2014/10/14 security update and OpenJDK 6 b33

Andrew Hughes gnu.andrew at redhat.com
Tue Oct 14 21:27:46 UTC 2014 

Security updates have been added to OpenJDK 6 and b33 released:

4d6a79e595921f6783e2e2090f2ee454eb45f904da91ed3549e39aadd9769f55  openjdk-6-src-b33-14_oct_2014.tar.gz
cabc35587a90fa81edd8ba8537c0454348c37456de27e407bbb66d52031a1293  openjdk-6-src-b33-14_oct_2014.tar.xz

Changes:

* Security fixes
  - S8015256: Better class accessibility
  - S8022783, CVE-2014-6504: Optimize C2 optimizations
  - S8035162: Service printing service
  - S8035781: Improve equality for annotations
  - S8036805: Correct linker method lookup.
  - S8036810: Correct linker field lookup
  - S8037066, CVE-2014-6457: Secure transport layer
  - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams
  - S8038899: Safer safepoints
  - S8038903: More native monitor monitoring
  - S8038908: Make Signature more robust
  - S8038913: Bolster XML support
  - S8039509, CVE-2014-6512: Wrap sockets more thoroughly
  - S8039533, CVE-2014-6517: Higher resolution resolvers
  - S8041540, CVE-2014-6511: Better use of pages in font processing
  - S8041545: Better validation of generated rasters
  - S8041564, CVE-2014-6506: Improved management of logger resources
  - S8041717, CVE-2014-6519: Issue with class file parser
  - S8042609, CVE-2014-6513: Limit splashiness of splash images
  - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord
  - S8044274, CVE-2014-6531: Proper property processing
  - OPENJDK6-42: Remove @Override annotation on interfaces added by 2014/10/14 security fixes.
* Other fixes backported from 7u71
  - S7033534: Two tests fail just against jdk7 b136
  - S7160837: DigestOutputStream does not turn off digest calculation when "close()" is called
  - S7172149: ArrayIndexOutOfBoundsException from Signature.verify
  - S8012637: Adjust CipherInputStream class to work in AEAD/GCM mode
  - S8028192: Use of PKCS11-NSS provider in FIPS mode broken
  - S8038000: java.awt.image.RasterFormatException: Incorrect scanline stride
  - S8039396: NPE when writing a class descriptor object to a custom ObjectOutputStream
  - S8042603: 'SafepointPollOffset' was not declared in static member function 'static bool Arguments::check_vm_args_consistency()'
  - S8042850: Extra unused entries in ICU ScriptCodes enum
  - S8052162: REGRESSION: sun/java2d/cmm/ColorConvertOp tests fail since 7u71 b01
  - S8053963: (dc) Use DatagramChannel.receive() instead of read() in connect()
* Changes submitted between b32 and this update
  - OPENJDK6-37: OpenJDK6-b32 cannot be built on Windows
  - OPENJDK6-39: Handle fonts with the non-canonical processing flag set
  - OPENJDK6-41: OpenJDK6 should be compatible with Windows SDK 7.1
  - S6967684: httpserver using a non thread-safe SimpleDateFormat
  - S8010213: Some api/javax_net/SocketFactory tests fail in 7u25 nightly build
  - S7027300, RH1098399: Unsynchronized HashMap access causes endless loop
  - S7183251: Netbeans editor renders text wrong on JDK 7u6 build

Webrevs for the changes in the first two sections are available here for belated approval:

http://cr.openjdk.java.net/~andrew/openjdk6/20141014/hotspot/
http://cr.openjdk.java.net/~andrew/openjdk6/20141014/jaxp/
http://cr.openjdk.java.net/~andrew/openjdk6/20141014/jdk/

Thanks,
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://mail.openjdk.java.net/pipermail/jdk6-dev/attachments/20141014/f9a0eb18/signature.asc>

More information about the jdk6-dev mailing list