[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#706480: marked as done (unblock: openjdk-6/6b27-1.12.5-1 and openjdk-7/7u21-2.3.9-3)

Your message dated Tue, 30 Apr 2013 20:40:39 +0100
with message-id <1367350839.18698.8.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#706480: unblock: openjdk-6/6b27-1.12.5-1 and openjdk-7/7u21-2.3.9-3
has caused the Debian Bug report #706480,
regarding unblock: openjdk-6/6b27-1.12.5-1 and openjdk-7/7u21-2.3.9-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
706480: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706480
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: important
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock openjdk-6/6b27-1.12.5-1 and openjdk-7/7u21-2.3.9-3, integrating
the last security updates into IcedTea 1.12.x and 2.3.x.

7u3-2.1.7-1 did still build the cacao VM, which is now disabled, and replaced by
a transitional package. the cacao VM for openjdk-7 currently is not as stable as
the one for openjdk-6, and trying to re-enable it caused build failures on i386
and s390.  The changelogs are attached.

  Matthias

openjdk-7 (7u21-2.3.9-3) unstable; urgency=high

  * Disable the cacao build again, causing build failures on i386 and s390.
  * Build a transitional cacao jre package instead.

openjdk-7 (7u21-2.3.9-2) unstable; urgency=high

  * On ia64, use gcj-4.7 for the bootstrap build.
  * Drop the cacao jre from recommends to suggests.
  * Re-enable cacao, was enabled in the 2.1.x series.

openjdk-7 (7u21-2.3.9-1) unstable; urgency=high

  * IcedTea7 2.3.9 release.
  * Security fixes:
    - S6657673, CVE-2013-1518: Issues with JAXP.
    - S7200507: Refactor Introspector internals.
    - S8000724, CVE-2013-2417: Improve networking serialization.
    - S8001031, CVE-2013-2419: Better font processing.
    - S8001040, CVE-2013-1537: Rework RMI model.
    - S8001322: Refactor deserialization.
    - S8001329, CVE-2013-1557: Augment RMI logging.
    - S8003335: Better handling of Finalizer thread.
    - S8003445: Adjust JAX-WS to focus on API.
    - S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
    - S8004261: Improve input validation.
    - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames.
    - S8004986, CVE-2013-2383: Better handling of glyph table.
    - S8004987, CVE-2013-2384: Improve font layout.
    - S8004994, CVE-2013-1569: Improve checking of glyph table.
    - S8005432: Update access to JAX-WS.
    - S8005943: (process) Improved Runtime.exec.
    - S8006309: More reliable control panel operation.
    - S8006435, CVE-2013-2424: Improvements in JMX.
    - S8006790: Improve checking for windows.
    - S8006795: Improve font warning messages.
    - S8007406: Improve accessibility of AccessBridge.
    - S8007617, CVE-2013-2420: Better validation of images.
    - S8007667, CVE-2013-2430: Better image reading.
    - S8007918, CVE-2013-2429: Better image writing.
    - S8008140: Better method handle resolution.
    - S8009049, CVE-2013-2436: Better method handle binding.
    - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
    - S8009305, CVE-2013-0401: Improve AWT data transfer.
    - S8009677, CVE-2013-2423: Better setting of setters.
    - S8009699, CVE-2013-2421: Methodhandle lookup.
    - S8009814, CVE-2013-1488: Better driver management.
    - S8009857, CVE-2013-2422: Problem with plugin.
  * Backports:
    - S7130662: GTK file dialog crashes with a NPE.
  * Bug fixes
    - PR1363: Fedora 19 / rawhide FTBFS SIGILL.
    - PR1401: Fix Zero build on 2.3.8.
    - Fix offset problem in ICU LETableReference.
    - Change -Werror fix to preserve OpenJDK default.
    - PR1303: Correct #ifdef to #if.
    - PR1404: Failure to bootstrap with ecj 4.2.


openjdk-6 (6b27-1.12.5-1) unstable; urgency=low

  * IcedTea 1.12.5 release.
  * Security fixes:
    - S6657673, CVE-2013-1518: Issues with JAXP.
    - S7200507: Refactor Introspector internals.
    - S8000724, CVE-2013-2417: Improve networking serialization.
    - S8001031, CVE-2013-2419: Better font processing.
    - S8001040, CVE-2013-1537: Rework RMI model.
    - S8001322: Refactor deserialization.
    - S8001329, CVE-2013-1557: Augment RMI logging.
    - S8003335: Better handling of Finalizer thread.
    - S8003445: Adjust JAX-WS to focus on API.
    - S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
    - S8004261: Improve input validation.
    - S8004336, CVE-2013-2431: Better handling of method handle
      intrinsic frames.
    - S8004986, CVE-2013-2383: Better handling of glyph table.
    - S8004987, CVE-2013-2384: Improve font layout.
    - S8004994, CVE-2013-1569: Improve checking of glyph table.
    - S8005432: Update access to JAX-WS.
    - S8005943: (process) Improved Runtime.exec.
    - S8006309: More reliable control panel operation.
    - S8006435, CVE-2013-2424: Improvements in JMX.
    - S8006790: Improve checking for windows.
    - S8006795: Improve font warning messages.
    - S8007406: Improve accessibility of AccessBridge.
    - S8007617, CVE-2013-2420: Better validation of images.
    - S8007667, CVE-2013-2430: Better image reading.
    - S8007918, CVE-2013-2429: Better image writing.
    - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
    - S8009305, CVE-2013-0401: Improve AWT data transfer.
    - S8009699, CVE-2013-2421: Methodhandle lookup.
    - S8009814, CVE-2013-1488: Better driver management.
    - S8009857, CVE-2013-2422: Problem with plugin.
    - RH952389: Temporary files created with insecure permissions.
  * Backports;
    - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle
      > 32 bit shifts
    - S7036559: ConcurrentHashMap footprint and contention improvements.
    - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom
      BeanInfo: Class param (with WeakCache from S6397609).
    - S6501644: Sync LayoutEngine *code* structure to match ICU.
    - S6886358: Layout code update.
    - S6963811: Deadlock-prone locking changes in Introspector.
    - S7017324: Kerning crash in JDK 7 since ICU layout update.
    - S7064279: Introspector.getBeanInfo() should release some resources
      in timely manner.
    - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01.
    - S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial
      for S6657673).
    - S8009530: ICU Kern table support broken.
  * Bug fixes:
    - OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906).
    - PR1362: Fedora 19 / rawhide FTBFS SIGILL.
    - PR1338: Remove dependency on libXp.
    - PR1339: Simplify the rhino class rewriter to avoid use of concurrency.
    - PR1319: Correct #ifdef to #if
    - Give xalan/xerces access to their own internal packages.

--- End Message ---
--- Begin Message --- 
On Tue, 2013-04-30 at 18:48 +0200, Matthias Klose wrote:
> Please unblock openjdk-6/6b27-1.12.5-1 and openjdk-7/7u21-2.3.9-3, integrating
> the last security updates into IcedTea 1.12.x and 2.3.x.

Done.

Regards,

Adam

--- End Message ---
Reply to: