/hg/icedtea6: Update NEWS with new releases: 1.7.9, 1.7.10, 1.8....

andrew at icedtea.classpath.org andrew at icedtea.classpath.org
Wed Feb 16 08:51:19 PST 2011 

changeset b58a717c532c in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=b58a717c532c
author: Andrew John Hughes <ahughes at redhat.com>
date: Wed Feb 16 16:51:12 2011 +0000

	Update NEWS with new releases: 1.7.9, 1.7.10, 1.8.6, 1.8.7, 1.9.6,
	1.9.7.

	2011-02-16 Andrew John Hughes <ahughes at redhat.com>

	 * NEWS: Include new releases: 1.7.9, 1.7.10, 1.8.6,
	1.8.7, 1.9.6, 1.9.7.


diffstat:

2 files changed, 65 insertions(+), 10 deletions(-)
ChangeLog |    5 ++++
NEWS      |   70 ++++++++++++++++++++++++++++++++++++++++++++++++++++---------

diffs (100 lines):

diff -r 3f592b76892a -r b58a717c532c ChangeLog
--- a/ChangeLog	Wed Feb 16 14:52:54 2011 +0000
+++ b/ChangeLog	Wed Feb 16 16:51:12 2011 +0000
@@ -1,3 +1,8 @@ 2011-02-11  Andrew John Hughes  <ahughes
+2011-02-16  Andrew John Hughes  <ahughes at redhat.com>
+
+	* NEWS: Include new releases:
+	1.7.9, 1.7.10, 1.8.6, 1.8.7, 1.9.6, 1.9.7.
+
 2011-02-11  Andrew John Hughes  <ahughes at redhat.com>
 
 	* Makefile.am: Add additional patch.
diff -r 3f592b76892a -r b58a717c532c NEWS
--- a/NEWS	Wed Feb 16 14:52:54 2011 +0000
+++ b/NEWS	Wed Feb 16 16:51:12 2011 +0000
@@ -15,15 +15,6 @@ New in release 1.10 (2011-XX-XX):
 * Shark provided upstream rather than as part of IcedTea.
 * The option --with-openjdk becomes --with-jdk-home and --disable-bootstrap
 * Support for building with HotSpot 20 from its stable tree
-* Security updates
-  - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
-  - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
-  - S6907662, CVE-2010-4465: Swing timer-based security manager bypass
-  - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation
-  - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
-  - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
-  - S6985453, CVE-2010-4471: Java2D font-related system property leak
-  - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
 * Import of OpenJDK6 b21 including upgrade to HotSpot 19
   - S6961870: More rebranding fixes for templates/gpl-*-header files
   - S6976186: Shark build system changes
@@ -429,8 +420,67 @@ New in release 1.10 (2011-XX-XX):
 * Bug fixes
   - RH661505: JPEGs with sRGB IEC61966-2.1 color profiles have wrong colors
   - PR616, PR99: Don't statically link libstdc++ or libgcc
-  - RH676659: Pass -export-dynamic flag to linker using -Wl as option is broken in gcc 4.6+
+
+New in release 1.9.7 (2011-02-15):
+
+* Security updates
+  - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
+  - S6907662, CVE-2010-4465: Swing timer-based security manager bypass
+  - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation
+  - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
+  - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+  - S6985453, CVE-2010-4471: Java2D font-related system property leak
+  - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
+  - RH677332, CVE-2011-0706: Multiple signers privilege escalation
+* Bug fixes
+  - RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken
   - G344659: Fix issue when building on SPARC
+  - Fix latent JAXP bug caused by missing import
+
+New in release 1.8.7 (2011-02-15):
+
+* Security updates
+  - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
+  - S6907662, CVE-2010-4465: Swing timer-based security manager bypass
+  - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation
+  - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
+  - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+  - S6985453, CVE-2010-4471: Java2D font-related system property leak
+  - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
+  - RH677332, CVE-2011-0706: Multiple signers privilege escalation
+* Bug fixes
+  - RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken
+  - Fix latent JAXP bug caused by missing import
+
+New in release 1.7.10 (2011-02-15):
+
+* Security updates
+  - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
+  - S6907662, CVE-2010-4465: Swing timer-based security manager bypass
+  - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation
+  - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
+  - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+  - S6985453, CVE-2010-4471: Java2D font-related system property leak
+  - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
+  - RH677332, CVE-2011-0706: Multiple signers privilege escalation
+* Bug fixes
+  - RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken
+  - Fix latent JAXP bug caused by missing import
+
+New in release 1.9.6 (2011-02-09):
+
+* Security updates
+  - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
+
+New in release 1.8.6 (2011-02-09):
+
+* Security updates
+  - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
+
+New in release 1.7.9 (2011-02-09):
+
+* Security updates
+  - S4421494, CVE-2010-4476: infinite loop while parsing double literal.
 
 New in release 1.9.5 (2011-02-01):

More information about the distro-pkg-dev mailing list