Changelog
openjdk-6 (6b11-9.1) unstable; urgency=low
* Non-maintainer upload.
* add debian/patches/nonreparenting-wm.diff:
if _JAVA_AWT_WM_NONREPARENTING environment variable is set,
disable all workarounds causing blank windows in non-reparentizing
window managers. (Works-around: 508650)
* added patches from http://icedtea.classpath.org/hg/icedtea6 revision 1232:
patches/icedtea-4486841.patch fixes CVE-2008-5351:
UTF-8 decoder accepts non-shortest form sequences,
patches/icedtea-6484091.patch fixes CVE-2008-5350:
allows to list files within the user home directory,
patches/icedtea-6497740.patch fixes CVE-2008-5349:
RSA public key length denial-of-service,
patches/icedtea-6588160.patch fixes CVE-2008-5348:
Denial-Of-Service in kerberos authentication,
patches/icedtea-6592792.patch fixes CVE-2008-5347:
applet privilege escalation via JAX package access,
patches/icedtea-6721753.patch fixes CVE-2008-5360:
temporary files have guessable file names,
patches/icedtea-6726779.patch fixes CVE-2008-5359:
Buffer overflow in image processing,
patches/icedtea-6733959.patch fixes CVE-2008-5354:
Privilege escalation in command line applications,
patches/icedtea-6734167.patch fixes CVE-2008-5353:
calender object deserialization allows privilege escalation,
patches/icedtea-6755943.patch fixes CVE-2008-5352:
Jar200 Decompression buffer overflow,
patches/icedtea-6766136.patch fixes CVE-2008-5358:
Buffer Overflow in GIF image processing.
(Closes: 510972)
* add debian/patches/donotdelete.diff:
fix MultipleJRE.sh to remove the link in the error-path, otherwise
the test-suite removes the whole build/*/j2sdk-image directory on error.
-- Bernhard R. Link <email address hidden> Wed, 14 Jan 2009 10:44:14 +0100
