • Next • Last |