Security

Archived Posts from this Category

Tue 12 Jun 2012

[SECURITY] IcedTea6 1.10.8 & 1.11.3 Released!

Posted by gnu_andrew under IcedTea , OpenJDK , Security
1 Comment 

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.8
  • IcedTea6 1.11.3

All updates contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.10.8 (2012-06-12):

New in release 1.11.3 (2012-06-12):

The tarballs can be downloaded from:

SHA256 checksums:

  • 7723882c52d21f859c67f64d84764d5e6c69ac79245ecc0579ccac29e086000a icedtea6-1.10.8.tar.gz
  • 7d91c407b9795bd6f6255bcf0fb808416b36418c57f601dc47cfabff83194cf4 icedtea6-1.11.3.tar.gz

Each tarball is accompanied by a digital signature (link above). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy Hacking!

 

Wed 15 Feb 2012

[SECURITY] IcedTea6 1.8.13, 1.9.13, 1.10.6 and IcedTea 2.0.1 Released! (Valentine’s Release)

Posted by gnu_andrew under IcedTea , OpenJDK , Security
1 Comment 

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

A new set of security releases is now available for IcedTea6, which uses OpenJDK6 as its base:

  • IcedTea6 1.8.13 (based on OpenJDK6 b18)
  • IcedTea6 1.9.13 (based on OpenJDK6 b20)
  • IcedTea6 1.10.6 (based on OpenJDK6 b22)

and one for IcedTea 2.x, which uses OpenJDK7 as its base:

  • IcedTea 2.0.1 (based on OpenJDK7 u1 + u3 security patches)

All updates contain the following security fixes:

Full details of each release can be found below. For details of the 1.11.1 security release, see Omair’s e-mail.

*PLEASE NOTE*: With this release, the 1.8 series is now NO LONGER SUPPORTED. We strongly recommend that you upgrade to a new release series; either 1.9.13, 1.10.6 or 1.11.1 for OpenJDK6. Alternatively, make the jump to OpenJDK7 with 2.0.1 or the new 2.1.0 (to be released shortly).

What’s New?

New in release 2.0.1 (2012-02-14)

New in release 1.10.6 (2012-02-14)

New in release 1.9.13 (2012-02-14)

New in release 1.8.13 (2012-02-14)

The tarballs can be downloaded from:

SHA256 checksums:

  • 9d3c4d3676c2286003cf9beb9fc3ee442d2c04b3f8b229be140fe636c9e70101 icedtea-2.0.1.tar.gz
  • 4bdd8ff2e6a93455425eeabd6c073137bf3816ad16ce6e89979ec1521e03c7f1 icedtea6-1.10.6.tar.gz
  • 1c972e03be7021e1b789e6077df9c74af7df239182d20d2478f7a60bc68e3c61 icedtea6-1.9.13.tar.gz
  • be3afacb9a08cdf932e4772f7f5575c53f21a2a60456eb4e8e63e18fa4e2e41b icedtea6-1.8.13.tar.gz

Each tarball is accompanied by a digital signature (available at the above URL + ‘.sig’). This is produced using my public key:

  • PGP Key: 248BDC07 (https://keys.indymedia.org/)
  • Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf <tarball name>
$ cd <tarball name minus .tar.gz suffix>

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs[=x] --enable-pulse-java --enable-systemtap ...]
$ make

Happy Hacking!

 

Tue 8 Nov 2011

[SECURITY: IcedTea-Web] IcedTea6 1.8.11 and 1.9.11 Released!

Posted by gnu_andrew under IcedTea , Security
No Comments 

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

A new set of security releases is now available for versions of IcedTea which include the plugin and Web Start support now developed in the IcedTea-Web project:

  • IcedTea6 1.8.11
  • IcedTea6 1.9.11

Where possible, we recommend using IcedTea-Web in preference to these older versions, in order to obtain the latest bug fixes and features.

All updates contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.9.11 (2011-11-08)

  • Security fixes

New in release 1.8.11 (2011-11-08)

  • Security fixes

The tarballs can be downloaded from:

SHA256 checksums:

  • 6eb418ec0609080a71bda16896124d6e1ac23b2f54af52e05fc22c719e12ca29 icedtea6-1.8.11.tar.gz
  • fd3b32f8dd1010fa8b752f0224fb25a8fe102c9f82652f0ded32138fd4ba3714 icedtea6-1.9.11.tar.gz

Each tarball is accompanied by a digital signature (available at the above URL + ‘.sig’). This is produced using my public key. See details below in the signature.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
 

Tue 18 Oct 2011

[SECURITY] IcedTea6 1.8.10, 1.9.10 and 1.10.4 Released!

Posted by gnu_andrew under IcedTea , OpenJDK , Security
No Comments 

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.8.10
  • IcedTea6 1.9.10
  • IcedTea6 1.10.4

All updates contain the following security fixes:

The 1.9.10 and 1.10.4 updates also include:

The patch for this issue did not apply to the older versions of HotSpot (14 and 16) supported by the 1.8 release series. It is believed that the underlying issue is also not present in these versions, but for safety, we recommend using the latest 1.10.x release series where possible.

