[PATCH] 2013/10/15 Security Errata: JDK Changes

Andrew gnu.andrew at redhat.com
Wed Nov 13 16:10:09 PST 2013 

Here is the first batch of changes for the 2013/06/18 errata.

Webrev: http://cr.openjdk.java.net/~andrew/openjdk6/20131015/jdk/

Changes:

7196533: TimeZone.getDefault() slow due to synchronization bottleneck
8006900: Add new date/time capability
8008589: Better MBean permission validation
8011071: Better crypto provider handling
8011081: Improve jhat
8011157: Improve CORBA portablility
8012071: Better Building of Beans
8012147: Improve tool support
8012277: Improve AWT DataFlavor
8013506: Better Pack200 data handling
8013510: Augment image writing code
8013514: Improve stability of cmap class
8013744: Better tabling for AWT
8014085: Better serialization support in JMX classes
8014093: Improve parsing of images
8014102: Improve image conversion
8014341: Better service from Kerberos servers
8014534: Better profiling support
8014987: Augment serialization handling
8015731: Subject java.security.auth.subject to improvements
8015743: Address internet addresses
8016357: Update hotspot diagnostic class
8002070: Remove the stack search for a resource bundle for Logger to use
8010118: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive
6708729: update jdk Makefiles for new javap
OPENJDK6-19: Fix test cases from 8010118 to work with OpenJDK 6
8010727: WLS fails to add a logger with "" in its own LogManager subclass instance
8010939: Deadlock in LogManager
8011990: TEST_BUG: java/util/logging/bundlesearch/ResourceBundleSearchTest.java fails on Windows
8013380: Removal of stack walk to find resource bundle breaks Glassfish startup
8014745: Provide a switch to allow stack walk search of resource bundle
8012243: about 30% regression on specjvm2008.serial on 7u25 comparing 7u21
8014718: Netbeans IDE begins to throw a lot exceptions since 7u25 b10
8011139: (reflect) Revise checking in getEnclosingClass
8017196: Ensure Proxies are handled appropriately
8017287: Better resource disposal
8017291: Cast Proxies Aside
7146431: java.security files out-of-sync
8006882: Proxy generated classes in sun.proxy package breaks JMockit
8000450: Restrict access to com/sun/corba/se/impl package
8019979: Replace CheckPackageAccess test with better one from closed repo
8004188: Rename src/share/lib/security/java.security to java.security-linux
8017566: Backout 8000450 - Cannot access to com.sun.corba.se.impl.orb.ORBImpl
8017300: Improve Interface Implementation
8019292: Better Attribute Value Exceptions
8019617: Better view of objects
8012617: ArrayIndexOutOfBoundsException with some fonts using LineBreakMeasurer
8020293: JVM crash
8013739: Better LDAP resource management
8014349: (cl) Class.getDeclaredClass problematic in some class loader configurations
6954275: XML signatures with reference data larger 16KB and cacheRef on fails to validate
8021290: Better signature validation
8012453: (process) Runtime.exec(String) fails if command contains spaces [win]
8015965: (process) Typo in name of property to allow ambiguous commands
8015144: Performance regression in ICU OpenType Layout library
8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes
8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null
8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01
8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log.
8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris
8022661: InetAddress.writeObject() performs flush() on object output stream
8023964: java/io/IOException/LastErrorString.java should be @ignore-d
8003992: File and other classes in java.io do not handle embedded nulls properly
8013827: File.createTempFile hangs with temp file starting with 'com1.4'
8025128: File.createTempFile fails if prefix is absolute path

