Original announcement courtesy of Omair Majid.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 6 series: 1.11.9 & 1.12.4. We recommend that users upgrade to the latest release from the
appropriate branch as soon as possible. The releases contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.11.9 (2013-03-04)

New in release 1.12.4 (2013-03-04)

The tarballs can be downloaded from:

SHA256 checksums:

  • 0c134bea8d48c77ad5d41d4a0f98f471c381faaa0ef0c215d48687e709e93f3f icedtea6-1.11.9.tar.gz
  • eb326c6ae0147ca4abe4bd79e52c1edc2ef08e5e008230e24bee3abb39e14dda icedtea6-1.12.4.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using Omair’s public key. See details below.

  • PGP Key: 66484681 (http://pgp.mit.edu/)
  • Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681

The following people helped with these releases:

  • Severin Gehwolf (creation of fix for S8007675)
  • Omair Majid (applying all security patches, reproducer runs, release management)
  • Mario Torre (creation of fix for S8007675)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!