Package "openjdk-6"
Name: |
openjdk-6
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Alternative JVM for OpenJDK, using Cacao
- Alternative JVM for OpenJDK, using JamVM
- Java runtime based on OpenJDK (debugging symbols)
- Java runtime based on OpenJDK (demos and examples)
|
Latest version: |
6b41-1.13.13-0ubuntu0.14.04.1 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "openjdk-6" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
openjdk-6 (6b41-1.13.13-0ubuntu0.14.04.1) trusty-security; urgency=medium
* IcedTea 1.13.12 release.
* Security fixes backported from 8u121:
- S8168714, CVE-2016-5546: ECDSA will accept signatures that have various
extraneous bytes added to them whereas the signature is supposed to be
unique.
- S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt
sections to be 2^32-1 bytes long so these should not be uncompressed
unless the user explicitly requests it.
- S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may
leak information about k.
- S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to
deserialize responses from an LDAP server when an LDAP context is
expected.
- S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how
users or external applications would interpret them leading to possible
security issues.
- S8164147, CVE-2017-3261: An integer overflow exists in
SocketOutputStream which can lead to memorydisclosure.
- S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will
dispatch HTTP GET requests where the invoker does not have permission.
- S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when
long running sessions are allowed.
- S8165344, CVE-2017-3272: A protected field can be leveraged into type
confusion.
- S8156802, CVE-2017-3241: RMI deserialization should limit the types
deserialized to prevent attacks that could escape the sandbox.
* debian/patches/it-add-cpp-flags.patch: refreshed.
* debian/patches/it-jamvm-2.0.0.patch: refreshed.
* debian/patches/it-emacs-mode.patch: refreshed.
* debian/patches/hotspot-disable-arm32-jit.diff: removed, ARM32 JIT is now
disabled by default on icedtea.
* debian/patches/zero-missing-headers.diff: removed, fix applied upstream.
* debian/repack: fix jamvm url.
-- Tiago Stürmer Daitx <email address hidden> Tue, 14 Feb 2017 02:27:53 +0000
|
Source diff to previous version |
CVE-2016-5546 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected a |
CVE-2017-3253 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java |
CVE-2016-5548 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java S |
CVE-2017-3252 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Ja |
CVE-2016-5552 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected |
CVE-2017-3261 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java |
CVE-2017-3231 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java |
CVE-2016-2183 |
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately |
CVE-2017-3272 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java S |
CVE-2017-3241 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Jav |
|
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium
* Backported security fixes from 8u111:
- CVE-2016-5582, S8160591: Improve internal array handling.
- CVE-2016-5573, S8159519: Reformat JDWP messages.
- CVE-2016-5597, S8160838: Better HTTP service.
- CVE-2016-5554, S8157739: Classloader Consistency Checking.
- CVE-2016-5542, S8155973: Tighten jar checks.
-- Tiago Stürmer Daitx <email address hidden> Wed, 30 Nov 2016 23:44:53 +0000
|
Source diff to previous version |
CVE-2016-5582 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integr |
CVE-2016-5573 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integr |
CVE-2016-5597 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vec |
CVE-2016-5554 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors r |
CVE-2016-5542 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors r |
|
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.2) trusty-security; urgency=medium
* Disable precompiled header for arm64 (LP: #1617379)
- debian/rules: replace DISABLE_PRECOMPILED_HEADER=1 with
USE_PRECOMPILED_HEADER=0 and apply no-pch-build.diff as
well as zero-missing-headers.diff
- debian/patches/no-pch-build.diff: include missing psOldGen.hpp to
various headers
- debian/patches/zero-missing-headers.diff: missing headers for zero
* Create watch file for package updates
- debian/watch: fetch newest icedtea and call debian/repack
- debian/repack: unpack icedtea tarball, parse the Makefile.am,
download the right version of openjdk-6-src/cacao/jamvm, repack
* debian/rules:
- extract OPENJDK_VERSION from changelog
- remove dependency on OPENJDK_SRC_ZIP and use OPENJDK_VERSION to
select the right tarball
- remove hs20 hotspot rules as we are only relying on "original"
- call autogen.sh during the build and remove auto-generated files
* Updated source format to 3.0 (quilt)
- patches/it-add-cpp-flags.patch: added.
- patches/it-automake-1.11.patch: added.
- patches/it-emacs-mode.patch: added.
- patches/it-enable-aarch64.patch: added.
- patches/it-jamvm-2.0.0.patch: added.
- patches/icedtea-patch.diff: removed.
|
Source diff to previous version |
1617379 |
ftbfs due to missing headers when pch is disabled |
|
openjdk-6 (6b38-1.13.10-0ubuntu0.14.04.1) trusty-security; urgency=high
* Backport to Ubuntu 14.04.
|
About
-
Send Feedback to @ubuntu_updates