Security


The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases are now available for the OpenJDK 6 series: 1.11.8 & 1.12.3. These contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.11.8 (2013-02-19)

New in release 1.12.3 (2013-02-19)

The tarballs can be downloaded from:

SHA256 checksums:

  • 62620b5544d5e1df7508d7c777fb78532c75eec43b99c8c7d1a3c84f352c1ea3 icedtea6-1.11.8.tar.gz
  • db9dc14fa537fb22616fcd9e5b80758aa7baa66e0b6f8adfe3d5e80414574b4c icedtea6-1.12.3.tar.gz

The tarballs are accompanied by digital signatures available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Severin Gehwolf (production of reproducer for 8006777)
  • Andrew John Hughes (application of security fixes & backports, creation & testing of bug fixes, reproducer testing, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

These releases update our older OpenJDK7 support to include the latest security updates just released:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

Note that this will be the last release in the 2.2.x series with 2.4.0 being imminent. The 2.1.x series will unfortunately have to be supported until the ARM32 port is moved to a newer release, but we hope this won’t be for much longer.

What’s New?

New in release 2.1.5 (2013-02-13)

New in release 2.2.5 (2013-02-13)

The tarballs can be downloaded from:

SHA256 checksums:

  • f8144e370379371d5d4db6955b43b371f4fa8a99a9dca404995a12af21d46974 icedtea-2.1.5.tar.gz
  • cf79e99c1a8ad8d0dcc1ef66c30a776d159ab4a64290d9c1affa0e304ba2e7b5 icedtea-2.2.5.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz

where ${version} is the version of IcedTea being used.

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

This release updates our OpenJDK7 support to include the latest security updates just released:

This release has been delayed because the original patches supplied to us by Oracle introduced a number of regressions which were not resolved until fixes were made available over a week later in the OpenJDK 7u-dev repository. Most notably, building with OpenJDK6 was broken and we felt it unwise to ship in this state.

The regressions are as follows:

  • S8002068: Build broken: corba code changes unable to use new JDK 7 classes
  • S8004341: Two JCK tests fails with 7u11 b06
  • S8005615: Java Logger fails to load tomcat logger implementation (JULI)

Given the delay, we have also taken the opportunity to sync the repository with the upstream 7u-dev repository at the tag “jdk7u13-b20″. Oracle have continually omitted providing branches for security releases. Only the releases developed in the open (u2, u4 and u6) have branches and apparently the goal of 7u to ‘develop updates’ does not include developing ‘security updates’ as one would naturally assume. However, it has become clear that there must be such a branch internally as the security patches are pulled into the 7u repository and merged with its current state. Thus, although it is not possible to work on top of 7u13-b20 in the 7u trees (as the merge and later fixes are piled on top), we can pull just that tag and retrieve just the changesets we need without the ones destined for u8/u12/u14/whatever it’s called next week.

In short, examining the changesets resulting from “hg in -r jdk7u13-b20″ showed that there was no major changes in there, just a few fixes believed to be included
in u10 and upstream versions of the security patches. So we’ve included these changesets in this release in the hope of bringing something closer to u13 in IcedTea7 2.3.6, though obviously we can’t make any guarantees about how the two compare as the code of u13 is proprietary.

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it to our bug database under the appropriate component. Development discussion takes place on the distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below. Note that 2.3.5 was tagged in the forest and used by Fedora, but ended up being a forest-only release after the regressions were found.

What’s New?

