hg: jdk6/jdk6/jdk: 21 new changesets
abhijit.saha at sun.com
abhijit.saha at sun.com
Fri Nov 6 15:40:36 PST 2009
Changeset: 39a8e48517ce
Author: weijun
Date: 2009-08-18 11:13 +0800
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/39a8e48517ce
6864911: ASN.1/DER input stream parser needs more work
Reviewed-by: mullan, xuelei
! src/share/classes/com/sun/jndi/ldap/Connection.java
! src/share/classes/sun/applet/AppletClassLoader.java
+ src/share/classes/sun/misc/IOUtils.java
! src/share/classes/sun/misc/Resource.java
! src/share/classes/sun/reflect/misc/MethodUtil.java
! src/share/classes/sun/security/provider/certpath/OCSPChecker.java
! src/share/classes/sun/security/timestamp/HttpTimestamper.java
! src/share/classes/sun/security/util/DerValue.java
+ test/sun/security/util/DerValue/BadValue.java
Changeset: 39a17e094418
Author: dcherepanov
Date: 2009-08-20 18:20 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/39a17e094418
6664512: Component and [Default]KeyboardFocusManager pass security sensitive objects to loggers
Summary: toString is called on security sensitive objects
Reviewed-by: art, hawtin
! src/share/classes/java/awt/Component.java
! src/share/classes/java/awt/DefaultKeyboardFocusManager.java
! src/share/classes/java/awt/KeyboardFocusManager.java
! src/share/classes/sun/awt/DebugSettings.java
! src/solaris/classes/sun/awt/X11/XBaseWindow.java
! src/solaris/classes/sun/awt/X11/XCheckboxMenuItemPeer.java
! src/solaris/classes/sun/awt/X11/XComponentPeer.java
! src/solaris/classes/sun/awt/X11/XContentWindow.java
! src/solaris/classes/sun/awt/X11/XDecoratedPeer.java
! src/solaris/classes/sun/awt/X11/XDropTargetProtocol.java
! src/solaris/classes/sun/awt/X11/XFocusProxyWindow.java
! src/solaris/classes/sun/awt/X11/XFramePeer.java
! src/solaris/classes/sun/awt/X11/XIconWindow.java
! src/solaris/classes/sun/awt/X11/XInputMethod.java
! src/solaris/classes/sun/awt/X11/XMenuItemPeer.java
! src/solaris/classes/sun/awt/X11/XNETProtocol.java
! src/solaris/classes/sun/awt/X11/XProtocol.java
! src/solaris/classes/sun/awt/X11/XQueryTree.java
! src/solaris/classes/sun/awt/X11/XToolkit.java
! src/solaris/classes/sun/awt/X11/XTrayIconPeer.java
! src/solaris/classes/sun/awt/X11/XWM.java
! src/solaris/classes/sun/awt/X11/XWindow.java
! src/solaris/classes/sun/awt/X11/XWindowPeer.java
! src/solaris/classes/sun/awt/X11InputMethod.java
Changeset: 9b95de10b74e
Author: valeriep
Date: 2009-08-24 17:09 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/9b95de10b74e
6636650: (cl) Resurrected ClassLoaders can still have children
Summary: Prevent classloader from resurrection
Reviewed-by: hawtin
! src/share/classes/java/lang/ClassLoader.java
+ test/java/lang/ClassLoader/UninitializedParent.java
Changeset: aa750b9dade2
Author: asaha
Date: 2009-08-26 15:01 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/aa750b9dade2
Merge
Changeset: 68f869a48c59
Author: okutsu
Date: 2009-08-28 21:58 +0900
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/68f869a48c59
6824265: (tz) TimeZone.getTimeZone allows probing local filesystem
Reviewed-by: peytoia
! src/share/classes/sun/util/calendar/ZoneInfoFile.java
Changeset: 8fcfc9ce8804
Author: bae
Date: 2009-08-28 18:08 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/8fcfc9ce8804
6631533: ICC_Profile allows detecting if some files exist
Reviewed-by: prr
! src/share/classes/java/awt/color/ICC_Profile.java
Changeset: e232ff106724
Author: bae
Date: 2009-08-28 18:29 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/e232ff106724
6632445: DoS from parsing BMPs with UNC ICC links
Reviewed-by: prr
! src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
Changeset: ec4c4102de32
Author: bae
Date: 2009-08-28 18:47 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/ec4c4102de32
6822057: X11 and Win32GraphicsDevice don't clone arrays returned from getConfigurations()
Reviewed-by: prr
! src/solaris/classes/sun/awt/X11GraphicsDevice.java
! src/windows/classes/sun/awt/Win32GraphicsDevice.java
+ test/java/awt/GraphicsDevice/CloneConfigsTest.java
Changeset: 5a2b1a213d6e
Author: bae
Date: 2009-08-28 19:00 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/5a2b1a213d6e
6862968: JPEG Image Writer quantization problem
Reviewed-by: prr
! src/share/native/sun/awt/image/jpeg/imageioJPEG.c
Changeset: 94a7f5675cc2
Author: asaha
Date: 2009-09-05 07:56 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/94a7f5675cc2
Merge
Changeset: e8d7c5715d59
Author: malenkov
Date: 2009-09-09 17:57 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/e8d7c5715d59
6657026: Numerous static security flaws in Swing (findbugs)
Reviewed-by: hawtin, peterz
! src/share/classes/com/sun/java/swing/plaf/gtk/GTKStyle.java
! src/share/classes/javax/swing/JComponent.java
! src/share/classes/javax/swing/JDialog.java
! src/share/classes/javax/swing/JEditorPane.java
! src/share/classes/javax/swing/JFrame.java
! src/share/classes/javax/swing/JInternalFrame.java
! src/share/classes/javax/swing/JPopupMenu.java
! src/share/classes/javax/swing/MenuSelectionManager.java
! src/share/classes/javax/swing/PopupFactory.java
! src/share/classes/javax/swing/SwingUtilities.java
! src/share/classes/javax/swing/SwingWorker.java
! src/share/classes/javax/swing/TimerQueue.java
! src/share/classes/javax/swing/ToolTipManager.java
! src/share/classes/javax/swing/UIManager.java
! src/share/classes/javax/swing/plaf/basic/BasicComboBoxUI.java
! src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
! src/share/classes/javax/swing/plaf/basic/BasicListUI.java
! src/share/classes/javax/swing/plaf/basic/BasicPopupMenuUI.java
! src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
! src/share/classes/javax/swing/plaf/basic/BasicTableUI.java
! src/share/classes/javax/swing/plaf/basic/BasicTreeUI.java
! src/share/classes/javax/swing/plaf/metal/MetalBorders.java
! src/share/classes/javax/swing/plaf/metal/MetalBumps.java
! src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
