[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-9.b14.fc10
updates at fedoraproject.org
updates at fedoraproject.org
Thu Feb 5 02:24:06 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1373
2009-02-05 01:18:26
--------------------------------------------------------------------------------
Name : java-1.6.0-openjdk
Product : Fedora 10
Version : 1.6.0.0
Release : 9.b14.fc10
URL : http://icedtea.classpath.org/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.
--------------------------------------------------------------------------------
Update Information:
This fixes a default security policy, that allowed unsigned applets to access
the gnome-java-bridge, allowing a privilege escalation (#474431). There are
also several bug fixes included in this update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Updated sources.
* Fri Jan 23 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Added accessibility patch.
* Thu Jan 22 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Updated to icedtea-1.4 snapshot.
- Updated release.
- Removed netbeans and visualvm.
- Added hotspot source.
- Added --with-hotspot-src-zip build option.
- Set runtests to 1.
- Updated jtreg log.
- Updated openjdkver.
- Updated openjdkdate.
- Added new patch to add GNOME to java.security.
- Resolves: rhbz#472953
- Resolves: rhbz#475081
- Resolves: rhbz#452573
- Resolves: rhbz#474431
- Resolves: rhbz#474503
- Resolves: rhbz#472862
- Resolves: rhbz#477351
- Resolves: rhbz#475109
- Resolves: rhbz#476462
* Sun Jan 11 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-8.b12
- Removed README.plugin, updated source list.
- Updated release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL
https://bugzilla.redhat.com/show_bug.cgi?id=476462
[ 2 ] Bug #452573 - Bad window size calculation after using pack()
https://bugzilla.redhat.com/show_bug.cgi?id=452573
[ 3 ] Bug #475109 - NullPointerException when launching JNLP file
https://bugzilla.redhat.com/show_bug.cgi?id=475109
[ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path
https://bugzilla.redhat.com/show_bug.cgi?id=472953
[ 5 ] Bug #475081 - Komercni banka's online banking does not work
https://bugzilla.redhat.com/show_bug.cgi?id=475081
[ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge
https://bugzilla.redhat.com/show_bug.cgi?id=474431
[ 7 ] Bug #474503 - RFE: Update HotSpot
https://bugzilla.redhat.com/show_bug.cgi?id=474503
[ 8 ] Bug #472862 - Run tests and include jtreg-check summary
https://bugzilla.redhat.com/show_bug.cgi?id=472862
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update java-1.6.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list