Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
java-1_6_0-openjdk.552
java-1_6_0-openjdk.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File java-1_6_0-openjdk.changes of Package java-1_6_0-openjdk.552
------------------------------------------------------------------- Thu Jun 14 11:04:42 UTC 2012 - mvyskocil@suse.cz - update to 1.11.3 (bnc#766802) * Security fixes - S7079902, CVE-2012-1711: Refine CORBA data models - S7110720: Issue with vm config file loadingIssue with vm config file loading - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC - S7143872, CVE-2012-1718: Improve certificate extension processing - S7145239: Finetune package definition restriction - S7152811, CVE-2012-1723: Issues in client compiler - S7157609, CVE-2012-1724: Issues with loop - S7160677: missing else in fix for 7152811 - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile * Bug fixes - PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358) - RH789154: javac error messages no longer contain the full path to the offending file: - PR797: Compiler error message does not display entire file name and path - PR881: Sign tests (wsse.policy.basic) failures with OpenJDK6 - PR886: 6-1.11.1 fails to build CACAO on ppc - Specify both source and target in IT_GET_DTDTYPE_CHECK. - Install nss.cfg into j2re-image too. - PR584: Don't use shared Eden in incremental mode. * Backports - S6792400: Avoid loading of Normalizer resources for simple uses - use versioned desktop files to avoid fileconflict with openjdk7 - add openjdk-6-src-b24-zero-increase-stack-size.patch by Dinar Valeev - add xorg-x11 BuildRequires to have xprop (by reddwarf an opensuse) - license update: GPL-2.0-with-classpath-exception (by cfarrell) ------------------------------------------------------------------- Thu Feb 16 13:42:09 UTC 2012 - mvyskocil@suse.cz - update to 1.11.1 (bnc#747208) * Security fixes - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass - S7110704, CVE-2012-0506: Issues with some method in corba - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing - S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server * Bug fixes - PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch * openSUSE fixes - apply ppc patch also on s390/s390x (thanks rudi) - add a 3 more void-return fixes to ppc patch (thanks rudi) - adjusted patch110 to fix ppc build. (thanks marcus) - there is no architecture called arm, so use macro instead - fix a stuff needed for gjc-based build * change compiler flags in configure to gjc compatible * added no-werror patch for openjdk-ecj * avoid all aditional checking packages in this mode * temporary remove memory size increase * exclude patch110 in this case - TBD later - definitelly drop noarch feature as it never worked well - add arm to 32bit architectures - remove rhino as a runtime dependency, as it's repackaged and installed in the jvm's tree - enable build --with-parallel-jobs - add automake as buildrequire to avoid implicit dependency (thanks coolo) ------------------------------------------------------------------- Mon Oct 24 07:45:45 UTC 2011 - mvyskocil@suse.cz - update to 1.10.4 (bnc#725167) - Security fixes * S7000600, CVE-2011-3547: InputStream skip() information leak * S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor * S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow * S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager * S7046794, CVE-2011-3553: JAX-WS stack-traces information leak * S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine * S7055902, CVE-2011-3521: IIOP deserialization code execution * S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks * S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) * S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer * S7077466, CVE-2011-3556: RMI DGC server remote code execution * S7083012, CVE-2011-3557: RMI registry privileged code execution * S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection - Bug fixes - RH727195: Japanese font mappings are broken - Backports - S6826104, RH730015: Getting a NullPointer exception when clicked on Application & Toolkit Modal dialog ------------------------------------------------------------------- Thu Aug 4 08:46:55 UTC 2011 - mvyskocil@suse.cz - update to 1.10.3 - Bug fixes * PR748: Icedtea6 fails to build with Linux 3.0. * PR744: icedtea6-1.10.2 : patching error - Backports: * S7037283, RH712211: Null Pointer Exception in SwingUtilities2. * S6769607, PR677: Modal frame hangs for a while. * S6578583: Modality is broken in windows vista home premium from jdk1.7 b02 onwards. * S6610244: modal dialog closes with fatal error if -Xcheck:jni is set - don't