New in release 2.3.6 (2013-02-12)

  • Security fixes
  • Backports
    • S7057320: test/java/util/concurrent/Executors/AutoShutdown.java failing intermittently
    • S7083664: TEST_BUG: test hard code of using c:/temp but this dir might not exist
    • S7107613: scalability blocker in javax.crypto.CryptoPermissions
    • S7107616: scalability blocker in javax.crypto.JceSecurityManager
    • S7146424: Wildcard expansion for single entry classpath
    • S7160609: [macosx] JDK crash in libjvm.dylib ( C [GeForceGLDriver+0x675a] gldAttachDrawable+0×941)
    • S7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar
    • S7162488: VM not printing unknown -XX options
    • S7169395: Exception throws due to the changes in JDK 7 object tranversal and break backward compatibility
    • S7175616: Port fix for TimeZone from JDK 8 to JDK 7
    • S7176485: (bf) Allow temporary buffer cache to grow to IOV_MAX
    • S7179908: Fork hs23.3 hsx from hs22.2 for jdk7u7 and reinitialize build number
    • S7184326: TEST_BUG: java/awt/Frame/7024749/bug7024749.java has a typo
    • S7185245: Licensee source bundle tries to compile JFR
    • S7185471: Avoid key expansion when AES cipher is re-init w/ the same key
    • S7186371: [macosx] Main menu shortcuts not displayed (7u6 regression)
    • S7187834: [macosx] Usage of private API in macosx 2d implementation causes Apple Store rejection
    • S7188114: (launcher) need an alternate command line parser for Windows
    • S7189136: Fork hs23.5 hsx from hs23.4 for jdk7u9 and reinitialize build number
    • S7189350: Fix failed for CR 7162144
    • S7190550: REGRESSION: Some closed/com/oracle/jfr/api tests fail to compile becuse of fix 7185245
    • S7193219: JComboBox serialization fails in JDK 1.7
    • S7193977: REGRESSION:Java 7′s JavaBeans persistence ignoring the “transient” flag on properties
    • S7195106: REGRESSION : There is no way to get Icon inf, once Softreference is released
    • S7195301: XML Signature DOM implementation should not use instanceof to determine type of Node
    • S7195931: UnsatisfiedLinkError on PKCS11.C_GetOperationState while using NSS from jre7u6+
    • S7197071: Makefiles for various security providers aren’t including the default manifest.
    • S7197652: Impossible to run any signed JNLP applications or applets, OCSP off by default
    • S7198146: Another new regression test does not compile on windows-amd64
    • S7198570: (tz) Support tzdata2012f
    • S7198640: new hotspot build – hs23.6-b04
    • S7199488: [TEST] runtime/7158800/InternTest.java failed due to false-positive on PID match.
    • S7199645: Increment build # of hs23.5 to b02
    • S7199669: Update tags in .hgtags file for CPU release rename
    • S7200720: crash in net.dll during NTLM authentication
    • S7200742: (se) Selector.select does not block when starting Coherence (sol11u1)
    • S7200762: [macosx] Stuck in sun.java2d.opengl.CGLGraphicsConfig.getMaxTextureSize(Native Method)
    • S8000285: Deadlock between PostEventQueue.noEvents, EventQueue.isDispatchThread and SwingUtilities.invokeLater
    • S8000286: [macosx] Views keep scrolling back to the drag position after DnD
    • S8000297: REGRESSION: closed/java/awt/EventQueue/PostEventOrderingTest.java fails
    • S8000307: Jre7cert: focusgained does not get called for all focus req when do alt + tab
    • S8000822: Fork hs23.7 hsx from hs23.6 for jdk7u11 and reinitialize build number
    • S8001124: jdk7u ProblemList.txt updates (10/2012)
    • S8001242: Improve RMI HTTP conformance
    • S8001808: Create a test for 8000327
    • S8001876: Create regtest for 8000283
    • S8002068: Build broken: corba code changes unable to use new JDK 7 classes
    • S8002091: tools/launcher/ToolsOpts.java test started to fail since 7u11 b01 on Windows
    • S8002114: fix failed for JDK-7160951: [macosx] ActionListener called twice for JMenuItem using ScreenMenuBar
    • S8002225: (tz) Support tzdata2012i
    • S8003402: (dc) test/java/nio/channels/DatagramChannel/SendToUnresovled.java failing after 7u11 cleanup issues
    • S8003403: Test ShortRSAKeyWithinTLS and ClientJSSEServerJSSE failing after 7u11 cleanup
    • S8003948: NTLM/Negotiate authentication problem
    • S8004175: Restricted packages added in java.security are missing in java.security-{macosx, solaris, windows}
    • S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01
    • S8004341: Two JCK tests fails with 7u11 b06
    • S8005615: Java Logger fails to load tomcat logger implementation (JULI)
  • Bug fixes
    • Fix build using Zero’s HotSpot so all patches apply again.
    • PR1295: jamvm parallel unpack failure

