[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-9.b14.fc10

updates at fedoraproject.org updates at fedoraproject.org
Thu Feb 5 02:24:06 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1373
2009-02-05 01:18:26
--------------------------------------------------------------------------------

Name        : java-1.6.0-openjdk
Product     : Fedora 10
Version     : 1.6.0.0
Release     : 9.b14.fc10
URL         : http://icedtea.classpath.org/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

This fixes a default security policy, that allowed unsigned applets to access
the gnome-java-bridge, allowing a privilege escalation (#474431).    There are
also several bug fixes included in this update.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Updated sources.
* Fri Jan 23 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Added accessibility patch.
* Thu Jan 22 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-10.b14
- Updated to icedtea-1.4 snapshot.
- Updated release.
- Removed netbeans and visualvm.
- Added hotspot source.
- Added --with-hotspot-src-zip build option.
- Set runtests to 1.
- Updated jtreg log.
- Updated openjdkver.
- Updated openjdkdate.
- Added new patch to add GNOME to java.security.
- Resolves: rhbz#472953
- Resolves: rhbz#475081
- Resolves: rhbz#452573
- Resolves: rhbz#474431
- Resolves: rhbz#474503
- Resolves: rhbz#472862
- Resolves: rhbz#477351
- Resolves: rhbz#475109
- Resolves: rhbz#476462
* Sun Jan 11 2009 Lillian Angel <langel at redhat.com> - 1:1.6.0-8.b12
- Removed README.plugin, updated source list.
- Updated release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL
        https://bugzilla.redhat.com/show_bug.cgi?id=476462
  [ 2 ] Bug #452573 - Bad window size calculation after using pack()
        https://bugzilla.redhat.com/show_bug.cgi?id=452573
  [ 3 ] Bug #475109 - NullPointerException when launching JNLP file
        https://bugzilla.redhat.com/show_bug.cgi?id=475109
  [ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path
        https://bugzilla.redhat.com/show_bug.cgi?id=472953
  [ 5 ] Bug #475081 - Komercni banka's online banking does not work
        https://bugzilla.redhat.com/show_bug.cgi?id=475081
  [ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge
        https://bugzilla.redhat.com/show_bug.cgi?id=474431
  [ 7 ] Bug #474503 - RFE: Update HotSpot
        https://bugzilla.redhat.com/show_bug.cgi?id=474503
  [ 8 ] Bug #472862 - Run tests and include jtreg-check summary
        https://bugzilla.redhat.com/show_bug.cgi?id=472862
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.6.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list