[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.21.b09.fc9



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-2983
2009-03-24 05:10:27.337851
--------------------------------------------------------------------------------

Name        : java-1.6.0-openjdk
Product     : Fedora 9
Version     : 1.6.0.0
Release     : 0.21.b09.fc9
URL         : http://icedtea.classpath.org/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

Fixes important lcms security bug which gives unwarranted access to malicious
users.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 20 2009 Lillian Angel <langel redhat com> - 1:1.6.0-0.21.b09
- Added new lcms security patch.
* Tue Dec  2 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.20.b09
- Set runtests to 0.
* Tue Dec  2 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.20.b09
- Added new security patch.
- Resolves: rhbz#472234 
- Resolves: rhbz#472233  
- Resolves: rhbz#472231  
- Resolves: rhbz#472228  
- Resolves: rhbz#472224  
- Resolves: rhbz#472218  
- Resolves: rhbz#472213  
- Resolves: rhbz#472212  
- Resolves: rhbz#472211  
- Resolves: rhbz#472209  
- Resolves: rhbz#472208  
- Resolves: rhbz#472206  
- Resolves: rhbz#472201
* Mon Sep 22 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.19.b09
- Removed update-desktop-database dependency.
- Resolves: rhbz#463046
* Mon Sep  8 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.18.b09
- Moved hotspot patch to only be applied to jit_arches.
* Mon Sep  8 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.18.b09
- Added hotspot patch (Patch11) to fix eclipse crashing bug.
- Resolves: rhbz#460205
* Mon Sep  8 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.18.b09
- Added rhino requirement.
- Resolves: rhbz#461336
* Wed Jul 16 2008 Dennis Gilmore <dennis ausil us> - 1:1.6.0-0.17.b09
- bump the release to sync all arches
* Wed Jul  9 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.16.b09
- Add runtests define.
- Run test suites on JIT architectures only.
* Tue Jul  8 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.16.b09
- Only apply hotspot security patch of jitarches.
* Wed Jul  2 2008 Lillian Angel <langel redhat com> - 1:1.6.0-0.16.b09
- Added OpenJDK security patches.
* Sat Jun  7 2008 Tom "spot" Callaway <tcallawa redhat com> - 1:1.6.0-0.16.b09
- enable sparc/sparc64 builds
* Sat May 31 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Fix keytool location passed to generate-cacerts.pl.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Generate cacerts file.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Remove jhat patch.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Remove makefile patch.
- Update generate-fedora-zip.sh.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Formatting cleanups.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Group all Mauve commands.
* Fri May 30 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Formatting cleanups.
- Add jtreg_output to src subpackage.
* Wed May 28 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.15.b09
- Updated icedteasnapshot for new release.
* Tue May 27 2008 Thomas Fitzsimmons <fitzsim redhat com> - 1:1.6.0.0-0.15.b09
- Require ca-certificates.
- Symlink to ca-certificates cacerts.
- Remove cacerts from files list.
- Resolves: rhbz#444260
* Mon May 26 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.14.b09
- Added eclipse-ecj build requirement for mauve.
- Updated icedteasnapshot.
* Fri May 23 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.14.b09
- Fixed jtreg testing.
* Fri May 23 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.14.b09
- Updated icedteasnapshot.
- Updated release.
- Added jtreg testing.
* Thu May 22 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.13.b09
- Added new patch java-1.6.0-openjdk-java-access-bridge-tck.patch.
- Updated release.
* Mon May  5 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.12.b09
- Updated release.
- Updated icedteasnapshot.
- Resolves: rhbz#445182
- Resolves: rhbz#445183
* Tue Apr 29 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.11.b09
- Fixed javaws.desktop installation.
* Tue Apr 29 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.11.b09
- Updated icedteasnapshot.
- Removed java-1.6.0-openjdk-jconsole.desktop and
  java-1.6.0-openjdk-policytool.desktop files.
* Tue Apr 29 2008 Lillian Angel <langel redhat com> - 1:1.6.0.0-0.11.b09
- Updated release.
- Added archbuild and archinstall definitions for ia64.
- Resolves: rhbz#433843
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #487508 - CVE-2009-0723 LittleCms integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=487508
  [ 2 ] Bug #487509 - CVE-2009-0581 LittleCms memory leak
        https://bugzilla.redhat.com/show_bug.cgi?id=487509
  [ 3 ] Bug #487512 - CVE-2009-0733 LittleCms lack of upper-bounds check on sizes
        https://bugzilla.redhat.com/show_bug.cgi?id=487512
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.6.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]