The tarball can be downloaded from:

SHA256 checksums:

  • f55f2f2e5cdfa8b0429eaa56b4ecba7d63c701e867dbb636883c03cd8e64f4f9 icedtea-2.3.6.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (application of security fixes & backports, creation & testing of bug fixes, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-2.3.6.tar.gz

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-2.3.6/configure [--enable-zero --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

Many thanks to Omair Majid for preparing the 1.12.1 release while I was still returning home from FOSDEM. Much appreciated!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new security release is now available for the OpenJDK 6 series: 1.12.1. Regarding 7, we’ve hit bootstrapping issues that we’re trying to work around so it can still be built with OpenJDK 6, but if you fancy rolling your own using an earlier build of 7, the forests are already up-to-date for 2.3 as is the IcedTea7 2.3 repository.

The update contains the following security fixes:

Full details can be found below.

What’s New?

New in release 1.12.1 (2012-02-04)

The tarball can be downloaded from:

SHA256 checksum:

  • 8e73a3939ba8c2cca888defc6c90811c959273a9bc7bd1352338a72cefcf1157 icedtea6-1.12.1.tar.gz

The tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using Omair’s public key. See details below.

  • PGP Key: 66484681 (http://pgp.mit.edu/)
  • Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681

The following people helped with these releases:

  • Andrew John Hughes (applying all security patches & backports, release testing)
  • Omair Majid (identification of ordering issues with security patches, porting security patches to 1.12)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-1.12.1.tar.gz
$ cd icedtea-1.12.1

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new security release is now available for the OpenJDK 6 series: 1.11.6. An update for the recent release, 1.12.1, will follow shortly,as will updates for 7: 2.1.5, 2.2.5, 2.3.5 and eventually a 2.4.1. (2.4.0 will sadly have to now be just another tag release). Regarding 7, we’ve hit bootstrapping issues that we’re trying to work around so it can still be built with OpenJDK 6, but if you fancy rolling your own using an earlier build of 7, the forests are already up-to-date for 2.3 and the IcedTea7 2.3 repository will be as well, shortly (allowing Classpath JDK builds too).

The update contains the following security fixes:

Full details can be found below.

What’s New?

New in release 1.11.6 (2012-02-03)

The tarball can be downloaded from:

SHA256 checksum:

  • 1d4efe74bf8902c6682512ddb3cf71620e4fe107d1fb364b71453b551860fcca icedtea6-1.11.6.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (applying all security patches & backports, release management)
  • Omair Majid (identification of ordering issues with security patches)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-1.11.6.tar.gz
$ cd icedtea-1.11.6

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

I don’t like to go into too much detail about security updates, but I think it’s necessary to point out a few facts about the one we released yesterday, given some of the inaccuracies I’ve seen been spread on Twitter and elsewhere.

Patches were belatedly approved for OpenJDK 7u. OpenJDK 6 is not affected.

Running Java code from the command-line is quite different from running it via a browser plugin. In the latter situation, the user generally does not invoke the code and it runs in a sandbox with a much restricted set of privileges. Security issues occur when ways are found of achieving privilege escalation and being able to do thiings from the browser plugin that shouldn’t be allowed, such as invoking a program on the user’s computer. Bugs that allow this have a much higher security impact. Such escalation is fairly irrelevant when running Java from the command line as generally users run without a security manager and the code has full privileges anyway.