touch java and javac alternatives anymore ------------------------------------------------------------------- Tue Jun 14 09:23:00 UTC 2011 - mvyskocil@suse.cz - fix build on 11.1/i586 distros * add icedtea6-replace-gcc-stack-marking.patch ------------------------------------------------------------------- Thu Jun 9 11:24:10 UTC 2011 - mvyskocil@suse.cz - fix bnc#698739: icedtea6-1.10.2 released - update to openjdk b22, hotspot 20b11 see following links for more details http://blog.fuseyism.com/index.php/2011/04/04/icedtea6-1101-released/ http://blog.fuseyism.com/index.php/2011/03/02/icedtea6-110-released/ - Security fixes * S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) * S6618658, CVE-2011-0865: Vulnerability in deserialization * S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() * S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code * S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings * S7013971, CVE-2011-0869: Vulnerability in SAAJ * S7016340, CVE-2011-0870: Vulnerability in SAAJ * S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero * S7020198, CVE-2011-0871: ImageIcon creates Component with null acc * S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables - Backports * S7023591, S7027667: Clipped antialiased rectangles are filled, not drawn. Add missing privileged block around access to the sun.awt.nativedebug property. * S7032388, PR682: Make HotSpot work on machines without cmov instruction again * S7031385, PR680: Incorrect register allocation in orderAccess_linux_x86.inline.hpp * S7043054: REGRESSION - wrong userBounds in Paint.createContext() * S7043963, RH698295: Window manager workaround in AWT was not applied to mutter. Now it is. Bug fixes: * G356743: Support libpng 1.5. * RH661505: JPEGs with sRGB IEC61966-2.1 color profiles have wrong colors * PR600: HS19 upgrade broke CACAO build on ARM * PR616, PR99: Don’t statically link libstdc++ or libgcc * PR632: patches/security/20110215/6878713.patch breaks shark zero build * PR103: Usage of native2ascii during bootstrap * PR633: IcedTea installs javaws manpages on x86 even with –disable-webstart * PR635: zero fails to build on icedtea6 trunk 20110217 with hs20 * PR586: Sources missing from src.zip * PR639: Add missing include line, paths and LLVM flags for Shark. * PR640: JamVM fails to build - Unrecognised option: -XX:ThreadStackSize. * PR641: Increase stack size for PPC * PR497: Mercurial revision detection not very reliable * PR585: Freenet throws java.lang.UnsatisfiedLinkError with OpenJDK/CACAO - remove webstart and plugin, as they are now in separate icedtea-web project - fix bnc#596177 - generate java cacerts at runtime (enabled for openSUSE 11.3+) - add commented bouncycastle provider into java.security allowing easy enable it from rpm requested by rgarrigue ------------------------------------------------------------------- Thu Feb 24 13:01:52 UTC 2011 - mvyskocil@suse.cz - fix bnc#671714 - VUL-0: java-1_6_0-openjdk: permissions assigned to applets with multiple JARs (icedtea6-1.9.7) - Security updates * S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption * S6907662, CVE-2010-4465: Swing timer-based security manager bypass * S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation * S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets * S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries * S6985453, CVE-2010-4471: Java2D font-related system property leak * S6927050, CVE-2010-4470: JAXP untrusted component state manipulation * RH677332, CVE-2011-0706: Multiple signers privilege escalation - Bug fixes * RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken * G344659: Fix issue when building on SPARC * Fix latent JAXP bug caused by missing import - fix bnc#670304 - VUL-1: java-1_6_0-openjdk: denial of service using floats (icedtea6-1.9.6) - Security updates * S4421494, CVE-2010-4476: infinite loop while parsing double literal - patches changes: * obsoletes stack-protector patches (already upstreamed) * modified openjdk-6-src-b20-initialized-after.patch * modified openjdk-6-src-b20-no-werror.patch * openjdk-ecj-6-src-b20-no-return-in-nonvoid-function.patch * add openjdk-6-src-b20-stringcompare.patch * add openjdk-ecj-6-src-b20-no-return-in-nonvoid-function.patch * add openjdk-6-src-b20-gcj-workaround.patch (11.2/x86_64 workaround) ------------------------------------------------------------------- Tue Feb 1 08:14:18 UTC 2011 - mvyskocil@suse.cz - fix bnc#667313 - VUL-0: embargoed java icedtea issues - Security updates * RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass - Backports * S6687968: PNGImageReader leaks native memory through an Inflater * S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk * S6782079: PNG: reading metadata may cause OOM on truncated images - Fixes * PR619: Improper finalization by the plugin can crash the browser ------------------------------------------------------------------- Mon Jan 31 09:22:53 UTC 2011 - mvyskocil@suse.cz - fix bmo#582130 - symbol clash between moonlight and icedtea plugin * icedtea6-1.9.4-moonlight-symbol-clash.patch - mark cursor.properties a config ------------------------------------------------------------------- Mon Jan 17 15:25:21 UTC 2011 - mvyskocil@suse.cz - fix bnc#664298 - VUL-0: java-1_6_0-openjdk: JNLPSecurityManager in some cases silently returns when a permission is denied - Security updates: * RH663680, CVE-2010-4351: IcedTea JNLP SecurityManager bypass - Backports * S4356282: RFE: JDK should support OpenType/CFF fonts * S6954424, RH525870: Support OpenType/CFF fonts in JDK 7 * S6795356, PR590: Leak caused by javax.swing.UIDefaults.ProxyLazyValue.acc * S6967436, RH597227: lines longer than 2^15 can fill window. * S6967433: dashed lines broken when using scaling transforms. * S6976265: No STROKE_CONTROL * S6967434, PR450, RH530642: Round joins/caps of scaled up lines have poor quality. * S6438179, RH569121: XToolkit.isTraySupported() result has nothing to do with the system tray - Fixes - S7003777, RH647674: JTextPane produces incorrect content after parsing the html text - fix bnc#635365 - icedtea update broke java from firefox - bogus java path * icedtea6-1.9.4-realpath.patch use realpath to resolve the double symlinks ------------------------------------------------------------------- Tue Jan 11 14:58:17 UTC 2011 - mvyskocil@suse.cz - Update to icedtea6-1.9.3 * Re-enable compressed oops by default now 7002666 is fixed. * bakckport S7002666: Eclipse CDT projects crash with compressed oops * fix reapply ia64 fix from S6896043 which was reverted by S6953477 - fix bnc#635365 - icedtea update broke java from firefox - bogus java path * wrote a proposal readlink-recursive.patch * sent upstream - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=613 ------------------------------------------------------------------- Wed Dec 1 14:23:09 UTC 2010 - mvyskocil@suse.cz - update to icedtea6-1.9.2 (bnc#656742) - Latest security updates and hardening patches: * RH645843, CVE-2010-3860: IcedTea System property information leak via public static - Upgrade to latest revision of hs19 (b09). - Allow the building of NetX to be disabled. - Backports * S6622432: RFE: Performance improvements to java.math.BigDecimal * S6850606: Regression from JDK 1.6.0_12 * S6876282: BigDecimal’s divide(BigDecimal bd, RoundingFormat r) produces incorrect result * S6991430, PR579: Zero PowerPC fix. * S6703377: freetype: glyph vector outline is not translated correctly * S6853592: VM test nsk.regression.b4261880 fails with “X Error of failed request: BadWindow” inconsistently. - Bug fixes * RH647737: Disable compressed oops in hs19 to avoid Eclipse failures. * RH643674: Update fontconfig files for Fedora 11, 12, 13 and 14. - NetX * Do not prompt user multiple times for the same certificate. * PR592: NetX can create invalid desktop entry files ------------------------------------------------------------------- Fri Oct 22 11:03:01 UTC 2010 - mvyskocil@suse.cz - update to icedtea6-1.9.1 (bnc#642531) - update to openjdk-6-b20 * fixes listed on http://blog.fuseyism.com/index.php/2010/09/10/icedtea6-19-released/ - Latest security updates and hardening patches: * S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation * S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition * S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities * S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free * S6938813, CVE-2010-3557: OpenJDK Swing mutable static * S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak * S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability * S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution * S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution * S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies * S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage * S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host * S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting) * S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code * S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection * S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts * S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection * S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection * (See: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html) - IcedTeaPlugin: * PR519: 