zafena development

September 18, 2009

Dear Jalimo users!

I have pushed a quite massive patch into the Jalimo sourcetree to make all OpenJDK 6b16 recipe's in sync with and able to cross-compile the latest Icedtea6-1.6.1 release!

So... What’s New?
—————–
- Security fixes for:
CVE-2009-2670 – OpenJDK Untrusted applet System properties access
CVE-2009-2671 CVE-2009-2672 – OpenJDK Proxy mechanism information leaks
CVE-2009-2673 – OpenJDK proxy mechanism allows non-authorized socket connections
CVE-2009-2674 – Java Web Start Buffer JPEG processing integer overflow
CVE-2009-2675 – Java Web Start Buffer unpack200 processing integer overflow
CVE-2009-2625 – OpenJDK XML parsing Denial-Of-Service
CVE-2009-2475 – OpenJDK information leaks in mutable variables
CVE-2009-2476 – OpenJDK OpenType checks can be bypassed
CVE-2009-2689 – OpenJDK JDK13Services grants unnecessary privileges
CVE-2009-2690 – OpenJDK private variable information disclosure
- FAST interpreter for ARM, now with gcc 4.1.2 support!
- Timezone fix: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=377
- Stackoverflow error fix:

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=381

- Backport regression (NPE) fix for AccessControlContext fix
- Bump to hs14b16

The following people helped with this release:
Gary Benson, Deepak Bhole, Andrew Haley, Andrew John Hughes, Mark
Wielaard, Lillian Angel, Matthias Klose, Ed Nevill, and many others.

We would also like to thank the bug reporters and testers!

Cheers and have a great day!
Xerxes

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress