Bug#701132: unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#701132: unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1
From: Matthias Klose <doko@ubuntu.com>
Date: Fri, 22 Feb 2013 00:14:40 +0100
Message-id: <5126AA60.5080004@ubuntu.com>
Reply-to: Matthias Klose <doko@ubuntu.com>, 701132@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

please unblock openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1. The openjdk-7
uploads includes two batches of security issues from Feb 2013.  The package
stops building for mips and mipsel to have an option to update to a more recent
openjdk-7 version (which fails to build on mipsen since mid 2012). icedtea-web
was updated not to build for mipsen anymore, and octave-java needs removal of
binary packages (#701090, #701122).

icedtea-web (1.3.1-3) unstable; urgency=low

   * Team upload.
   * Remove mips and mipsel from architectures.  (Closes: #701091)

openjdk-7 (7u3-2.1.6-1) unstable; urgency=high

  * IcedTea7 2.1.5 release:
  * Security fixes:
    - S6563318, CVE-2013-0424: RMI data sanitization.
    - S6664509, CVE-2013-0425: Add logging context.
    - S6664528, CVE-2013-0426: Find log level matching its name or value
      given at construction time.
    - S6776941: CVE-2013-0427: Improve thread pool shutdown.
    - S7141694, CVE-2013-0429: Improving CORBA internals.
    - S7173145: Improve in-memory representation of splashscreens.
    - S7186945: Unpack200 improvement.
    - S7186946: Refine unpacker resource usage.
    - S7186948: Improve Swing data validation.
    - S7186952, CVE-2013-0432: Improve clipboard access.
    - S7186954: Improve connection performance.
    - S7186957: Improve Pack200 data validation.
    - S7192392, CVE-2013-0443: Better validation of client keys.
    - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages.
    - S7192977, CVE-2013-0442: Issue in toolkit thread.
    - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective
      proxies.
    - S7200491: Tighten up JTable layout code.
    - S7200493, CVE-2013-0444: Improve cache handling.
    - S7200499: Better data validation for options.
    - S7200500: Launcher better input validation.
    - S7201064: Better dialogue checking.
    - S7201066, CVE-2013-0441: Change modifiers on unused fields.
    - S7201068, CVE-2013-0435: Better handling of UI elements.
    - S7201070: Serialization to conform to protocol.
    - S7201071, CVE-2013-0433: InetSocketAddress serialization issue.
    - S8000210: Improve JarFile code quality.
    - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class.
    - S8000539, CVE-2013-0431: Introspect JMX data handling.
    - S8000540, CVE-2013-1475: Improve IIOP type reuse management.
    - S8000631, CVE-2013-1476: Restrict access to class constructor.
    - S8001235, CVE-2013-0434: Improve JAXP HTTP handling.
    - S8001242: Improve RMI HTTP conformance.
    - S8001307: Modify ACC_SUPER behavior.
    - S8001972, CVE-2013-1478: Improve image processing.
    - S8002325, CVE-2013-1480: Improve management of images.
  * Backports:
    - S7054590: (JSR-292) MethodHandleProxies.asInterfaceInstance()
      accepts private/protected nested interfaces.
    - S7175616: Port fix for TimeZone from JDK 8 to JDK 7.
    - S8002068: Build broken: corba code changes unable to use new
      JDK 7 classes.
    - S8004341: Two JCK tests fails with 7u11 b06.
    - S8005615: Java Logger fails to load tomcat logger implementation (JULI).
  * IcedTea7 2.1.6 release:
    * Security fixes:
    - S8004937, CVE-2013-1484: Improve proxy construction.
    - S8006439, CVE-2013-1485: Improve MethodHandles coverage.
    - S8006446, CVE-2013-1486: Restrict MBeanServer access.
    - S8006777, CVE-2013-0169: Improve TLS handling of invalid messages.
    - S8007688: Blacklist known bad certificate.
  * Backports:
    - S7123519: problems with certification path.
    - S8007393: Possible race condition after JDK-6664509.
    - S8007611: logging behavior in applet changed.
  * Fix font suggestion for indic fonts in wheezy.
  * Fix fontconfig definitions for japanese and korean fonts, fixing
    compilation of the fontconfig file.
  * Add Built-Using: rhino attribute for the -lib package.
  * Don't use concurrent features to rewrite the rhino jar file.
  * Enable class data sharing for the hotspot server VM.
  * Enable bootstrap builds for alpha.
  * Explicitly disable building on mips/mipsel.  Not supported by the
    Debian OpenJDK maintainers, the Debian mips porters, or the Debian
    Java team.

openjdk-7 (7u3-2.1.4-1) unstable; urgency=low

  * IcedTea7 2.1.4 release.
  * Security fixes
    - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries
    - S8006017, CVE-2013-0422: Improve lookup resolutions
    - S8006125: Update MethodHandles library interactions
  * Loosen OpenGL dependency. Closes: #695028.
  * Fix error parsing drop files parameter from pcmanfm (Alberto Fernández
    Martínez). Closes: #695992.

Reply to:

Follow-Ups:
- Bug#701132: marked as done (unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#701130: unblock: pygobject/3.2.2-2
Next by Date: Bug#701098: pre-approval unblock: ruby-rack/1.4.1-2.1
Previous by thread: Bug#701130: marked as done (unblock: pygobject/3.2.2-2)
Next by thread: Bug#701132: marked as done (unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1)
Index(es):
- Date
- Thread