Webrevs for 2014/04/15 Security Fixes

Andrew Hughes gnu.andrew at redhat.com
Tue Apr 15 22:16:54 UTC 2014 

http://cr.openjdk.java.net/~andrew/openjdk6/20140415/

Changes:
  - S4685768: A11y issue - Focus set to disabled component, can't Tab/Shift-Tab
  - S4993545: NativeInLightFixer adds asynchronousity
  - S6444769: java/awt/Insets/WindowWithWarningTest/WindowWithWarningTest.html fails
  - S6607170: Focus not set by requestFocus
  - S6607660: java.awt.Container.getMouseEventTargetImpl should be invoked while holding the TreeLock
  - S6616323: consider benefits of replacing a component array with other collection from the awt.Container class
  - S6633275: Need to support shaped/translucent windows
  - S6637796: setBounds doesn't enlarge Component
  - S6656651: Windows Look and Feel LCD glyph images have some differences from native applications.
  - S6680198: UnmarshalException caused by incompatible serialVersionUID
  - S6682046: Mixing code does not always recalculate shapes correctly when resizing components
  - S6693253: Security Warning appearance requires enhancements
  - S6725214: D3D: forward-port the new pipeline from 6u10
  - S6742654: Code insertion/replacement attacks against signed jars
  - S6748082: remove platform-specific code from SwingUtilities2.isDisplayLocal
  - S6755274: 6u10b33 2d tests fails on sles10x64 with jvm crash
  - S6769607: PIT : Modal frame hangs for a while for few seconds in 6u12 b01 pit build
  - S6779717: A Window does not show applet security warning icon on X platforms
  - S6785058: Parent dn't get the focus after dialog is closed if security warning is applied
  - S6791612: OGLBat tests are failed in jdk 7 b42
  - S6797195: Forward-port enhancements for hw/lw mixing from 6u12 to 7
  - S6799345: JFC demos threw exception in the Java Console when applets are closed
  - S6828273: javax/swing/system/6799345/TestShutdown.java test fails with RuntimeException.
  - S6867515: Reduce impact of D3D initializion on startup time
  - S6891435: Improve D3D preloading
  - S6911041: JCK api/signaturetest tests fails for Mixed Code PIT builds (b91) for all trains
  - S6921823: JarVerifier csdomain field not initialized
  - S6921839: Update trusted.libraries list
  - S6924497: HotSpotDiagnosticsMXBean.getDiagnosticOptions throws NPE
  - S6936389: FontManager.fileCloser may cause memory leak in applets
  - S6946559: AWTToolKit thread crashes in JNU_GetEnv
  - S6955783: ServiceUnavailableException caught even the secondary DNS is available
  - S6984543: Test sun/java2d/DirectX/OnScreenRenderingResizeTest fails on GNOME
  - S6987967: D3D preloading thread should initialize COM
  - S7011446: ./windows/classes/sun/awt/windows/WToolkit.java needs to avoid spurious wakeup
  - S7015232: missing copyright header in CheckZOrderChange.java
  - S7112642: Incorrect checking for graphics rendering object
  - S7119760: [macosx] The OpenGL queue flusher thread is created in the wrong thread group
  - S7155051: DNS provider may return incorrect results
  - S8002191: AWT-Shutdown thread does not start with the AppletSecurity on Linux
  - S8009071, CVE-2013-2459: Improve shape handling
  - S8023046: Enhance splashscreen support
  - S8025005: Enhance CORBA initializations
  - S8025010, CVE-2014-2412: Enhance AWT contexts
  - S8025030, CVE-2014-2414: Enhance stream handling
  - S8025152, CVE-2014-0458: Enhance activation set up
  - S8026067: Enhance signed jar verification
  - S8026163, CVE-2014-2427: Enhance media provisioning
  - S8026188, CVE-2014-2423: Enhance envelope factory
  - S8026200: Enhance RowSet Factory
  - S8026736, CVE-2014-2398: Enhance Javadoc pages
  - S8026797, CVE-2014-0451: Enhance data transfers
  - S8026801, CVE-2014-0452: Enhance endpoint addressing
  - S8027766, CVE-2014-0453: Enhance RSA processing
  - S8027775: Enhance ICU code.
  - S8027841, CVE-2014-0429: Enhance pixel manipulations
  - S8028385: Enhance RowSet Factory
  - S8028388: 9 jaxws tests failed in nightly build with java.lang.ClassCastException
  - S8029282, CVE-2014-2403: Enhance CharInfo set up
  - S8029286: Enhance subject delegation
  - S8029699: Update Poller demo
  - S8029730: Improve audio device additions
  - S8029735: Enhance service mgmt natives
  - S8029740, CVE-2014-0446: Enhance handling of loggers
  - S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg)
  - S8029854, CVE-2014-2421: Enhance JPEG decodings
  - S8029858, CVE-2014-0456: Enhance array copies  
  - S8030731, CVE-2014-0460: Improve name service robustness
  - S8031032: SQE test failures after JDK-8025010 was fixed
  - S8031330: Refactor ObjectFactory
  - S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng)
  - S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader
  - S8031395: Enhance LDAP processing
  - S8031477: [macosx] Loading AWT native library fails
  - S8032370: No "Truncated file" warning from IIOReadWarningListener on JPEGImageReader
  - S8033618, CVE-2014-1876: Correct logging output
  - S8034926, CVE-2014-2397: Attribute classes properly
  - S8035834: InetAddress.getLocalHost() can hang after JDK-8030731 was fixed
  - S8035893: JVM_GetVersionInfo fails to zero structure
  - S8036794, CVE-2014-0461: Manage JavaScript instances
  - OPENJDK-30: Remove @Override annotation on interfaces added by 2014/04/15 security fixes.

OK?
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07

More information about the jdk6-dev mailing list