100% CPU usage when displaying applets in Webkit based browsers * Classes are no longer added to rt.jar, but to plugin.jar - NetX: * New man page for javaws * Classes are no longer added to rt.jar, but to netx.jar - bug fixes and backports * S6990437: Update with correct copyright info for source and test files from SSR10_02 fixes * S6638712: Inference with wildcard types causes selection of inapplicable method * S6650759: Inference of formal type parameter (unused in formal parameters) is not performed * S6623943: javax.swing.TimerQueue’s thread occasionally fails to start * RH633510: OpenJDK should use NUMA even if glibc doesn’t provide it - misc: * VisualVM support removed; now available in its own package at http://icedtea.classpath.org/hg/visualvm * A separate build directory is now used for the OpenJDK build: openjdk.build-ecj (stage 1) and openjdk.build (stage 2) - fix bnc#637224 - delta RPM for java-1_6_0-openjdk patch does not match installed data * mark fontconfig and much more files as config noreplace - fix bnc#648260 - update-alternatives: error: alternative pack200 can't be slave of java: it is a slave of javac * move *pack200* from JRE to SDK * add workaround into post removing the *pack* slaves from java alternative - few more filters of rpmlint warnings - Patches changes: * openjdk-6-src-b16-lcms.patch - already included in b20 * openjdk-6-src-b17-enumeration-value.patch - already included in b20 * openjdk-6-src-b17-no-multiline-comments.patch - refresh for b20 * openjdk-6-src-b17-suggest-parentheses.patch - refresh for b20 * openjdk-6-src-b17-initialized-after.patch - refresh for b20 * openjdk-6-src-b20-defined-but-not-used.patch - new warn fix * openjdk-6-src-b20-may-be-used-uninitialized.patch - new fix 2 * openjdk-6-src-b20-array-subscript-has-type-char.patch - new fix 3 * openjdk-6-src-b20-no-werror.patch - remove -Werror from more locations than before * use quilt for applying of SUSE patches -> 2 new BR quilt and vim ------------------------------------------------------------------- Wed Jul 28 12:08:30 UTC 2010 - mvyskocil@suse.cz - update to icedtea6-1.8.1 (bnc#623905) - update to openjdk-6-b18 - Latest security updates and hardening patches: * (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299) * (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) * (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653) * (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217) * (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) * (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390) * (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703) * (CVE-2010-0088): Inflater/Deflater clone issues (6745393) * (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) * (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) * (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) * (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) * (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) * (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823) * (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866) * (CVE-2009-3555): TLS: MITM attacks via session renegotiation - IcedTeaNPPlugin. * RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error * Set context classloader for all threads in an applet's threadgroup * PR436: Close all applet threads on exit * PR480: NPPlugin with NoScript extension. * PR488: Question mark changing into underscore in URL. * RH592553: Fix bug causing 100% CPU usage. * Don't generate a random pointer from a pthread_t in the debug output. * Add ForbiddenTargetException for legacy support. * Use variadic macro for plugin debug message printing. * Don't link the plugin with libxul libraries. * Fix race conditions in plugin initialization code that were causing hangs. * RH506730: BankID (Norwegian common online banking authentication system) applet fails to load. * Fix policy evaluation to match the proprietary JDK. * PR491: pass java_{code,codebase,archive} parameters to Java. * Adds javawebstart.version property and give user permission to read that property. * Old plugin removed; NPPlugin is now the default and is controlled by --enable/disable-plugin. As with the old plugin, it produces a IcedTeaPlugin.so library rather than IcedTeaNPPlugin.so. * Dependence on the binary plugs mechanism removed. The plugin and NetX code is now imported into the JDK build in the same manner as langtools, CORBA, JAXP and JAXWS. * Fix for plugin buffer overflow: https://bugzilla.mozilla.org/show_bug.cgi?id=555342 - NetX: * Fix security flaw in NetX that allows arbitrary unsigned apps to set any java property. * Fix a flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it. * Make path sanitization consistent; use a blacklisting approach. * Make the SingleInstanceServer thread a daemon thread. * Handle JNLP files which use native libraries but do not indicate it * Allow JNLP classloaders to share native libraries * Added encoding support - bug fixes * Nimbus Look 'n' Feel backported from OpenJDK7. * JAXP and JAXWS now external dependencies rather than being in-tree. * 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups * 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs * 6910590: Application can modify command array in ProcessBuilder * 6909597: JPEGImageReader stepX Integer Overflow Vulnerability * 6932480: Crash in CompilerThread/Parser. Unloaded array klass? * 6678385: Fixes jvm crashes when window is resized. * Produces the "expected" behavior for full screen applications, when running the Metacity window manager. * Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code * Zero/Shark * Shark is now able to build itself. * For ARM, add Thumb2 JIT. * Fixed Shark sharkCompiler mattr memory corruption bug when using llvm 2.7. * others http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html * Eliminate spurious exception throwing when using PulseAudio * PR shark/483: Fix miscompilation of sun.misc.Unsafe::getByte. * PR PR icedtea/324, icedtea/481: Fix Shark VM crash. * Fix Zero build on Hitachi SH. * PR476: Enable building SystemTap support on GCC 4.5. - disabled systemtap support on openSUSE 11.2, as it requires more recent version - require xulrunner191 on 11.1 too ------------------------------------------------------------------- Thu May 20 07:06:08 UTC 2010 - mvyskocil@suse.cz - Change the policytool.desktop category to Utilities ------------------------------------------------------------------- Wed May 19 16:36:01 CEST 2010 - ro@suse.de - set locale to utf-8 variant to fix build (broke when going over certificates with utf-8 filenames) ------------------------------------------------------------------- Thu May 13 08:56:07 UTC 2010 - mvyskocil@suse.cz - fix bnc#603316: openjdk run out of file descriptors * add openjdk-6-src-b17-stack-protector-fclose.patch add the missing fclose to the stack-protector patch ------------------------------------------------------------------- Wed Apr 28 07:39:19 UTC 2010 - mvyskocil@suse.cz - fixes ppc build * enable nio2 only for ix86 and x86_64 * refresh openjdk-6-src-b17-no-return-in-nonvoid-function-ppc.patch - ignore old libopenssl on 11.3+ - use patch -i, instead of shell redirection ------------------------------------------------------------------- Mon Apr 12 10:21:04 UTC 2010 - mvyskocil@suse.cz - update to icedtea6-1.7.3 (bnc#594415) - security and hardending * (CVE-2010-0837): JAR “unpack200″ must verify input parameters (6902299) * (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807 * (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653) * (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217) * (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) * (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390) * (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703) * (CVE-2010-0088): Inflater/Deflater clone issues (6745393) * (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) * (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) * (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) * (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) * (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) * (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823) * (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866) * (CVE-2009-3555): TLS: MITM attacks via session renegotiation * 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups * 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs * 6910590: Application can modify command array in ProcessBuilder * 6909597: JPEGImageReader stepX Integer Overflow Vulnerability * 6932480: Crash in CompilerThread/Parser. Unloaded array klass? - Bug fixes: * Backport of 6822370: ReentrantReadWriteLock: threads hung when there are no threads holding onto the lock * Increase ThreadStackSize by 512kb on 32-bit Zero platforms * Check cacerts database is valid * Fix for plugin buffer overflow: Mozilla bug 555342 * Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code ------------------------------------------------------------------- Thu Mar 18 07:21:43 UTC 2010 - mvyskocil@suse.cz - fix bnc#589021 - Better protect java stack * openjdk-6-src-b17-stack-protector.patch ------------------------------------------------------------------- Thu Mar 4 08:50:07 UTC 2010 - mvyskocil@suse.cz - Updates: * icedtea6-1.7 * openjdk6 b17 14_oct_2009 - Enabled NPPlugin - fix [bnc#582206] - patches changes: * obsolete java-1.6.0-openjdk-sparc-fixes.patch * obsolete java-1.6.0-openjdk-sparc-hotspot.patch * obsolete icedtea6-1.6-npplugin-xulrunner191.patch * obsolete icedtea6-1.6-no-return-in-nonvoid-function.patch * obsolete icedtea6-ecc-support-b387a64caa08.patch * add a lot of patches fixes a build of openjdk6 with gcc4.5 using -Werror -Wall openjdk-6-src-b17-no-multiline-comments.patch openjdk-6-src-b17-enumeration-value.patch openjdk-6-src-b17-suggest-parentheses.patch openjdk-6-src-b17-no-efect.patch openjdk-6-src-b17-initialized-after.patch openjdk-6-src-b17-unused-variable.patch * openjdk-6-src-b17-no-werror.patch (suppress the errors in autogenerated code) * icedtea6-1.7-no-return-in-non-void.patch - move the noarch content to %%{_datadir}/ and create symlinks in usual locations - move demo/jvmti to the -devel package as it contains so files - enable the --short-circuit in %%install section - new alternatives - policytool and policytool.1.gz ------------------------------------------------------------------- Tue Feb 9 14:09:35 UTC 2010 - prusnak@suse.cz - enable noarch subpackages ------------------------------------------------------------------- Mon Nov 23 11:16:34 UTC 2009 - mvyskocil@suse.cz - Removed openjdk-6-src-b14-confluence-crash.patch from source dir ------------------------------------------------------------------- Tue Nov 10 13:38:20 UTC 2009 - mvyskocil@suse.cz - Fixed bnc#554069 - VUL-0: Icedtea6 1.6.2 released * a lot of security patches in icedtea6-1.6.2 * Improved jar performance, http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/b35f1e5075a4 - Obsoleted java-1.6.0-openjdk-makefile.patch ------------------------------------------------------------------- Wed Oct 14 11:29:03 UTC 2009 - mvyskocil@suse.cz - Fixed bnc#546468: openjdk fails on certificate creation applied upstream patch icedtea6-ecc-support-b387a64caa08.patch http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=356 - Moved back from npplugin, as its not mature http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=385#c5 ------------------------------------------------------------------- Thu Oct 8 14:26:40 UTC 2009 - mvyskocil@suse.cz - Use 1.6.0 instead of javamajver macro to supress percent in provides error. ------------------------------------------------------------------- Tue Sep 29 07:22:16 UTC 2009 - mvyskocil@suse.cz - fixed bnc#542545: added 32/64bit specific provides to be compatible with other JVM and OpenOffice.org ------------------------------------------------------------------- Thu Sep 10 13:23:08 UTC 2009 - mvyskocil@suse.cz - Updates: * icedtea6-1.6 - fixes bnc#537969 * hospot 09f7962b8b44 - patches changes: * added icedtea6-1.6-npplugin-xulrunner191.patch * added java-1.6.0-openjdk-sparc-fixes.patch (from Fedora) * added java-1.6.0-openjdk-sparc-hotspot.patch (from Fedora) * added icedtea6-1.6-no-return-in-nonvoid-function.patch (allows build on 11.1) * regenerated java-1.6.0-openjdk-java-access-bridge-security.patch * regenerated java-1.6.0-openjdk-makefile.patch * removed icedtead6-1.5-npplugin-xulrunner191.patch * removed java-1.6.0-openjdk-execvpe.patch * removed java-1.6.0-openjdk-netx.patch ------------------------------------------------------------------- Wed Aug 19 09:51:22 UTC 2009 - mvyskocil@suse.cz - Fixed bnc#530046 - jmap fails: NoSuchSymbolException: Could not find symbol "gHotSpotVMTypeEntryTypeNameOffset" keep non debug symbols in libjvm.so ------------------------------------------------------------------- Tue Aug 11 13:46:29 UTC 2009 - mvyskocil@suse.cz - Updates: * icedtea6-1.5.1 contains a lot of security fixes from Sun JDK6u15 This includes fixes for: * bnc#524505: Vulnerability in OpenJDK/NetX * bnc#514421: XML Signature weakness (HMAC truncation) - Fixed bnc#521512: lcms pointer dereference - Dropped some s390 patches, because they was obsoleted and not used - Fixed bnc#525097 - openjdk installs dead .desktop files * now removed *.desktop from %%files of openjdk ------------------------------------------------------------------- Wed Jul 29 13:28:38 CEST 2009 - mvyskocil@suse.cz - Updates: * icedtea-1.5 * visualvm-111 * hotspot 25a020f13592 - Fixed bnc#525097 - openjdk installs dead .desktop files - Remove archsuffix usage - patches changes: * added java-1.6.0-openjdk-accessible-toolkit.patch * added java-1.6.0-openjdk-netx.patch * added java-1.6.0-openjdk-execvpe.patch * added icedtead6-1.5-nppplugin-xulrunner191.patch * removed openjdk-6-src-b14-confluence-crash.patch * refreshed java-1.6.0-openjdk-makefile.patch - new features and fixes: * Fixed security handling to prevent