[SECURITY] IcedTea6 1.7.6, 1.8.3, 1.9.2 Released!
Dr Andrew John Hughes
ahughes at redhat.com
Wed Nov 24 06:15:50 PST 2010
We are pleased to announce a new set of security releases, IcedTea6 1.7.6, IcedTea6 1.8.3
and IcedTea6 1.9.2.
This update contains the following security updates:
* RH645843, CVE-2010-3860: IcedTea System property information leak via public static
The IcedTea project provides a harness to build the source code from
OpenJDK6 using Free Software build tools. It also includes the only
Free Java plugin and Web Start implementation, and support for
additional architectures over and above x86, x86_64 and SPARC via the
Zero assembler port.
What’s New?
—————–
IcedTea6 1.7.6
==============
* Allow the building of NetX to be disabled.
* Security updates
- RH645843, CVE-2010-3860: IcedTea System property information leak via public static
* Backports
- S6853592: VM test nsk.regression.b4261880 fails with "X Error of failed request: BadWindow"
inconsistently.
* NetX
- Do not prompt user multiple times for the same certificate.
- PR592: NetX can create invalid desktop entry files
IcedTea6 1.8.3
==============
* Allow the building of NetX to be disabled.
* Security updates
- RH645843, CVE-2010-3860: IcedTea System property information leak via public static
* Backports
- S6853592: VM test nsk.regression.b4261880 fails with "X Error of failed request: BadWindow"
inconsistently.
* NetX
- Do not prompt user multiple times for the same certificate.
- PR592: NetX can create invalid desktop entry files
IcedTea6 1.9.2
==============
* Upgrade to latest revision of hs19 (b09).
* Allow the building of NetX to be disabled.
* Additional S390 size_t fixes.
* Switch to the IcedTea server for JAXP, JAF and JAXWS tarballs.
* Security updates
- RH645843, CVE-2010-3860: IcedTea System property information leak via public static
* Backports
- S6622432: RFE: Performance improvements to java.math.BigDecimal
- S6850606: Regression from JDK 1.6.0_12
- S6876282: BigDecimal's divide(BigDecimal bd, RoundingFormat r) produces incorrect result
- S6991430, PR579: Zero PowerPC fix.
- S6703377: freetype: glyph vector outline is not translated correctly
- S6853592: VM test nsk.regression.b4261880 fails with "X Error of failed request: BadWindow"
inconsistently.
* Bug fixes
- RH647737: Disable compressed oops in hs19 to avoid Eclipse failures.
- RH643674: Update fontconfig files for Fedora 11, 12, 13 and 14.
* NetX
- Do not prompt user multiple times for the same certificate.
- PR592: NetX can create invalid desktop entry files
The tarballs can be downloaded from:
* http://icedtea.classpath.org/download/source/icedtea6-1.7.6.tar.gz
* http://icedtea.classpath.org/download/source/icedtea6-1.8.3.tar.gz
* http://icedtea.classpath.org/download/source/icedtea6-1.9.2.tar.gz
SHA256 sums:
b28c8bd39d9bd8a28efaaa38280288a3faa6bec0d756323c0555ad3d8c5d77f5 icedtea6-1.7.6.tar.gz
d65a16345e8f6a702e5db1efbe02d0c41b565d4d1afce2d011169588fe8aa6ad icedtea6-1.8.3.tar.gz
abed4d2258fd6f047b08926fa9dbde86bdf7f47b08c82c195abb7244163cf99b icedtea6-1.9.2.tar.gz
The following people helped with these releases:
Deepak Bhole, Dan Horák, Andrew John Hughes, Matthias Klose, Omair
Majid, Pavel Tisnovsky, Jiri Vanek
We would also like to thank the bug reporters and testers!
To get started:
$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>
Full build requirements and instructions are in INSTALL:
$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint = F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the distro-pkg-dev
mailing list