Change logs for openjdk-6 source package in Jessie

openjdk-6 (6b31-1.13.3-1) unstable; urgency=high


  * IcedTea 1.13.3 release.
  * Security fixes:
    - S8023046: Enhance splashscreen support.
    - S8025005: Enhance CORBA initializations.
    - S8025010, CVE-2014-2412: Enhance AWT contexts.
    - S8025030, CVE-2014-2414: Enhance stream handling.
    - S8025152, CVE-2014-0458: Enhance activation set up.
    - S8026067: Enhance signed jar verification.
    - S8026163, CVE-2014-2427: Enhance media provisioning.
    - S8026188, CVE-2014-2423: Enhance envelope factory.
    - S8026200: Enhance RowSet Factory.
    - S8026736, CVE-2014-2398: Enhance Javadoc pages.
    - S8026797, CVE-2014-0451: Enhance data transfers.
    - S8026801, CVE-2014-0452: Enhance endpoint addressing.
    - S8027766, CVE-2014-0453: Enhance RSA processing.
    - S8027775: Enhance ICU code.
    - S8027841, CVE-2014-0429: Enhance pixel manipulations.
    - S8028385: Enhance RowSet Factory.
    - S8029282, CVE-2014-2403: Enhance CharInfo set up.
    - S8029286: Enhance subject delegation.
    - S8029699: Update Poller demo.
    - S8029730: Improve audio device additions.
    - S8029735: Enhance service mgmt natives.
    - S8029740, CVE-2014-0446: Enhance handling of loggers.
    - S8029750: Enhance LCMS color processing.
    - S8029760, CVE-2014-0462: Enhance AWT image libraries.
    - S8029854, CVE-2014-2421: Enhance JPEG decodings.
    - S8029858, CVE-2014-0456: Enhance array copies.
    - S8030731, CVE-2014-0460: Improve name service robustness.
    - S8031330: Refactor ObjectFactory.
    - S8031335, CVE-2014-0459: Better color profiling (LCMS 2 only).
    - S8031352, CVE-2014-2405: Enhance PNG handling.
    - S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader.
    - S8031395: Enhance LDAP processing.
    - S8033618, CVE-2014-1876: Correct logging output.
    - S8034926, CVE-2014-2397: Attribute classes properly.
    - S8036794, CVE-2014-0461: Manage JavaScript instances.

 -- Matthias Klose <email address hidden>  Wed, 16 Apr 2014 05:19:54 +0200

openjdk-6 (6b30-1.13.2-2) unstable; urgency=medium


  * Explicitly build-depend on libkrb5-dev.

 -- Matthias Klose <email address hidden>  Tue, 01 Apr 2014 09:23:40 +0200

openjdk-6 (6b30-1.13.1-1) unstable; urgency=medium


  * IcedTea 1.13.1 release.
  * Security fixes
    - S6727821: Enhance JAAS Configuration.
    - S7068126, CVE-2014-0373: Enhance SNMP statuses.
    - S8010935: Better XML handling.
    - S8011786, CVE-2014-0368: Better applet networking.
    - S8021257, CVE-2013-5896: com.sun.corba.se.** should be on
      restricted package list.
    - S8021271: Better buffering in ObjC code.
    - S8022904: Enhance JDBC Parsers.
    - S8022927: Input validation for byte/endian conversions.
    - S8022935: Enhance Apache resolver classes.
    - S8022945: Enhance JNDI implementation classes.
    - S8023057: Enhance start up image display.
    - S8023069, CVE-2014-0411: Enhance TLS connections.
    - S8023245, CVE-2014-0423: Enhance Beans decoding.
    - S8023301: Enhance generic classes.
    - S8023672: Enhance jar file validation.
    - S8024306, CVE-2014-0416: Enhance Subject consistency.
    - S8024530: Enhance font process resilience.
    - S8024867: Enhance logging start up.
    - S8025014: Enhance Security Policy.
    - S8025018, CVE-2014-0376: Enhance JAX-P set up.
    - S8025026, CVE-2013-5878: Enhance canonicalization.
    - S8025034, CVE-2013-5907: Improve layout lookups.
    - S8025448: Enhance listening events.
    - S8025758, CVE-2014-0422: Enhance Naming management.
    - S8025767, CVE-2014-0428: Enhance IIOP Streams.
    - S8026172: Enhance UI Management.
    - S8026176: Enhance document printing.
    - S8026193, CVE-2013-5884: Enhance CORBA stub factories.
    - S8026204: Enhance auth login contexts.
    - S8026417, CVE-2013-5910: Enhance XML canonicalization.
    - S8027201, CVE-2014-0376: Enhance JAX-P set up.

