[SECURITY] IcedTea6 1.10.8 & 1.11.3 Released!

Andrew Hughes ahughes at redhat.com
Tue Jun 12 17:24:54 PDT 2012


The IcedTea project provides a harness to build the source code from
OpenJDK6 using Free Software build tools, along with additional
features such as a PulseAudio sound driver and support for alternative
virtual machines.

A new set of security releases is now available:

* IcedTea6 1.10.8
* IcedTea6 1.11.3
 
All updates contain the following security fixes:

* S7079902, CVE-2012-1711: Refine CORBA data models
* S7110720: Issue with vm config file loadingIssue with vm config file loading
* S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
* S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
* S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
* S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
* S7143872, CVE-2012-1718: Improve certificate extension processing
* S7145239: Finetune package definition restriction
* S7152811, CVE-2012-1723: Issues in client compiler
* S7157609, CVE-2012-1724: Issues with loop
* S7160677: missing else in fix for 7152811
* S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile

Full details of each release can be found below.

What’s New?
—————–

New in release 1.10.8 (2012-06-12):

* Security fixes
  - S7079902, CVE-2012-1711: Refine CORBA data models
  - S7110720: Issue with vm config file loadingIssue with vm config file loading
  - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
  - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
  - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
  - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
  - S7143872, CVE-2012-1718: Improve certificate extension processing
  - S7145239: Finetune package definition restriction
  - S7152811, CVE-2012-1723: Issues in client compiler
  - S7157609, CVE-2012-1724: Issues with loop
  - S7160677: missing else in fix for 7152811
  - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
* Bug fixes
  - PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)

New in release 1.11.3 (2012-06-12):

* Security fixes
  - S7079902, CVE-2012-1711: Refine CORBA data models
  - S7110720: Issue with vm config file loadingIssue with vm config file loading
  - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
  - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
  - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
  - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
  - S7143872, CVE-2012-1718: Improve certificate extension processing
  - S7145239: Finetune package definition restriction
  - S7152811, CVE-2012-1723: Issues in client compiler
  - S7157609, CVE-2012-1724: Issues with loop
  - S7160677: missing else in fix for 7152811
  - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
* Bug fixes
  - PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)

The tarballs can be downloaded from:
 
* http://icedtea.classpath.org/download/source/icedtea6-1.10.8.tar.gz
* http://icedtea.classpath.org/download/source/icedtea6-1.11.3.tar.gz

SHA256 checksums:

7723882c52d21f859c67f64d84764d5e6c69ac79245ecc0579ccac29e086000a  icedtea6-1.10.8.tar.gz
7d91c407b9795bd6f6255bcf0fb808416b36418c57f601dc47cfabff83194cf4  icedtea6-1.11.3.tar.gz

Each tarball is accompanied by a digital signature (available at the
above URL + '.sig').  This is produced using my public key.  See
details below.

The following people helped with these releases:

* Andrew Dinn (checking of S7160757)
* Andrew Haley (checking of S7110720, S7152811 & S7143606)
* Andrew John Hughes (checking of S7143872, reproducer testing & release management)
* Omair Majid (checking of S7079902, S7143851 & S7143606)
* Chris Phillips (checking of S7165628)
* Pavel Tisnovsky (PR1018, checking of 7143617 & 7157609)
* Jon VanAlten (checking of S7145239)
* Jiri Vanek (checking of S7143606)

We would also like to thank the bug reporters and testers!
 
To get started:
$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>
 
Full build requirements and instructions are in INSTALL:
$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07




More information about the distro-pkg-dev mailing list