[SECURITY] IcedTea6 1.11.1 Released!

Omair Majid omajid at redhat.com
Tue Feb 14 13:28:27 PST 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A new release of IcedTea6 is now available: 1.11.1

The update contains the following security fixes:

- - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
- - S7088367, CVE-2011-3563: Fix issues in java sound
- - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
- - S7110687, CVE-2012-0503: Issues with TimeZone class
- - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in
ObjectStreamClass
- - S7110704, CVE-2012-0506: Issues with some method in corba
- - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering
object
- - S7118283, CVE-2012-0501: Better input parameter checking in zip file
processing
- - S7126960, CVE-2011-5035: (httpserver) Add property to limit number
of request headers to the HTTP Server

This release also contains the following additional fix:
- - PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch

The tarball can be downloaded from:
http://icedtea.classpath.org/download/source/icedtea6-1.11.1.tar.gz

SHA256SUM:
bafb0e21e1edf5ee22871b13dbc0a8a0d3efd894551fb91d5f59783069b6912c

A signature (produced using my public key) is available at:
http://icedtea.classpath.org/download/source/icedtea6-1.11.1.tar.gz.sig

The following people helped with this release:

* Andrew Haley
* Andrew John Hughes
* Chris Phillips
* Danesh Dadachanji
* Deepak Bhole
* Jiri Vanek
* Omair Majid
* Roman Kennke

A huge thanks to everyone who helped test this release and reported bugs!

To get started:
$ tar xf icedtea6-1.11.1.tar.gz
$ cd icedtea6-1.11.1

Full build requirements and instructions are in INSTALL:
$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Thanks,
Omair
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPOtH7AAoJEPKG8U9mSEaB6Q4P/1cG+MvFFU3mTHPHaLSUrmDR
iQJY7q/eBO++FYvfu25Ai9vxvmcYrm+lTCWsyszg3b1qHiB6RiQEOFh6qZvUTwUE
6Q/lzvWTdGvw+o0iH8IxIU0F+yTWyLlpreCWVsc653eXgkiJNvoIa3AIBdt8mCtS
RMl71EUYHcmRpMBKBNZZ1AYiVplp4CG7aHJBR1YdnTEUHjBBBwZmqgwCKFEphjI8
4PZLOLKW1N1YcqWUvJ1kNoeQF8E7D93MkOw1jzrArzfQ2eRMrFd3tN9SHFEYJeUs
5IQwvwy4IvmpclfOVnGHmRzLWZLvgkql5Mbthv2xPdLysG3MCeuBt61yjl38GPyr
8Zw1QvJ+xFdgXzesrXtRb4XdqIxxrEwLiDLF37rXY1TMxYbx5i2UChuRpiaZTfDa
DZz1AVjEbZdL6U8XmxOS0k+OD4eVi5dMTAPGhNjCLyeVDIdHNKh5AZ+iBqmsPJzN
pZyD9Anf7fkSPTkDi52nDdHIsKGPpIQvFqFoHCSTLgNs8HDqJmvYg9v3LYesdRLf
bLma4iEQO8c+cnB/kbrJaAQPBamD4aklfbUPU9dHNQNMVVzKCkTnFwOej2gu+c96
FYYsbNzQrcsA/gQfaDrqe6hGXFaIEI6ugX3dZcHBkbNlC1BXjhd2UdPB9enVsIyy
w1WZ4ueJwgSaatQDXtjp
=zfJy
-----END PGP SIGNATURE-----

More information about the distro-pkg-dev mailing list