Ubuntu
openjdk-6 package

openjdk-6 6b41-1.13.13-0ubuntu0.12.04.1 source package in Ubuntu

Changelog

openjdk-6 (6b41-1.13.13-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Backport to Ubuntu 12.04.

openjdk-6 (6b41-1.13.13-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * IcedTea 1.13.12 release.
  * Security fixes backported from 8u121:
    - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various
      extraneous bytes added to them whereas the signature is supposed to be
      unique.
    - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt
      sections to be 2^32-1 bytes long so these should not be uncompressed
      unless the user explicitly requests it.
    - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may
      leak information about k.
    - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to
      deserialize responses from an LDAP server when an LDAP context is
      expected.
    - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how
      users or external applications would interpret them leading to possible
      security issues.
    - S8164147, CVE-2017-3261: An integer overflow exists in
      SocketOutputStream which can lead to memorydisclosure.
    - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will
      dispatch HTTP GET requests where the invoker does not have permission.
    - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when
      long running sessions are allowed.
    - S8165344, CVE-2017-3272: A protected field can be leveraged into type
      confusion.
    - S8156802, CVE-2017-3241: RMI deserialization should limit the types
      deserialized to prevent attacks that could escape the sandbox.
  * debian/patches/it-add-cpp-flags.patch: refreshed.
  * debian/patches/it-jamvm-2.0.0.patch: refreshed.
  * debian/patches/it-emacs-mode.patch: refreshed.
  * debian/patches/hotspot-disable-arm32-jit.diff: removed, ARM32 JIT is now
    disabled by default on icedtea.
  * debian/patches/zero-missing-headers.diff: removed, fix applied upstream.
  * debian/repack: fix jamvm url.

 -- Tiago Stürmer Daitx <email address hidden>  Tue, 14 Feb 2017 02:28:16 +0000

Upload details

Uploaded by:
Tiago Stürmer Daitx
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates main devel
Precise security main devel

Downloads

File Size SHA-256 Checksum
openjdk-6_6b41-1.13.13.orig.tar.xz 41.9 MiB eaacfb58d328522f4e51b7a54462fcf571919f18008836d833a372bd9e1dfab0
openjdk-6_6b41-1.13.13-0ubuntu0.12.04.1.debian.tar.xz 167.5 KiB 2a2023489e09661ed7925b984263bb9cee016b9060142b4a638eb2ab1f649659
openjdk-6_6b41-1.13.13-0ubuntu0.12.04.1.dsc 3.8 KiB 2943c4426c84598079457e97e921850abb27b35cc9281f7bd8e8f951615b107b

View changes file

Binary packages built by this source

icedtea-6-jre-cacao: Alternative JVM for OpenJDK, using Cacao

 The package provides an alternative runtime using the Cacao VM and the
 Cacao Just In Time Compiler (JIT). This is a somewhat faster alternative
 than the Zero port on architectures like alpha, armel, m68k, mips, mipsel,
 powerpc and s390.
 .
 The VM is started with the option `-cacao'. See the README.Debian for details.

icedtea-6-jre-jamvm: Alternative JVM for OpenJDK, using JamVM

 The package provides an alternative runtime using the JamVM. This is a
 somewhat faster alternative than the Zero port on architectures like armel,
 mips, mipsel, powerpc.
 .
 The VM is started with the option `-jamvm'. See the README.Debian for details.

openjdk-6-dbg: Java runtime based on OpenJDK (debugging symbols)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the debugging symbols.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-demo: Java runtime based on OpenJDK (demos and examples)

 OpenJDK Java runtime
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-doc: OpenJDK Development Kit (JDK) documentation

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the API documentation.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jdk: OpenJDK Development Kit (JDK)

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre: OpenJDK Java runtime, using Hotspot Zero

 Full Java runtime environment - needed for executing Java GUI and Webstart
 programs, using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-headless: OpenJDK Java runtime, using Hotspot Zero (headless)

 Minimal Java runtime - needed for executing non GUI Java programs,
 using Hotspot Zero.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-lib: OpenJDK Java runtime (architecture independent libraries)

 OpenJDK Java runtime, using Hotspot JIT.
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.

openjdk-6-jre-zero: Alternative JVM for OpenJDK, using Zero/Shark

 The package provides an alternative runtime using the Zero VM and the
 Shark Just In Time Compiler (JIT). Built on architectures in addition
 to the Hotspot VM as a debugging aid for those architectures which don't
 have a Hotspot VM.
 .
 The VM is started with the option `-zero'. See the README.Debian for details.

openjdk-6-source: OpenJDK Development Kit (JDK) source files

 OpenJDK is a development environment for building applications,
 applets, and components using the Java programming language.
 .
 This package contains the Java programming language source files
 (src.zip) for all classes that make up the Java core API.
 .
 The packages are built using the IcedTea build support and patches
 from the IcedTea project.