[SECURITY] IcedTea6 1.8.9 & 1.9.9 Released!
Dr Andrew John Hughes
ahughes at redhat.com
Wed Jul 20 07:12:41 PDT 2011
There is a new set of security releases: IcedTea6 1.8.9 and IcedTea6 1.9.9.
This security issue concerns IcedTea-Web, which is not part of the IcedTea6 1.10
series, hence there will be no IcedTea6 1.10 security update. However, an
IcedTea6 1.10 bug fix update will follow shortly.
This update contains the following security updates:
* RH718164, CVE-2011-2513: Home directory path disclosure to untrusted apps
The IcedTea project provides a harness to build the source code from
OpenJDK6 using Free Software build tools. It also includes the only
Free Java plugin and Web Start implementation, and support for
additional architectures over and above x86, x86_64 and SPARC via the
Zero assembler port.
What Else Is New?
=================
New in release 1.9.9 (2011-07-20):
* Bug fixes
- PR744: icedtea6-1.10.2 : patching error
- PR748: Icedtea6 fails to build with Linux 3.0.
New in release 1.8.9 (2011-07-20):
* Bug Fixes
- PR744: icedtea6-1.10.2 : patching error
- PR748: Icedtea6 fails to build with Linux 3.0.
* Shark
- PR632: patches/security/20110215/6878713.patch breaks shark zero build
The tarballs can be downloaded from:
http://icedtea.classpath.org/download/source/icedtea6-1.8.9.tar.gz
http://icedtea.classpath.org/download/source/icedtea6-1.9.9.tar.gz
SHA256 sums
e12e06c2ee642396f1d080d871a42fa4db38aced10bf13c20644f752ef03741f icedtea6-1.8.9.tar.gz
c2419896f8925822b0135bcd2db37affcb2b9f6f50d782e7f6b8d23afb5beb39 icedtea6-1.9.9.tar.gz
The following people helped with these releases:
* Andrew John Hughes
* Omair Majid
* Xerxes Rånby
* Pavel Tisnovsky
* Mark Wielaard
We would also like to thank the bug reporters and testers!
To get started:
$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>
Full build requirements and instructions are in INSTALL:
$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
Thanks,
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
More information about the distro-pkg-dev
mailing list