Security fixes in b19 - Re: hg: jdk6/jdk6/jdk: 23 new changesets
Andrew John Hughes
ahughes at redhat.com
Tue Apr 6 10:16:26 PDT 2010
On 31 March 2010 00:52, Andrew John Hughes <ahughes at redhat.com> wrote:
> On 31 March 2010 00:46, Joe Darcy <joe.darcy at oracle.com> wrote:
>> The latest round of security fixes are now in the OpenJDK 6 master
>> repositories.
>>
>
> And IcedTea6 1.6, 1.7, 1.8, HEAD and IcedTea7 :-)
>
Joe, where are the fixes for the HotSpot tree? See top of
http://hg.openjdk.java.net/icedtea/jdk7/hotspot
>> -Joe
>>
>> abhijit.saha at sun.com wrote:
>>>
>>> Changeset: c60109723bf8
>>> Author: dl
>>> Date: 2009-11-18 11:39 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/c60109723bf8
>>>
>>> 6888149: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error
>>> Summary: Avoid integer overflow by using long arithmetic
>>> Reviewed-by: dholmes, alanb, chegar
>>>
>>> ! src/share/classes/java/util/concurrent/atomic/AtomicIntegerArray.java
>>> ! src/share/classes/java/util/concurrent/atomic/AtomicLongArray.java
>>> ! src/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java
>>>
>>> Changeset: 2e29fe2bfc9c
>>> Author: chegar
>>> Date: 2009-11-23 12:51 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/2e29fe2bfc9c
>>>
>>> 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups
>>> Reviewed-by: alanb, hawtin
>>>
>>> ! src/share/classes/java/lang/ThreadGroup.java
>>>
>>> Changeset: 1cd847ef273e
>>> Author: weijun
>>> Date: 2009-11-23 19:05 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/1cd847ef273e
>>>
>>> 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly
>>> encoded CommonName OIDs
>>> Reviewed-by: mullan, xuelei
>>>
>>> ! src/share/classes/sun/security/util/ObjectIdentifier.java
>>> + test/sun/security/util/Oid/BerOid.java
>>>
>>> Changeset: 3b74a067dcb4
>>> Author: alanb
>>> Date: 2009-11-25 13:05 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/3b74a067dcb4
>>>
>>> 6736390: File TOCTOU deserialization vulnerability
>>> Reviewed-by: hawtin
>>>
>>> ! src/share/classes/java/io/File.java
>>>
>>> Changeset: cda5a0661316
>>> Author: sherman
>>> Date: 2009-11-25 15:40 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/cda5a0661316
>>>
>>> 6745393: Inflater/Deflater clone issue
>>> Summary: To use an explicit lock object
>>> Reviewed-by: alanb
>>>
>>> ! src/share/classes/java/util/zip/Deflater.java
>>> ! src/share/classes/java/util/zip/Inflater.java
>>> + src/share/classes/java/util/zip/ZStreamRef.java
>>> ! src/share/native/java/util/zip/Deflater.c
>>> ! src/share/native/java/util/zip/Inflater.c
>>>
>>> Changeset: 4509549ab091
>>> Author: mchung
>>> Date: 2009-11-30 08:25 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/4509549ab091
>>>
>>> 6893947: Deserialization of RMIConnectionImpl objects should enforce
>>> stricter checks [ZDI-CAN-588]
>>> Summary: narrow the doPrivileged block to only set context ClassLoader
>>> Reviewed-by: hawtin, emcmanus
>>>
>>> ! src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
>>>
>>> Changeset: 065fc20465a9
>>> Author: michaelm
>>> Date: 2009-12-02 12:51 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/065fc20465a9
>>>
>>> 6893954: Subclasses of InetAddress may incorrectly interpret network
>>> addresses
>>> Summary: runtime type checks and deserialization check
>>> Reviewed-by: chegar, alanb, jccollet
>>>
>>> ! src/share/classes/java/net/DatagramSocket.java
>>> ! src/share/classes/java/net/InetAddress.java
>>> ! src/share/classes/java/net/MulticastSocket.java
>>> ! src/share/classes/java/net/NetworkInterface.java
>>> ! src/share/classes/java/net/Socket.java
>>> ! src/share/classes/sun/nio/ch/Net.java
>>>
>>> Changeset: 76484a1390b5
>>> Author: michaelm
>>> Date: 2009-12-02 13:39 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/76484a1390b5
>>>
>>> Merge
>>>
>>>
>>> Changeset: a82975fed3bb
>>> Author: asaha
>>> Date: 2009-12-04 10:22 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/a82975fed3bb
>>>
>>> Merge
>>>
>>>
>>> Changeset: 56d70fff0a49
>>> Author: xuelei
>>> Date: 2009-12-08 20:14 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/56d70fff0a49
>>>
>>> 6898739: TLS renegotiation issue
>>> Summary: the interim fix disables TLS/SSL renegotiation
>>> Reviewed-by: mullan, chegar, wetmore
>>>
>>> ! src/share/classes/sun/security/ssl/ClientHandshaker.java
>>> ! src/share/classes/sun/security/ssl/Handshaker.java
>>> ! src/share/classes/sun/security/ssl/SSLEngineImpl.java
>>> ! src/share/classes/sun/security/ssl/SSLSocketImpl.java
>>> ! src/share/classes/sun/security/ssl/ServerHandshaker.java
>>> !
>>> test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/InvalidateServerSessionRenegotiate.java
>>> ! test/sun/security/ssl/javax/net/ssl/NewAPIs/JSSERenegotiate.java
>>> ! test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
>>> !
