[java-1.6.0-openjdk/f14] updated to icedtea 1.9.10

jiri vanek jvanek at fedoraproject.org
Tue Oct 18 16:55:22 UTC 2011 

commit c9963c269f222f9eac1ad60c03bae0082e7f292e
Author: Jiri Vanek <jvanek at jvanek.redhat>
Date:   Tue Oct 18 18:56:39 2011 +0200

    updated to icedtea 1.9.10

 java-1.6.0-openjdk.spec |   21 +++++++++++++++++++--
 sources                 |    2 +-
 2 files changed, 20 insertions(+), 3 deletions(-)
---
diff --git a/java-1.6.0-openjdk.spec b/java-1.6.0-openjdk.spec
index 8fc2966..0750d9b 100644
--- a/java-1.6.0-openjdk.spec
+++ b/java-1.6.0-openjdk.spec
@@ -6,7 +6,7 @@
 # If runtests is 0 test suites will not be run.
 %define runtests 0
 
-%define icedteaver 1.9.9
+%define icedteaver 1.9.10
 %define icedteasnapshot %{nil}
 %define openjdkver b20
 %define openjdkdate 21_jun_2010
@@ -147,7 +147,7 @@
 
 Name:    java-%{javaver}-%{origin}
 Version: %{javaver}.%{buildver}
-Release: 54.%{icedteaver}%{?dist}
+Release: 55.%{icedteaver}%{?dist}
 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
 # and this change was brought into RHEL-4.  java-1.5.0-ibm packages
 # also included the epoch in their virtual provides.  This created a
@@ -962,6 +962,23 @@ exit 0
 
 
 %changelog
+* Thu Oct 13 2011 Jiri Vanek <jvanek at redhat.com> - 1:1.6.0.01:1.6.0.0-55.1.9.10
+ Security fixes
+  - S7000600, CVE-2011-3547: InputStream skip() information leak
+  - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
+  - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow
+  - S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager
+  - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine
+  - S7055902, CVE-2011-3521: IIOP deserialization code execution
+  - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks
+  - S7064341, CVE-2011-3389: JSSE
+  - S7070134, CVE-2011-3558: Hotspot unspecified issue
+  - S7077466, CVE-2011-3556: RMI DGC server remote code execution
+  - S7083012, CVE-2011-3557: RMI registry privileged code execution
+  - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection
+ NetX
+  - PR794: javaws does not work if a Web Start app jar has a Class-Path element in the manifest
+
 * Wed Jul 20 2011 Jiri Vanek <jvanek at redhat.com> - 1:1.6.0.01:1.6.0.0-54.1.9.8
 - PR744: icedtea6-1.10.2 : patching error
 - PR748: Icedtea6 fails to build with Linux 3.0.
diff --git a/sources b/sources
index c0f0abe..b04feef 100644
--- a/sources
+++ b/sources
@@ -6,4 +6,4 @@ bc95c133620bd68c161cac9891592901  jdk6-jaf-b20.zip
 7a0c160c03012cd40957a7a112e25038  mauve_tests
 a9cdc5f050eb6e97c1b15ddd39978710  mauve-2008-10-22.tar.gz
 843c656e5f891d9f5ebe1d530be4ce73  openjdk-6-src-b20-21_jun_2010-fedora.tar.gz
-540f4b0b00d44acd5f6af9793ae96703  icedtea6-1.9.9.tar.gz
+3024919fdbb5bd1f4a2472a28716b77c  icedtea6-1.9.10.tar.gz

More information about the scm-commits mailing list