openjdk team mailing list archive

Thread
Date
[Bug 934661]

To: openjdk@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Fri, 24 Feb 2012 19:05:51 -0000
Reply-to: Bug 934661 <934661@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Visibility changed to: Public

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-7 in Ubuntu.
https://bugs.launchpad.net/bugs/934661

Title:
  IcedTea 2.1 fixes 9 security issues and many other bugs

Status in “openjdk-7” package in Ubuntu:
  New

Bug description:
  IcedTea 2.1 was released and fixes 9 security issues:

  http://blog.fuseyism.com/index.php/2012/02/15/icedtea-2-1-released-
  openjdk7-u3-release/

  """The IcedTea 2.1 release updates our OpenJDK7 support to include the
  latest updates in u2 as well as the security updates just released:"""

      S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
      S7088367, CVE-2011-3563: Fix issues in java sound
      S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
      S7110687, CVE-2012-0503: Issues with TimeZone class
      S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass
      S7110704, CVE-2012-0506: Issues with some method in corba
      S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
      S7118283, CVE-2012-0501: Better input parameter checking in zip file processing
      S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: openjdk-7-jdk 7~b147-2.0-1ubuntu2
  ProcVersionSignature: Ubuntu 3.2.0-16.25-generic 3.2.6
  Uname: Linux 3.2.0-16-generic x86_64
  ApportVersion: 1.91-0ubuntu1
  Architecture: amd64
  Date: Fri Feb 17 18:10:00 2012
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Alpha amd64 (20120216)
  ProcEnviron:
   SHELL=/bin/bash
   PATH=(custom, no user)
   LANG=en_US.UTF-8
  SourcePackage: openjdk-7
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/934661/+subscriptions