Poznata platforma za razvoj aplikacija u programskom jeziku Java, java-1.6.0-openjdk sadrži brojne sigurnosne propuste koji ugrožavaju integritet, dostupnost i povjerljivost podataka.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-13127
2012-09-01 23:47:08
--------------------------------------------------------------------------------

Name        : java-1.6.0-openjdk
Product     : Fedora 16
Version     : 1.6.0.0
Release     : 68.1.11.4.fc16
URL         : http://icedtea.classpath.org/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

This is update to latest IcedTea6 1.11.4
Except several minor enhancement there is fix for possible through by
SecurityManager unguarded Beans. Although this is not so serious as for
OpenJDK7, it is considered as security.

http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9-1-11-4-icedtea-2-3-2-released/
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-68.1.11.4
- Updated to IcedTea6 1.11.4
* Fri Jun  8 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-67.1.11.3
- Updated to IcedTea6 1.11.3
- Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch:
  -
com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
  - packages added to patch and to package.definition
- Access gnome bridge jar forced to be 644
* Thu May 31 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:6.0.0-0-66.1.11.2
- Updated to IcedTea6-1.11.2
- Bug fixes
  - RH789154: javac error messages no longer contain the full path to the
offending file:
  - PR797: Compiler error message does not display entire file name and path
  - PR881: Sign tests (wsse.policy.basic) failures with OpenJDK6
  - PR886: 6-1.11.1 fails to build CACAO on ppc
  - Specify both source and target in IT_GET_DTDTYPE_CHECK.
  - Install nss.cfg into j2re-image too.
  - PR584: Don't use shared Eden in incremental mode.
- Backports
  - S6792400: Avoid loading of Normalizer resources for simple uses
* Sat Feb 11 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:6.0.0-0-65.1.11.1
- Security update to IcedTea6-1.11.1
- Security fixes
  - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
  - S7088367, CVE-2011-3563: Fix issues in java sound
  - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
  - S7110687, CVE-2012-0503: Issues with TimeZone class
  - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in
ObjectStreamClass
  - S7110704, CVE-2012-0506: Issues with some method in corba
  - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
  - S7118283, CVE-2012-0501: Better input parameter checking in zip file
processing
  - S7126960, CVE-2011-5035: (httpserver) Add property to limit number of
request headers to the HTTP Server
- Bug fixes
  - PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch
* Wed Feb  1 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:6.0.0-0-64.1.11
- Updated for ARM build based on fixes by Andrew Haley (aph at redhat dot com)
- Added patch100: name-arm-asm-int-fix.patch
* Tue Jan 31 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-63.1.11
- sync with master
- IcedTea6 bumped to 1.11 release
- full release info at:
  http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-January/017060.html
- removed and deleted patches:
     patch5  makefile-xalan-deps.patch
     patch6  glibc-name-clash.patch
   all were upstreamed
* Tue Jan 24 2012 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-62.1.10.5
- updated to icedtea6 1.10.5
- Backports
    S7034464, Support transparent large pages on Linux
    S7037939, NUMA: Disable adaptive resizing if SHM large pages are used
    S7102369, RH751203: remove java.rmi.server.codebase property parsing from
registyimpl
    S7094468, RH751203: rmiregistry clean up
    S7103725, RH767129: REGRESSION â?? 6u29 breaks ssl connectivity using
TLS_DH_anon_WITH_AES_128_CBC_SHA
    S6851973, PR830: ignore incoming channel binding if acceptor does not set
one
    S7091528, javadoc attempts to parse .class files
* Fri Nov 25 2011 Omair Majid <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-61.1.10.4
- Fix rhbz#741821
* Tue Nov  1 2011 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-60.1.10.4
- omajid have added Patch6 as (probably temporally) solution for S7103224 for
buildability on newest glibc libraries.
* Thu Oct 13 2011 Jiri Vanek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:1.6.0.0-60.1.10.4
- updated to icedtea6 1.10.4
- Security fixes
  - S7000600, CVE-2011-3547: InputStream skip() information leak
  - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
  - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow
  - S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager
  - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine
  - S7055902, CVE-2011-3521: IIOP deserialization code execution
  - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error
checks
  - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against
SSL/TLS (BEAST)
  - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer
  - S7077466, CVE-2011-3556: RMI DGC server remote code execution
  - S7083012, CVE-2011-3557: RMI registry privileged code execution
  - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection
- Bug fixes
  - RH727195 : Japanese font mappings are broken
- Backports
  - S6826104, RH730015: Getting a NullPointer exception when clicked on
Application & Toolkit Modal dialog
- Zero/Shark
  - PR690: Shark fails to JIT using hs20.
  - PR696: Zero fails to handle fast_aldc and fast_aldc_w in hs20.
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.6.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce