hg: icedtea/jdk7/jdk: 10 new changesets
ahughes at redhat.com
ahughes at redhat.com
Tue Oct 18 16:32:19 PDT 2011
Changeset: 48f1bca75df4
Author: andrew
Date: 2011-10-14 00:49 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/48f1bca75df4
7000600, CVE-2011-3547: InputStream skip() information leak
! src/share/classes/java/io/InputStream.java
Changeset: 6384285f36bb
Author: andrew
Date: 2011-10-14 00:50 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/6384285f36bb
7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
! src/share/classes/java/awt/AWTKeyStroke.java
Changeset: 770d063de148
Author: andrew
Date: 2011-10-14 00:50 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/770d063de148
7023640, CVE-2011-3551: Java2D TransformHelper integer overflow
! src/share/native/sun/java2d/loops/TransformHelper.c
Changeset: 63bbe6780dd3
Author: andrew
Date: 2011-10-14 00:50 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/63bbe6780dd3
7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager
! src/share/classes/sun/net/ResourceManager.java
Changeset: fc3acc1b4e55
Author: andrew
Date: 2011-10-14 00:54 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/fc3acc1b4e55
7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine
! src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java
! src/share/classes/com/sun/script/javascript/RhinoTopLevel.java
Changeset: 8ebc1115d725
Author: andrew
Date: 2011-10-14 00:57 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/8ebc1115d725
7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks
! src/share/native/com/sun/java/util/jar/pack/unpack.cpp
! src/share/native/com/sun/java/util/jar/pack/utils.cpp
! src/share/native/com/sun/java/util/jar/pack/utils.h
Changeset: e88518dcf07c
Author: andrew
Date: 2011-10-14 01:07 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/e88518dcf07c
7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
! src/share/classes/sun/security/ssl/AppOutputStream.java
! src/share/classes/sun/security/ssl/CipherBox.java
! src/share/classes/sun/security/ssl/CipherSuite.java
! src/share/classes/sun/security/ssl/EngineOutputRecord.java
! src/share/classes/sun/security/ssl/Record.java
! src/share/classes/sun/security/ssl/SSLEngineImpl.java
! src/share/classes/sun/security/ssl/SSLSocketImpl.java
! test/sun/security/ssl/com/sun/net/ssl/internal/ssl/GenSSLConfigs/main.java
! test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
! test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
! test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargePacket.java
Changeset: 489108f8ddd1
Author: andrew
Date: 2011-10-14 01:09 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/489108f8ddd1
7077466, CVE-2011-3556: RMI DGC server remote code execution
7083012, CVE-2011-3557: RMI registry privileged code execution
! src/share/classes/sun/rmi/registry/RegistryImpl.java
! src/share/classes/sun/rmi/server/LoaderHandler.java
Changeset: 2d793ad2620f
Author: andrew
Date: 2011-10-14 01:09 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/2d793ad2620f
7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection
! src/share/classes/com/sun/net/ssl/HttpsURLConnection.java
! src/share/classes/javax/net/ssl/HttpsURLConnection.java
Changeset: 2054526dd141
Author: andrew
Date: 2011-10-14 03:02 +0100
URL: http://hg.openjdk.java.net/icedtea/jdk7/jdk/rev/2054526dd141
7077466, CVE-2011-3556: RMI DGC server remote code execution
! src/share/classes/sun/rmi/server/UnicastServerRef.java
More information about the icedtea-changes
mailing list