← Back to team overview

openjdk team mailing list archive

[Bug 1512760] Re: [regression] Java applications leaks shmem chunks

 

This bug was fixed in the package openjdk-7 -
7u91-2.6.3-0ubuntu0.14.04.1

---------------
openjdk-7 (7u91-2.6.3-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Backport to Ubuntu 14.04.

openjdk-7 (7u91-2.6.3-0ubuntu0.15.10.1) wily-security; urgency=medium

  * Icedtea release 2.6.3 (based on 7u91):
  * Security fixes
    - S8142882, CVE-2015-4871: rebinding of the receiver of a
       DirectMethodHandle may allow a protected method to be accessed
  * Bad merge in IcedTea caused 2.6.1 to leak shmem chunks, affecting
    other applications such as QT and VLC, thanks Andrew Hughes for the
    fix in 2.6.2. (LP: #1512760)

openjdk-7 (7u91-2.6.2-1) unstable; urgency=medium

  [ Tiago Stürmer Daitx ]
  * IcedTea release 2.6.2 (based on 7u91):
  * Security fixes
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081760: Better group dynamics
    - S8086092, CVE-2015-4840: More palette improvements
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8130078, CVE-2015-4911: Document better processing
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation
  * d/patches/it-debian-build-flags.diff: refreshed
  * d/patches/it-set-compiler.diff: refreshed
  * d/patches/it-use-quilt.diff: refreshed and updated
  * d/patches/it-jamvm-2.0.diff: refreshed
  * d/patches/xrender: removed as it was applied upstream

openjdk-7 (7u85-2.6.1-6) unstable; urgency=medium

  [ Tiago Stürmer Daitx ]
  * Security fixes
    - S8048030, CVE-2015-4734: Expectations should be consistent
    - S8068842, CVE-2015-4803: Better JAXP data handling
    - S8076339, CVE-2015-4903: Better handling of remote object invocation
    - S8076383, CVE-2015-4835: Better CORBA exception handling
    - S8076387, CVE-2015-4882: Better CORBA value handling
    - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency
    - S8076413, CVE-2015-4883: Better JRMP message handling
    - S8078427, CVE-2015-4842: More supportive home environment
    - S8078440: Safer managed types
    - S8080541: More direct property handling
    - S8080688, CVE-2015-4860: Service for DGC services
    - S8081744, CVE-2015-4868: Clear out list corner case
    - S8081760: Better group dynamics
    - S8086092. CVE-2015-4840: More palette improvements
    - S8086733, CVE-2015-4893: Improve namespace handling
    - S8087350: Improve array conversions
    - S8103671, CVE-2015-4805: More objective stream classes
    - S8103675: Better Binary searches
    - S8129611: Accessbridge error handling improvement
    - S8130078, CVE-2015-4911: Document better processing
    - S8130185: More accessible access switch
    - S8130193, CVE-2015-4806: Improve HTTP connections
    - S8130864: Better server identity handling
    - S8130891, CVE-2015-4843: (bf) More direct buffering
    - S8131291, CVE-2015-4872: Perfect parameter patterning
    - S8132042, CVE-2015-4844: Preserve layout presentation
  * S6966259: Make PrincipalName and Realm immutable, required for S8048030
  * S8078822: 8068842 fix missed one new file
    PrimeNumberSequenceGenerator.java

  [ Matthias Klose ]
  * Re-enable the atk bridge for releases with a fixed atk bridge.
    Again closes: #797595.

 -- Tiago Stürmer Daitx <tiago.daitx@xxxxxxxxxxxxx>  Thu, 19 Nov 2015
03:22:53 +0000

** Changed in: openjdk-7 (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4734

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4803

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4805

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4806

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4835

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4840

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4842

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4843

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4844

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4860

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4868

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4871

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4872

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4881

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4882

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4883

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4893

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4903

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4911

** Changed in: openjdk-7 (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-7 in Ubuntu.
https://bugs.launchpad.net/bugs/1512760

Title:
  [regression] Java applications leaks shmem chunks

Status in Iced Tea:
  Fix Released
Status in openjdk-7 package in Ubuntu:
  Fix Released
Status in openjdk-7 package in Debian:
  Incomplete
Status in openjdk-7 package in Gentoo Linux:
  Fix Released
Status in openjdk-7 package in openSUSE:
  Unknown

Bug description:
  After last update of openjdk few days ago system is going to be
  unsable, because any java application (JetBrains, IcedTea) leaks shmem
  chunks, which can be detected by "ipcs -m -p" command. This issues to
  unable to start any Qt application - vlc for example:

  QNativeImage: Unable to attach to shared memory segment. 
  (vlc:8541): Gdk-WARNING **: shmget failed: error 28

  Steps to reproduce:
  - run any java application
  - monitor shmem stats: ipcs -m -p | wc -l
  - try to run any Qt app 

  ~$ java -version
  java version "1.7.0_85"
  OpenJDK Runtime Environment (IcedTea 2.6.1) (7u85-2.6.1-5ubuntu0.15.04.1)
  OpenJDK 64-Bit Server VM (build 24.85-b03, mixed mode)

  ~$ lsb_release -a
  No LSB modules are available.
  Distributor ID: Ubuntu
  Description:    Ubuntu 15.04
  Release:        15.04
  Codename:       vivid

To manage notifications about this bug go to:
https://bugs.launchpad.net/icedtea/+bug/1512760/+subscriptions


References