! src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
! src/share/classes/javax/swing/plaf/synth/ImagePainter.java
! src/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java
! src/share/classes/javax/swing/text/JTextComponent.java
! src/share/classes/sun/swing/DefaultLookup.java
! src/share/classes/sun/swing/SwingUtilities2.java
+ test/javax/swing/ToolTipManager/Test6657026.java
+ test/javax/swing/UIManager/Test6657026.java
+ test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java
+ test/javax/swing/plaf/metal/MetalBorders/Test6657026.java
+ test/javax/swing/plaf/metal/MetalBumps/Test6657026.java
+ test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java
+ test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java
Changeset: 529c2bf5d5f7
Author: bae
Date: 2009-09-10 12:10 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/529c2bf5d5f7
6874643: ImageI/O JPEG is vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
! src/share/native/sun/awt/image/jpeg/imageioJPEG.c
Changeset: be875d4015e9
Author: bae
Date: 2009-09-10 13:04 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/be875d4015e9
6872357: JRE AWT setDifflCM vulnerable to Stack Overflow
Reviewed-by: prr, hawtin
! src/share/native/sun/awt/image/awt_ImageRep.c
Changeset: 7608002fbe6e
Author: bae
Date: 2009-09-14 11:40 +0400
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/7608002fbe6e
6872358: JRE AWT setBytePixels vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
! make/sun/awt/mapfile-vers
! make/sun/awt/mapfile-vers-linux
! src/share/classes/sun/awt/image/ImageRepresentation.java
! src/share/native/sun/awt/image/awt_ImageRep.c
Changeset: c4fb21cf8696
Author: asaha
Date: 2009-09-14 14:18 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/c4fb21cf8696
Merge
! src/solaris/classes/sun/awt/X11/XToolkit.java
! src/solaris/classes/sun/awt/X11/XWindowPeer.java
Changeset: 749678c5e807
Author: xuelei
Date: 2009-09-22 07:05 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/749678c5e807
6861062: Disable MD2 support
Summary: disable MD2 algorithm during certification path building and verdation
Reviewed-by: mullan, weijun
+ src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
! src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
! src/share/classes/sun/security/provider/certpath/OCSPChecker.java
! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
! src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
! src/share/classes/sun/security/validator/SimpleValidator.java
! src/share/classes/sun/security/validator/ValidatorException.java
+ test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java
+ test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java
+ test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java
+ test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java
+ test/sun/security/provider/certpath/DisabledAlgorithms/README
+ test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
+ test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf
Changeset: 562da0baf70b
Author: vinnie
Date: 2009-09-24 22:19 +0100
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/562da0baf70b
6863503: SECURITY: MessageDigest.isEqual introduces timing attack vulnerabilities
Reviewed-by: mullan, wetmore
! src/share/classes/java/security/MessageDigest.java
Changeset: c8b64658ed37
Author: asaha
Date: 2009-10-06 11:32 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/c8b64658ed37
Merge
- test/closed/tools/pack200/MemoryAllocatorTest.java
- test/closed/tools/pack200/packfiles.jar
Changeset: be4bec5a978f
Author: asaha
Date: 2009-10-14 08:32 -0700
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/be4bec5a978f
Merge
Changeset: 8411b7f62e95
Author: peterz
Date: 2009-10-30 15:05 +0300
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/8411b7f62e95
Merge
! src/share/classes/javax/swing/SwingUtilities.java
! src/share/classes/javax/swing/UIManager.java
! src/share/classes/javax/swing/plaf/basic/BasicComboBoxUI.java
! src/share/classes/javax/swing/plaf/basic/BasicListUI.java
! src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
! src/share/classes/javax/swing/plaf/basic/BasicTableUI.java
! src/share/classes/javax/swing/plaf/basic/BasicTreeUI.java
! src/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java
! src/share/classes/sun/swing/DefaultLookup.java
Changeset: 692d4ec6d1eb
Author: alexp
Date: 2009-11-06 19:22 +0300
URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/692d4ec6d1eb
6657138: Mutable statics in Windows PL&F (findbugs)
Reviewed-by: peterz, hawtin
! src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
! src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
! src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
! src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
! src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
! src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
! src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
! src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
! src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
! src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
! src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
! src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
! src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
! src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
! src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
! src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
! src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
! src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
! src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
! src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
+ test/javax/swing/Security/6657138/ComponentTest.java
+ test/javax/swing/Security/6657138/bug6657138.java
More information about the jdk6-dev
mailing list