 -- Matthias Klose <email address hidden>  Fri, 31 Jan 2014 15:49:18 +0000

openjdk-6 (6b29-1.13.0-2) unstable; urgency=medium


  * Fix the sparc builds.

 -- Matthias Klose <email address hidden>  Mon, 30 Dec 2013 17:23:34 +0100

openjdk-6 (6b27-1.12.7-2) unstable; urgency=low


  * Fix build failure on arm*.
  * Re-enable running the testsuite.

 -- Matthias Klose <email address hidden>  Fri, 22 Nov 2013 16:45:09 +0100

openjdk-6 (6b27-1.12.5-2) unstable; urgency=low


  * Fix -source dependency on -jre to be binNMU safe.

 -- Matthias Klose <email address hidden>  Fri, 17 May 2013 21:53:13 +0200

openjdk-6 (6b27-1.12.5-1) unstable; urgency=low


  * IcedTea 1.12.5 release.
  * Security fixes:
    - S6657673, CVE-2013-1518: Issues with JAXP.
    - S7200507: Refactor Introspector internals.
    - S8000724, CVE-2013-2417: Improve networking serialization.
    - S8001031, CVE-2013-2419: Better font processing.
    - S8001040, CVE-2013-1537: Rework RMI model.
    - S8001322: Refactor deserialization.
    - S8001329, CVE-2013-1557: Augment RMI logging.
    - S8003335: Better handling of Finalizer thread.
    - S8003445: Adjust JAX-WS to focus on API.
    - S8003543, CVE-2013-2415: Improve processing of MTOM attachments.
    - S8004261: Improve input validation.
    - S8004336, CVE-2013-2431: Better handling of method handle
      intrinsic frames.
    - S8004986, CVE-2013-2383: Better handling of glyph table.
    - S8004987, CVE-2013-2384: Improve font layout.
    - S8004994, CVE-2013-1569: Improve checking of glyph table.
    - S8005432: Update access to JAX-WS.
    - S8005943: (process) Improved Runtime.exec.
    - S8006309: More reliable control panel operation.
    - S8006435, CVE-2013-2424: Improvements in JMX.
    - S8006790: Improve checking for windows.
    - S8006795: Improve font warning messages.
    - S8007406: Improve accessibility of AccessBridge.
    - S8007617, CVE-2013-2420: Better validation of images.
    - S8007667, CVE-2013-2430: Better image reading.
    - S8007918, CVE-2013-2429: Better image writing.
    - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap.
    - S8009305, CVE-2013-0401: Improve AWT data transfer.
    - S8009699, CVE-2013-2421: Methodhandle lookup.
    - S8009814, CVE-2013-1488: Better driver management.
    - S8009857, CVE-2013-2422: Problem with plugin.
    - RH952389: Temporary files created with insecure permissions.
  * Backports;
    - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle
      > 32 bit shifts
    - S7036559: ConcurrentHashMap footprint and contention improvements.
    - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom
      BeanInfo: Class param (with WeakCache from S6397609).
    - S6501644: Sync LayoutEngine *code* structure to match ICU.
    - S6886358: Layout code update.
    - S6963811: Deadlock-prone locking changes in Introspector.
    - S7017324: Kerning crash in JDK 7 since ICU layout update.
    - S7064279: Introspector.getBeanInfo() should release some resources
      in timely manner.
    - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01.
    - S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial
      for S6657673).
    - S8009530: ICU Kern table support broken.
  * Bug fixes:
    - OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906).
    - PR1362: Fedora 19 / rawhide FTBFS SIGILL.
    - PR1338: Remove dependency on libXp.
    - PR1339: Simplify the rhino class rewriter to avoid use of concurrency.
    - PR1319: Correct #ifdef to #if
    - Give xalan/xerces access to their own internal packages.

 -- Matthias Klose <email address hidden>  Thu, 25 Apr 2013 13:04:27 +0200