access denials when there is a site specific exception in the policy file * Allow extentions (chrome) to run Java code with full permissions * Added non-trusted SSL support to WebStart (javaws) * Added proxy support * Other improvements that were breaking specific sites (tag parser fix, nested jar support, etc.) * Added JVM Console (used by http://chrispederick.com/work/web-developer/) * Many gervill, java2d, nio2, pulse java, zero/shark, jtreg fixes. * New IcedTeaNPPlugin ------------------------------------------------------------------- Thu Jun 11 11:12:19 CEST 2009 - mvyskocil@suse.cz - Merged fontfonfig for openjdk and Sun: * Use Sazanami Mincho for monospaced fonts * Added AWT X11 font paths ------------------------------------------------------------------- Mon May 25 15:33:03 CEST 2009 - mvyskocil@suse.cz - Enabled systemtap only for jit architectures only - Refreshed non-return-in-non-void ppc patch ------------------------------------------------------------------- Fri May 15 14:37:13 CEST 2009 - mvyskocil@suse.cz - 'used systemtap-sdt-devel (see bnc#503088)' ------------------------------------------------------------------- Thu May 14 09:21:59 CEST 2009 - mvyskocil@suse.cz - Change version system for openjdk, now it uses a %%{javaver}.%%{buildver}_%{{openjdkver} - Enabled systemtap support - Moved jpackage macro definitions upper in spec ------------------------------------------------------------------- Wed May 13 14:23:59 CEST 2009 - mvyskocil@suse.cz - updates: * openjdk b16 * icedtea snapshot cc658d9f4a64 * hotspot snapshot fc6a5ae3fef5 - new features: * systemtap support (not yet enabled in SUSE) * removed gcjwebplugin * fixed lcms breakage https://bugs.openjdk.java.net/show_bug.cgi?id=100050 * fixes in JNLP runtime * various improvements in support of third party VMs (shark, cacao, zero) - patches changes: * removed obsoleted pulseaudio patch * added openjdk-6-src-b16-no-return-in-nonvoid-function.patch - enabled tests - build using xulrunner 1.9.1 on 11.2 ------------------------------------------------------------------- Tue Apr 21 14:09:55 CEST 2009 - mvyskocil@suse.cz - fixed bnc#496378: openjdk has an empty keystore ------------------------------------------------------------------- Tue Apr 14 14:05:29 CEST 2009 - mvyskocil@suse.cz - fixed bnc#493146: pulse-java integer overflow ------------------------------------------------------------------- Tue Apr 7 16:54:34 CEST 2009 - mvyskocil@suse.cz - fixed bnc#492555: tomcat6 and confluence causes a JVM crash http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/039a914095f4 ------------------------------------------------------------------- Fri Apr 3 13:29:09 CEST 2009 - mvyskocil@suse.cz - icedtea 1.4.1: - Fixed version string: Set PRODUCT_NAME to OpenJDK, unless doing a CACAO build (set to IcedTea). - Plugin fixes: icedtead bug#264. - Re-implemented visualvm. ------------------------------------------------------------------- Mon Mar 2 09:55:53 CET 2009 - mvyskocil@suse.cz - fixed ppc/ppc64 build bnc#471829 comment#28 - added openjdk-6-src-b14-no-return-in-nonvoid-function-ppc.patch ------------------------------------------------------------------- Mon Feb 9 11:28:24 CET 2009 - mvyskocil@suse.cz - updates: * openjdk b14 (25_nov_2008) * icedtea 1.4 (-e34ba0ba2281) - new features: * IcedTeaPlugin is now default * PulseAudio integration * hotspot from jdk7 - new files included: * visualvm * jdk7 hotspot (-f9d938ede196) * mauve tests (but not used it) - patches changes: * added two new java access bridge patches (Fedora) * fix a no-return-in-nonvoid-function.patch (sened to icedtea) * obsoleted icedtea-jhat patch * obsoleted openjdk execstack - moved back to bz2 archives - removed a policy archives - used a %%{javaver} in top level dir (bnc#465624) - moved to the plugin alternative naming as a sun JVM has (libjavaplugin.so.z86_64 --> javaplugin) - added a documentation howto get a current source - moved the cacert generation to %%build section - clean up a %%prep (thanks to bz2 and cacerts move) - clean up the build process - add a blank line to %%install for better readability - install icons - carefull usage of fdupes - Added a fontconfig.SuSE.properties which uses a Dejavu (bnc#438674) - Fixed a desktop files installation - Fixed build on %%ix86: - added a undefined-operation patch - added a no-return-in-nonvoid-function-ix86 patch - Suppress some rpmlint warnings - Fixed a duplicates in javadocs ------------------------------------------------------------------- Fri Nov 21 16:38:23 CET 2008 - ro@suse.de - update check-build.sh ------------------------------------------------------------------- Mon Nov 3 09:16:27 CET 2008 - mvyskocil@suse.cz - Removed the explicit ulimit setup ------------------------------------------------------------------- Thu Oct 23 11:43:42 CEST 2008 - mvyskocil@suse.cz - Fix of some signed applets related bugs: bnc#430401, bnc#436915, bnc#396451 convert the certificates from openssl-certs package to standard Java Key store jre/lib/cacerts - Added a missing rhino requires (provides a Java/Javascript support) - Added a missing alternative symlink to javaws (Java Webstart) ------------------------------------------------------------------- Fri Sep 5 08:33:01 CEST 2008 - mvyskocil@suse.cz - merged spec file upstream one (from icedtea.classpath.org) for simpler maintenance in future - movement of some macro definitions on the begining of the spec file - added some missing macros (eg. icedteasnapshot and openjdkdate) - the sources are defined by these macros - changed the Group to Development/Languages/Java (from Libraries) - changed the URL to icedtea.classpath.org - removal of icedtea7 bootstrapping and leave the gcj and openjdk6 options - improved BuildRequires and Requires - one value per line (better diff output) - a new --with-openjdk-src-zip option to configure - updates - openjdk - version from 10_jul_2008 - icedtea - from b09 to b11 - java access bridge - from 1.22 to 1.23 - a new BuildRequire - rhino - changes in patches - the java-1.6.0-openjdk-optflags.patch was improved (thanks to Mandriva) - regenerated java-1.6.0-openjdk-makefile.patch and java-1.6.0-openjdk-jhat.patch with movement into %prep - new java-1.6.0-openjdk-java-access-bridge-tck.patch (from upstream) - increase a numbers of SUSE specific patches - removed java-enum_cell.patch, because it was obsoleted by new version of source codes ------------------------------------------------------------------- Wed Jul 30 15:40:12 CEST 2008 - ro@suse.de - extend provides list jre1.4.x jre1.5.x jre1.6.x ------------------------------------------------------------------- Tue Jul 29 00:07:05 CEST 2008 - ro@suse.de - fix build on i386 again (from gcc bug#36917) ------------------------------------------------------------------- Tue Jul 22 13:55:59 CEST 2008 - coolo@suse.de - build with xml-commons-api-bootstrap (ant complains, still works) ------------------------------------------------------------------- Tue Jul 22 11:01:05 CEST 2008 - coolo@suse.de - build with xerces-j2-bootstrap (misses jaxp_parser_impl, but ant still works) ------------------------------------------------------------------- Mon Jul 21 14:26:25 CEST 2008 - coolo@suse.de - avoid buildcycle between xulrunner and openjdk ------------------------------------------------------------------- Thu Jul 17 19:11:11 CEST 2008 - ro@suse.de - use openjdk for bootstrap on ppc64 just as on ppc - added provides for jre1.3.x needed by fop ------------------------------------------------------------------- Tue May 20 18:45:03 CEST 2008 - bk@suse.de - Complete migration of %{_jvmjardir}/%{sdklnk} to symlink (#bnc 392494) - un-lzma tarballs using lzma directly to support older rpmbuild's - add checks for the amount of virtual memory available for build ------------------------------------------------------------------- Sat May 17 17:08:43 CEST 2008 - aj@suse.de - Do not package %{_jvmjardir}/%{sdklnk}. ------------------------------------------------------------------- Wed May 14 16:59:02 CEST 2008 - mvyskocil@suse.cz - fix of [bnc#388578] - tomcat6 cannot get installed changed the definition of a %jvmjardir macro to %{_jvmjardir}/%{sdkdir} - increased an update-alternatives priority - added a new Requires to jpackage-utils ------------------------------------------------------------------- Fri May 9 09:42:33 CEST 2008 - aj@suse.de - Silence gcc warning about missing return value. ------------------------------------------------------------------- Fri May 9 07:17:42 CEST 2008 - adrian@suse.de - remove not needed mercurial from BuildRequires to reduce bootstrap loop ------------------------------------------------------------------- Wed Apr 30 09:25:30 CEST 2008 - adrian@suse.de - switch to openjdk-bootstrap for all %ix86 ------------------------------------------------------------------- Tue Apr 29 00:21:46 CEST 2008 - ro@suse.de - switch to openjdk-bootstrap for i386,ppc,x86_64 ------------------------------------------------------------------- Fri Apr 25 18:33:25 CEST 2008 - bk@suse.de - Fix build and add macros to make it easyer to build on SUSE 10.3 ------------------------------------------------------------------- Tue Apr 22 18:21:38 CEST 2008 - bk@suse.de - Initial version based on java-1_7_0-icedtea, but it's a lot smaller
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor