summaryrefslogtreecommitdiffstats
path: root/main/openjdk6
Commit message (Collapse)AuthorAgeFilesLines
* main/openjdk6: upgrade to icedtea6-1.11Timo Teräs2012-02-112-28/+21
| | | | based on openjdk6 b24 14_nov_2011
* main/openjdk6: fix cacerts generationWilliam Pitcock2011-11-192-5/+5
|
* main/openjdk6: build java security certificates store from alpine ↵William Pitcock2011-11-192-4/+351
| | | | ca-certificates package
* main/openjdk6: security upgrade icedtea6 to 1.10.4Timo Teräs2011-11-112-8/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ref #802 icedtea6 1.10.4 includes patches for the following security issues: CVE-2011-3547: InputStream skip() information leak CVE-2011-3548: mutable static AWTKeyStroke.ctor CVE-2011-3551: Java2D TransformHelper integer overflow CVE-2011-3552: excessive default UDP socket limit under SecurityManager CVE-2011-3553: JAX-WS stack-traces information leak CVE-2011-3544: missing SecurityManager checks in scripting engine CVE-2011-3521: IIOP deserialization code execution CVE-2011-3554: insufficient pack200 JAR files uncompress error checks CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer CVE-2011-3556: RMI DGC server remote code execution CVE-2011-3557: RMI registry privileged code execution CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer icedtea6 1.10.2 security patches (since upgrading from icedtea6 1.10.1): CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) CVE-2011-0865: Vulnerability in deserialization CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code CVE-2011-0867: NetworkInterface.toString can reveal bindings CVE-2011-0869: Vulnerability in SAAJ CVE-2011-0870: Vulnerability in SAAJ CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero CVE-2011-0871: ImageIcon creates Component with null acc CVE-2011-0864: JSR rewriting can overflow memory address size variables
* main/openjdk6: upgrade to (icedtea6 1.10.1)William Pitcock2011-05-141-3/+3
|
* testing/openjdk6: promote to mainWilliam Pitcock2011-03-285-0/+431