Full details of each release can be found below.

What’s New?

New in release 1.10.4 (2011-10-18)

New in release 1.9.10 (2011-10-18)

New in release 1.8.10 (2011-10-18)

The tarballs can be downloaded from:

Each tarball is accompanied by a digital signature. This is produced using my public key:

pub   4096R/248BDC07 2011-09-28 [expires: 2012-09-27]
      Key fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
uid                  Dr Andrew John Hughes <ahughes@redhat.com>
uid                  Dr Andrew John Hughes <gnu_andrew@member.fsf.org>
sub   4096R/954E386D 2011-09-28 [expires: 2012-09-27]

SHA256 checksums:

  • c4a17b55de875a49efa192cfe015f1cb0cf02aeac03f7fc7afe2a3e9fdef64b83 icedtea6-1.8.10.tar.gz
  • 3f41d433ed362f2bb81536585511d901b19864b98a97abab8ccd0b4ba00803a6 icedtea6-1.9.10.tar.gz
  • 15491d7f2f81436aaf87f964d923b95b4bda8f6689198b4999961070b6c68851 icedtea6-1.10.4.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

 

Wed 20 Jul 2011

[SECURITY] IcedTea6 1.8.9 & 1.9.9 Released!

Posted by gnu_andrew under IcedTea , Security
No Comments 

There is a new set of security releases: IcedTea6 1.8.9 and IcedTea6 1.9.9. This security issue concerns IcedTea-Web, which is not part of the IcedTea6 1.10 series, hence there will be no IcedTea6 1.10 security update. However, an IcedTea6 1.10 bug fix update will follow shortly.

This update contains the following security updates:

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What Else Is New?

New in release 1.8.9 (2011-07-20)

  • Bug fixes
    • PR744: icedtea6-1.10.2 : patching error
    • PR748: Icedtea6 fails to build with Linux 3.0.

New in release 1.9.9 (2011-07-20)

  • Bug Fixes
    • PR744: icedtea6-1.10.2 : patching error
    • PR748: Icedtea6 fails to build with Linux 3.0.
  • Shark
    • PR632: patches/security/20110215/6878713.patch breaks shark zero build

The tarballs can be downloaded from:

SHA256 sums

  • e12e06c2ee642396f1d080d871a42fa4db38aced10bf13c20644f752ef03741f icedtea6-1.8.9.tar.gz
  • c2419896f8925822b0135bcd2db37affcb2b9f6f50d782e7f6b8d23afb5beb39 icedtea6-1.9.9.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started: 

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
 

Wed 8 Jun 2011

[SECURITY] IcedTea6 1.8.8, 1.9.8 and 1.10.2 Released!

Posted by gnu_andrew under IcedTea , OpenJDK , Security
No Comments 

There is a new set of security releases: IcedTea6 1.8.8, IcedTea6 1.9.8 and IcedTea6 1.10.2.

This update contains the following security updates:

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What Else Is New?

IcedTea6 1.8.8

  • Backports
    • S6675802: Regression: heavyweight popups cause SecurityExceptions in applets
    • S6691503: Malicious applet can show always-on-top popup menu which has whole screen size
    • PR632: patches/security/20110215/6878713.patch breaks shark zero build
    • Fixed AccessControlContext which was thrown while working with Color class in a PropertyEditor
  • Plugin

IcedTea6 1.9.8

  • Backports
    • S6675802: Regression: heavyweight popups cause SecurityExceptions in applets
    • S6691503: Malicious applet can show always-on-top popup menu which has whole screen size
    • S6980392, PR642: simple correction in testcase, added missing bracket
    • Fixed AccessControlContext which was thrown while working with Color class in a PropertyEditor
  • Plugin
  • Shark
    • PR689: Shark fails to find LLVM 2.9 System headers during build

IcedTea6 1.10.2

  • Backports
    • S7043054: REGRESSION – wrong userBounds in Paint.createContext()
    • S7043963, RH698295: Window manager workaround in AWT was not applied to mutter. Now it is.
  • Shark
    • PR689: Shark fails to find LLVM 2.9 System headers during build.

The tarballs can be downloaded from:

SHA256 sums

  • 61c0036df25aa0108dba91ab3dd8334e45dd85f8caa6dadf997b10b63a7d280f icedtea6-1.8.8.tar.gz
  • ad63b3c4f87df5bf189b3fd2ef5e82f916b4bb22fb3ff107105a14583b38fbc3 icedtea6-1.9.8.tar.gz
  • 488af9a6ddebc38344aabdb62798d403ccc477be1076118788f0b146aa3db5ba icedtea6-1.10.2.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
 

Tue 15 Feb 2011

[SECURITY] IcedTea6 1.7.10, 1.8.7 and 1.9.7 Released!

Posted by gnu_andrew under IcedTea , OpenJDK , Security
1 Comment 

There is a new set of security releases: IcedTea6 1.7.10, IcedTea6 1.8.7 and IcedTea6 1.9.7. .

This update contains the following security updates:

There is also an update for IcedTea-Web.