It is generally advisable to only run plugins in the browser that are needed (this applies to both Java and others such as Flash) and, where possible, whitelists should be used so that plugins are only used on pages approved by the user (of course, this depends on how informed the user is about giving such approval). So, all these advisories to turn off the Java browser plugin have some merit, as if you don’t use the plugin, you won’t be hit by browser-based exploits from either this issue or any future issues which may occur. Some people, of course, have no choice but to use the plugin, as some sites they use require it. In these situations, the plugin should only be used on those sites and disable for others; browsers such as Firefox and Chromium are now starting to provide users with more options (such as ‘click to play’) as to when and where plugins are invoked, and this will also help with security issues.

As always, any opinions expressed here are my own, and not those of Red Hat, Inc.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

These releases update our OpenJDK7 support to include the latest security updates just released:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it in our bug database under the appropriate component. Development discussion takes place on the OpenJDK distro-pkg-dev mailing list and patches are always welcome.

Full details of the releases can be found below.

What’s New?

New in release 2.3.4 (2013-01-15)

  • Security fixes
  • Backports
    • S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts
  • Bug fixes
    • G422525: Fix building with PaX enabled kernels.

New in release 2.2.4 (2013-01-15)

New in release 2.1.4 (2013-01-15)

The tarball can be downloaded from

SHA256 checksums:

  • 7762ce53479e49f8afffc81621515eb6c3f765c578ff13d4c601ce4af8935db6 icedtea-2.1.4.tar.gz
  • 6fd07ef223de0a24428384f56c848ce5e33e1030749de920adade570218f9ef3 icedtea-2.2.4.tar.gz
  • ea859f37fb20904ffd40802a41396326f7e301fa6873d88d01bf4afef5a60ca8 icedtea-2.3.4.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.10
  • IcedTea6 1.11.5
  • IcedTea7 2.1.3
  • IcedTea7 2.2.3
  • IcedTea7 2.3.3

We recommend that users upgrade to the latest release from the appropriate branch as soon as possible.

All updates contain the following security fixes:

The following fix is backported from 2.3.x to all other releases:

  • S7158800: Improve storage of symbol tables

Updates for OpenJDK6 also include:

  • S7176337: Additional changes needed for 7158801 fix

Updates for OpenJDK7 also include:

We believe that the 2.3.3 release takes IcedTea beyond u9[*], providing security updates from u7 and u9 on top of an OpenJDK7 u6 base, along with additional IcedTea patches to allow builds against system libraries and to support more estoric architectures.

Please note support for alternative VM solutions (CACAO, Shark, Zero) may be lacking in this release, as there has been little time for testing non-standard builds, and Zero is known to not work with 2.2.x (and only with 2.3.x via using the HotSpot from 2.1.x). Patches are welcome; please contact the mailing list and/or file bugs under the appropriate component. An update release may follow to correct issues with these builds, if necessary, but we deem it important to get the security updates out for mainstream builds as quickly as possible without further delay.

Full details of each release can be found below.

[*] It is difficult to make authoritative statements about u9 as the release
is proprietary. Oracle still do not provide GPL binaries based on OpenJDK.

What’s New?

New in release 1.10.10 (2012-10-16)

New in release 1.11.5 (2012-10-16)

New in release 2.1.3 (2012-10-17)

New in release 2.2.3 (2012-10-17)

New in release 2.3.3 (2012-10-17)

The tarballs can be downloaded from:

SHA256 checksums:

  • 644804a85b5b446d7840e3d11adf45782d73fcd880a2df5403c53c96cc288c3e icedtea6-1.10.10.tar.gz
  • 258d81d957f8ab9322fbaf7c90647f27f6b4e675504fa279858e6dfe513f7574 icedtea6-1.11.5.tar.gz
  • 1929e57eb6718d30735e1e04e9e129457f845f7d7a8404b2b028740d0779ddb6 icedtea-2.1.3.tar.gz
  • 4397ef71a0d729521be70f920bfc3fb6aec3455f1619b538cea75df512df1a16 icedtea-2.2.3.tar.gz
  • e5ac5564e00c4a8d7b3376ed6de91b18a2587c8abdad802ccc92c780765b1073 icedtea-2.3.3.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${ver}.tar.gz

