GNU/Andrew’s Blog

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

IcedTea6 1.10.8
IcedTea6 1.11.3

All updates contain the following security fixes:

S7079902, CVE-2012-1711: Refine CORBA data models
S7110720: Issue with vm config file loadingIssue with vm config file loading
S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
S7143872, CVE-2012-1718: Improve certificate extension processing
S7145239: Finetune package definition restriction
S7152811, CVE-2012-1723: Issues in client compiler
S7157609, CVE-2012-1724: Issues with loop
S7160677: missing else in fix for 7152811
S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile

Full details of each release can be found below.

What’s New?

New in release 1.10.8 (2012-06-12):

Security fixes
- S7079902, CVE-2012-1711: Refine CORBA data models
- S7110720: Issue with vm config file loadingIssue with vm config file loading
- S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
- S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
- S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
- S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
- S7143872, CVE-2012-1718: Improve certificate extension processing
- S7145239: Finetune package definition restriction
- S7152811, CVE-2012-1723: Issues in client compiler
- S7157609, CVE-2012-1724: Issues with loop
- S7160677: missing else in fix for 7152811
- S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
Bug fixes
- PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)

New in release 1.11.3 (2012-06-12):

Security fixes
- S7079902, CVE-2012-1711: Refine CORBA data models
- S7110720: Issue with vm config file loadingIssue with vm config file loading
- S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
- S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
- S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
- S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
- S7143872, CVE-2012-1718: Improve certificate extension processing
- S7145239: Finetune package definition restriction
- S7152811, CVE-2012-1723: Issues in client compiler
- S7157609, CVE-2012-1724: Issues with loop
- S7160677: missing else in fix for 7152811
- S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
Bug fixes
- PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)

The tarballs can be downloaded from:

SHA256 checksums:

7723882c52d21f859c67f64d84764d5e6c69ac79245ecc0579ccac29e086000a icedtea6-1.10.8.tar.gz
7d91c407b9795bd6f6255bcf0fb808416b36418c57f601dc47cfabff83194cf4 icedtea6-1.11.3.tar.gz

Each tarball is accompanied by a digital signature (link above). This is produced using my public key. See details below.

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

The following people helped with these releases:

Andrew Dinn (checking of S7160757)
Andrew Haley (checking of S7110720, S7152811 & S7143606)
Andrew John Hughes (checking of S7143872, reproducer testing & release management)
Omair Majid (checking of S7079902, S7143851 & S7143606)
Pavel Tisnovsky (PR1018, checking of S7143617 & S7157609)
Jon VanAlten (checking of S7145239)
Jiri Vanek (checking ofS7143606)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy Hacking!

http://lightguard-jp.blogspot.com Jason Porter

Is there a way to add IcedTea 1.6 for F17? I’ve found it very useful for testing projects I’m working on to be able to run with different versions of the JDK. Everything I’ve tried hasn’t worked well, I’m afraid at this point it’s down to building it from source.

[SECURITY] IcedTea6 1.10.8 & 1.11.3 Released!

What’s New?

New in release 1.10.8 (2012-06-12):

New in release 1.11.3 (2012-06-12):

Happy Hacking!

Archived Entry