summaryrefslogtreecommitdiffstats
path: root/main/openjdk6
Commit message (Collapse)AuthorAgeFilesLines
* main/openjdk6: security upgrade to icedtea6 1.11.4Timo Teras2012-09-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IcedTea 1.11.4 S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder S7163201, CVE-2012-0547: Simplify toolkit internals references IcedTea 1.11.3 S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC S7143872, CVE-2012-1718: Improve certificate extension processing S7145239: Finetune package definition restriction S7152811, CVE-2012-1723: Issues in client compiler S7157609, CVE-2012-1724: Issues with loop S7160677: missing else in fix for 7152811 S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile IcedTea 1.11.1 S7082299, CVE-2011-3571: Fix in AtomicReferenceArray S7088367, CVE-2011-3563: Fix issues in java sound S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method S7110687, CVE-2012-0503: Issues with TimeZone class S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass S7110704, CVE-2012-0506: Issues with some method in corba S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object S7118283, CVE-2012-0501: Better input parameter checking in zip file processing S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server
* main/openjdk6: upgrade to icedtea6-1.11Timo Teräs2012-02-112-28/+21
| | | | based on openjdk6 b24 14_nov_2011
* main/openjdk6: fix cacerts generationWilliam Pitcock2011-11-192-5/+5
|
* main/openjdk6: build java security certificates store from alpine ↵William Pitcock2011-11-192-4/+351
| | | | ca-certificates package
* main/openjdk6: security upgrade icedtea6 to 1.10.4Timo Teräs2011-11-112-8/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ref #802 icedtea6 1.10.4 includes patches for the following security issues: CVE-2011-3547: InputStream skip() information leak CVE-2011-3548: mutable static AWTKeyStroke.ctor CVE-2011-3551: Java2D TransformHelper integer overflow CVE-2011-3552: excessive default UDP socket limit under SecurityManager CVE-2011-3553: JAX-WS stack-traces information leak CVE-2011-3544: missing SecurityManager checks in scripting engine CVE-2011-3521: IIOP deserialization code execution CVE-2011-3554: insufficient pack200 JAR files uncompress error checks CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer CVE-2011-3556: RMI DGC server remote code execution CVE-2011-3557: RMI registry privileged code execution CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer icedtea6 1.10.2 security patches (since upgrading from icedtea6 1.10.1): CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) CVE-2011-0865: Vulnerability in deserialization CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code CVE-2011-0867: NetworkInterface.toString can reveal bindings CVE-2011-0869: Vulnerability in SAAJ CVE-2011-0870: Vulnerability in SAAJ CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero CVE-2011-0871: ImageIcon creates Component with null acc CVE-2011-0864: JSR rewriting can overflow memory address size variables
* main/openjdk6: upgrade to (icedtea6 1.10.1)William Pitcock2011-05-141-3/+3
|
* testing/openjdk6: promote to mainWilliam Pitcock2011-03-285-0/+431