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What’s New?

IcedTea6 1.7.10

IcedTea6 1.8.7

IcedTea6 1.9.7

The tarballs can be downloaded from:

SHA256 sums:

  • dbca9d7598352d178651c8cc28ff887c59a27f0125785a58e9f9723611137f78 icedtea6-1.7.10.tar.gz
  • c6b16e89cd3da5ddb9cdc9c8615773c6cef214d1d611030a07bae92a19e8562a icedtea6-1.8.7.tar.gz
  • fe89234ca7f5dbb8696aa0e97a342c51901c10c0254f8fd563c6ccf7bf532fcc icedtea6-1.9.7.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL: 

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

You can track future security updates by subscribing to the security feed.

 

Wed 9 Feb 2011

[SECURITY] IcedTea6 1.7.9, 1.8.6, 1.9.6 Released!

Posted by gnu_andrew under IcedTea , OpenJDK , Security
1 Comment 

We are pleased to announce a new set of security releases, IcedTea6 1.7.9, IcedTea6 1.8.6 and IcedTea6 1.9.6.

This update contains the following security updates:

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What’s New?

IcedTea6 1.7.9

IcedTea6 1.8.6

IcedTea6 1.9.6

The tarballs can be downloaded from:

SHA256 sums:

  • 496b615ccad2a950783b1a2f30a8657956f8c9d9bccb6ab9effc1164ab830792 icedtea6-1.7.9.tar.gz
  • d392c95e76b5bdf21fb4bce8fc5cdc530bdf5bda014cb96fa9cd3efdfdbeff87 icedtea6-1.8.6.tar.gz

  • 100e61fbc3157b4839413951b0247f7ccabb0dcff6d037fbb372d5a13088adc2 icedtea6-1.9.6.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL: 

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

 

Tue 1 Feb 2011

[SECURITY] IcedTea6 1.7.8, 1.8.5, 1.9.5 Released!

Posted by gnu_andrew under IcedTea , Security
1 Comment 

We are pleased to announce a new set of security releases, IcedTea6 1.7.8, IcedTea6 1.8.5 and IcedTea6 1.9.5.

This update contains the following security updates:

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What’s New?

IcedTea6 1.7.8

  • Security updates
  • Backports
    • S6687968: PNGImageReader leaks native memory through an Inflater
    • S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk
    • S6782079: PNG: reading metadata may cause OOM on truncated images
  • Fixes:
    • RH647157, RH582455: Update fontconfig files for rhel 6
    • PR619: Improper finalization by the plugin can crash the browser

IcedTea6 1.8.5

  • Security updates
  • Backports
    • S6687968: PNGImageReader leaks native memory through an Inflater
    • S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk
    • S6782079: PNG: reading metadata may cause OOM on truncated images
  • Fixes
    • RH647157, RH582455: Update fontconfig files for rhel 6
    • PR619: Improper finalization by the plugin can crash the browser

IcedTea6 1.9.5

  • Security updates
  • Backports
    • S6687968: PNGImageReader leaks native memory through an Inflater
    • S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk
    • S6782079: PNG: reading metadata may cause OOM on truncated images
  • Fixes
    • RH647157, RH582455: Update fontconfig files for rhel 6
    • PR619: Improper finalization by the plugin can crash the browser

The tarballs can be downloaded from:

SHA256 sums:

  • a1cbb4e5962d1fed0c816cebce33b6896b61a9f19b404f5e91439b9e7ffcd97c icedtea6-1.7.8.tar.gz
  • 1ee081368587507e7ea75bd3351be0eafadd3f7020930db68448bcec6fa5c452 icedtea6-1.8.5.tar.gz
  • dac8ad42c452b3211b4daf26446da090f1f6c45952d9dbf52f66447adef73a29 icedtea6-1.9.5.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started: 

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make
 

Tue 18 Jan 2011

[SECURITY] IcedTea6 1.7.7, 1.8.4, 1.9.4 Released!

Posted by gnu_andrew under IcedTea , Security
[5] Comments 

We are pleased to announce a new set of security releases, IcedTea6 1.7.7, IcedTea6 1.8.4 and IcedTea6 1.9.4.

This update contains the following security updates:

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools. It also includes the only Free Java plugin and Web Start implementation, and support for additional architectures over and above x86, x86_64 and SPARC via the Zero assembler port.

What’s New?

IcedTea6 1.7.7

IcedTea6 1.8.4

IcedTea6 1.9.4

The tarballs can be downloaded from:

SHA256 sums:

  • 4c35574df1214c2e2533b282d6045f79f61eb702d59cd4ac73eec973f4c51fb6 icedtea6-1.7.7.tar.gz
  • 0f89e920a829f3f1a6057065c85520b910504a0be1fbc94f8db2390242edc784 icedtea6-1.8.4.tar.gz
  • 2194b59d8c17ad6ff2fb495e10f9e6023993df5f8ce8a3739bf057f6562ef077 icedtea6-1.9.4.tar.gz

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-.tar.gz
$ cd icedtea6-

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

 

« Previous PageNext Page »