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea6-build
$ cd icedtea6-build
$ ../icedtea6-${ver}/configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

We are pleased to announce the release of IcedTea 2.1.2, based on OpenJDK7 u2, and IcedTea 2.2.2, based on OpenJDK7 u4, with additional security fixes.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

These releases includes fixes for the zero-day issues that arose this week:

Patches are welcome; please contact the mailing list (distro-pkg-dev at openjdk.java.net) and/or file bugs under the appropriate component.

Full details of the release can be found below.

What’s New?

New in release 2.2.2 (2012-08-31)

  • Security fixes
  • OpenJDK
    • Fix Zero FTBFS issues
    • PR1101: Undefined symbols on GNU/Linux SPARC
    • S7180036: Build failure in Mac platform caused by fix # 7163201
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S7188168: 7071904 broke the DEBUG_BINARIES option on Linux
    • S7190813: (launcher) RPATH needs to have additional paths

New in release 2.1.2 (2012-09-02):

  • Security fixes
  • OpenJDK
    • PR1101: Undefined symbols on GNU/Linux SPARC
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S7190813: (launcher) RPATH needs to have additional paths
  • ARM
    • ARM: Fix trashed thread ptr after recursive re-entry from
    • ARM: Rename a bunch of misleadingly-named functions
    • Enable _adapter_opt_spread* jsr 292 code, now passes
    • Fix call to handle_special_method(). Fix compareAndSwapLong.

The tarballs can be downloaded from:

SHA256 checksums:

  • c7ebdb84581dca48a4389e12790d2d506b9cfc05f16612169284d5a5e3a02269 icedtea-2.1.2.tar.gz
  • e645fdcae825e0c60093962cb0a8fbf194c94a5e669162b3b357d99a6e36c86d icedtea-2.2.2.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea${ver}.tar.gz
$ cd icedtea${ver}

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK6 and OpenJDK7 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.9
  • IcedTea6 1.11.4
  • IcedTea 2.3.2

All updates contain the following security fixes:

In addition, 2.3.2 contains:

Full details of each release can be found below.

What’s New?

New in release 1.10.9 (2012-08-31):

  • Security fixes
  • OpenJDK
    • S7182135: Impossible to use some editors directly
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S6815182: GSSAPI/SPNEGO does not work with server using MIT Kerberos library
    • S6979329: CCacheInputStream fails to read ticket cache files from Kerberos 1.8.1
    • S7110373: krb5 test in openjdk6 without test infrastructure

New in release 1.11.4 (2012-08-31):

New in release 2.3.2 (2012-08-31):

  • Security fixes
  • OpenJDK
    • Fix Zero FTBFS issues with 2.3
    • S7180036: Build failure in Mac platform caused by fix # 7163201
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
  • Bug fixes
    • PR1149: Zero-specific patch files not being packaged

The tarballs can be downloaded from:

SHA256 checksums:

  • ac55c57607177da579af46d9081e8cc53a5033e411704a1b0b074093b629427b icedtea6-1.10.9.tar.gz
  • 7bc0037514aedbbd5e65edcb2fa300a18285688d27b359c2144fcf563174e4fd icedtea6-1.11.4.tar.gz
  • d7e87de527934fcbb06c162e0e119d9b118069f3f52a1420d303fe19c5d74ef2 icedtea-2.3.2.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (all other patches/merging, reproducer testing & release management)
  • Matthias Klose (testing of 2.3.2 pre-release)
  • Chris Phillips (Zero FTBFS fix)
  • Roman Kennke (Zero FTBFS fix)
  • Jiri Vanek (testing of pre-releases for all three)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea${ver}.tar.gz
$ cd icedtea${ver}

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

« Previous PageNext Page »