>>> test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/ConnectionTest.java
>>> !
>>> test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/NoAuthClientAuth.java
>>>
>>> Changeset: c33996d22908
>>> Author: mullan
>>> Date: 2009-12-09 14:13 -0500
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/c33996d22908
>>>
>>> 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
>>> Reviewed-by: hawtin
>>>
>>> ! src/share/classes/java/security/Policy.java
>>> ! src/share/classes/java/security/ProtectionDomain.java
>>> + src/share/classes/sun/misc/JavaSecurityProtectionDomainAccess.java
>>> ! src/share/classes/sun/misc/SharedSecrets.java
>>> ! src/share/classes/sun/security/provider/PolicyFile.java
>>>
>>> Changeset: 0d6a7c587b34
>>> Author: mullan
>>> Date: 2009-12-09 14:17 -0500
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/0d6a7c587b34
>>>
>>> Merge
>>>
>>>
>>> Changeset: 30601d76d1a9
>>> Author: malenkov
>>> Date: 2009-12-22 17:34 +0300
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/30601d76d1a9
>>>
>>> 6904691: Java Applet Trusted Methods Chaining Privilege Escalation
>>> Vulnerability
>>> Reviewed-by: hawtin, peterz
>>>
>>> ! src/share/classes/java/beans/EventHandler.java
>>> ! src/share/classes/java/beans/Statement.java
>>> ! test/java/beans/EventHandler/Test6277246.java
>>> ! test/java/beans/EventHandler/Test6277266.java
>>>
>>> Changeset: 475c20b5ead9
>>> Author: michaelm
>>> Date: 2010-01-12 15:24 +0000
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/475c20b5ead9
>>>
>>> 6910590: Application can modify command array, in ProcessBuilder
>>> Reviewed-by: michaelm, chegar
>>>
>>> ! src/share/classes/java/lang/ProcessBuilder.java
>>>
>>> Changeset: a70c2cb935ed
>>> Author: bae
>>> Date: 2010-02-17 14:47 +0300
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/a70c2cb935ed
>>>
>>> 6909597: Sun Java Runtime Environment JPEGImageReader stepX Integer
>>> Overflow Vulnerability
>>> Reviewed-by: igor
>>>
>>> ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c
>>>
>>> Changeset: 47494ceba862
>>> Author: bae
>>> Date: 2010-02-19 21:34 +0300
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/47494ceba862
>>>
>>> 6914866: Sun JRE ImagingLib arbitrary code execution vulnerability
>>> Reviewed-by: prr
>>>
>>> ! src/share/native/sun/awt/medialib/awt_ImagingLib.c
>>> ! src/share/native/sun/awt/medialib/safe_alloc.h
>>>
>>> Changeset: 54cecb672e0f
>>> Author: bae
>>> Date: 2010-02-19 22:13 +0300
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/54cecb672e0f
>>>
>>> 6899653: Sun Java Runtime CMM readMabCurveData Buffer Overflow
>>> Vulnerability
>>> Reviewed-by: prr
>>>
>>> ! src/share/native/sun/java2d/cmm/lcms/cmsio1.c
>>> ! src/share/native/sun/java2d/cmm/lcms/cmsxform.c
>>>
>>> Changeset: b6fe2c6e58e3
>>> Author: bae
>>> Date: 2010-02-19 22:50 +0300
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/b6fe2c6e58e3
>>>
>>> 6914823: Java AWT Library Invalid Index Vulnerability
>>> Reviewed-by: prr
>>>
>>> ! src/share/classes/sun/awt/image/ImageRepresentation.java
>>>
>>> Changeset: 0fc5eabbab3a
>>> Author: ksrini
>>> Date: 2010-02-22 14:27 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/0fc5eabbab3a
>>>
>>> 6902299: Java JAR "unpack200" must verify input parameters
>>> Summary: Added several checks for addition of values before memory
>>> allocation
>>> Reviewed-by: asaha
>>>
>>> ! src/share/native/com/sun/java/util/jar/pack/bytes.cpp
>>> ! src/share/native/com/sun/java/util/jar/pack/unpack.cpp
>>> ! test/tools/pack200/MemoryAllocatorTest.java
>>>
>>> Changeset: d45c527b8218
>>> Author: denis
>>> Date: 2010-03-01 07:17 -0800
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/d45c527b8218
>>>
>>> 6887703: Unsigned applet can retrieve the dragged information before drop
>>> action occur
>>> Reviewed-by: uta
>>>
>>> ! src/share/classes/sun/awt/dnd/SunDropTargetContextPeer.java
>>>
>>> Changeset: ed52e9d31440
>>> Author: asaha
>>> Date: 2010-03-15 16:39 -0700
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/ed52e9d31440
>>>
>>> Merge
>>>
>>> - test/sun/tools/native2ascii/test2
>>>
>>> Changeset: 61629da41f38
>>> Author: asaha
>>> Date: 2010-03-25 16:42 -0700
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/61629da41f38
>>>
>>> Merge
>>>
>>> ! src/share/classes/sun/security/ssl/SSLSocketImpl.java
>>>
>>> Changeset: 599b469958a8
>>> Author: asaha
>>> Date: 2010-03-30 07:58 -0700
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/599b469958a8
>>>
>>> Merge
>>>
>>>
>>>
>>
>>
>
>
>
> --
> Andrew :-)
>
> Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
>
> Support Free Java!
> Contribute to GNU Classpath and the OpenJDK
> http://www.gnu.org/software/classpath
> http://openjdk.java.net
>
> PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
> Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
>
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the jdk6-dev
mailing list