IcedTea patches:

	patches/openjdk/7196533-timezone_bottleneck.patch \
	patches/openjdk/8006900-new_date_time.patch \
	patches/openjdk/8008589-better_mbean_permission_validation.patch \
	patches/openjdk/8011071-better_crypto_provider_handling.patch \
	patches/openjdk/8011081-improve_jhat.patch \
	patches/openjdk/8011157-improve_corba_portability-jdk.patch \
	patches/openjdk/8012071-better_bean_building.patch \
	patches/openjdk/8012147-improve_tool.patch \
	patches/openjdk/8012277-improve_dataflavour.patch \
	patches/openjdk/8013506-better_pack200.patch \
	patches/openjdk/8013510-augment_image_writing.patch \
	patches/openjdk/8013514-improve_cmap_stability.patch \
	patches/openjdk/8013744-better_tabling.patch \
	patches/openjdk/8014085-better_serialization.patch \
	patches/openjdk/8014093-improve_image_parsing.patch \
	patches/openjdk/8014102-improve_image_conversion.patch \
	patches/openjdk/8014341-better_kerberos_service.patch \
	patches/openjdk/8014534-better_profiling.patch \
	patches/openjdk/8014987-augment_serialization.patch \
	patches/openjdk/8015731-auth_improvements.patch \
	patches/openjdk/8015743-address_internet_addresses.patch \
	patches/openjdk/8016357-update_hs_diagnostic_class.patch \
	patches/openjdk/8002070-remove_logger_stack_search.patch \
	patches/openjdk/8010118-caller_sensitive.patch \
	patches/openjdk/6708729-javap_makefile_update.patch \
	patches/openjdk/oj6-19-fix_8010118_test_cases.patch \
	patches/openjdk/8010727-empty_logger_name.patch \
	patches/openjdk/8010939-logmanager_deadlock.patch \
	patches/openjdk/8011990-logger_test_urls.patch \
	patches/openjdk/8013380-logger_stack_walk_glassfish.patch \
	patches/openjdk/8014745-logger_stack_walk_switch.patch \
	patches/openjdk/8012243-serial_regression.patch \
	patches/openjdk/8014718-remove_logging_suntoolkit.patch \
	patches/openjdk/8011139-revise_checking_getenclosingclass.patch \
	patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch \
	patches/openjdk/8017287-better_resource_disposal.patch \
	patches/openjdk/8017291-cast_proxies_aside.patch \
	patches/openjdk/7146431-java.security_files.patch \
	patches/openjdk/8006882-jmockit.patch \
	patches/openjdk/8000450-restrict_access.patch \
	patches/openjdk/8019979-better_access_test.patch \
	patches/openjdk/8004188-rename_java.security.patch \
	patches/openjdk/8017566-backout_part_of_8000450.patch \
	patches/openjdk/8017300-improve_interface_implementation.patch \
	patches/openjdk/8019292-better_attribute_value_exceptions.patch \
	patches/openjdk/8019617-better_view_of_objects.patch \
	patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch \
	patches/openjdk/8020293-jvm_crash.patch \
	patches/openjdk/8013739-better_ldap_resource_management.patch \
	patches/openjdk/8014349-getdeclaredclass_fix.patch \
	patches/openjdk/6954275-big_xml_signatures.patch \
	patches/openjdk/8021290-signature_validation.patch \
	patches/openjdk/8012453-runtime.exec.patch \
	patches/openjdk/8015965-typo_in_property_name.patch \
	patches/openjdk/8015144-performance_regression.patch \
	patches/openjdk/8019969-inet6_test_case_fix.patch \
	patches/openjdk/8019584-invalid_notification_fix.patch \
	patches/openjdk/8021577-bean_serialization_fix.patch \
	patches/openjdk/8021969-jnlp_load_failure.patch \
	patches/openjdk/8021355-splashscreen_regression.patch \
	patches/openjdk/8022661-writeobject_flush.patch \
	patches/openjdk/8023964-ignore_test.patch \
	patches/openjdk/8003992-embedded_nulls.patch \
	patches/openjdk/8013827-createtempfile_hang.patch \
	patches/openjdk/8025128-createtempfile_absolute_prefix.patch \

Ok to push?
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07

More information about the jdk6-dev mailing list