openjdk team mailing list archive

Thread
Date

[Bug 726845] Re: [natty] icedtea6-plugin uninstallable on armel

To: openjdk@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <726845@xxxxxxxxxxxxxxxxxx>
Date: Wed, 02 Mar 2011 19:10:11 -0000
Reply-to: Bug 726845 <726845@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package openjdk-6b18 - 6b18-1.8.7-0ubuntu2

---------------
openjdk-6b18 (6b18-1.8.7-0ubuntu2) natty; urgency=low

  * Browser plugin and Webstart are built from icedtea-web. LP: #726845.

openjdk-6b18 (6b18-1.8.7-0ubuntu1) maverick-security; urgency=low

  * IcedTea6 1.8.7 release.
    - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption.
    - S6907662, CVE-2010-4465: Swing timer-based security manager bypass.
    - S6994263, CVE-2010-4472: Untrusted code allowed to replace
      DSIG/C14N implementation.
    - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets.
    - S6983554, CVE-2010-4450: Launcher incorrect processing of empty
      library path entries.
    - S6985453, CVE-2010-4471: Java2D font-related system property leak.
    - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation.
    - CVE-2011-0706: Multiple signers privilege escalation.

  * IcedTea6 1.8.6 release.
    - S4421494, CVE-2010-4476: infinite loop while parsing double literal.

openjdk-6b18 (6b18-1.8.5-0ubuntu1) maverick-security; urgency=low

  * IcedTea6 1.8.5 release.
    - CVE-2011-0025: IcedTea jarfile signature verification bypass.
 -- Matthias Klose <doko@xxxxxxxxxx>   Wed, 02 Mar 2011 19:55:46 +0100

** Changed in: openjdk-6b18 (Ubuntu Natty)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4448

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4450

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4465

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4469

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4470

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4471

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4472

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4476

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0025

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0706

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in ubuntu.
https://bugs.launchpad.net/bugs/726845

Title:
  [natty] icedtea6-plugin uninstallable on armel

Status in “openjdk-6” package in Ubuntu:
  Invalid
Status in “openjdk-6b18” package in Ubuntu:
  Fix Released
Status in “openjdk-6” source package in Natty:
  Invalid
Status in “openjdk-6b18” source package in Natty:
  Fix Released

Bug description:
  $ apt-get install openjdk-6-jre icedtea6-plugin icedtea-netx
  ...
  The following packages have unmet dependencies:
   icedtea-netx : Conflicts: openjdk-6-jre (< 6b20-1.10~pre2-0ubuntu2) but 6b18-1.8.3-1ubuntu3 is to be installed
   openjdk-6-jre : Depends: openjdk-6-jre-headless (>= 6b18-1.8.3-1ubuntu3) but it is not going to be installed
  E: Broken packages

References

[Bug 726845] [NEW] [natty] icedtea6-plugin uninstallable on armel
From: Jamie Strandboge, 2011-02-28