Security


I don’t like to go into too much detail about security updates, but I think it’s necessary to point out a few facts about the one we released yesterday, given some of the inaccuracies I’ve seen been spread on Twitter and elsewhere.

Patches were belatedly approved for OpenJDK 7u. OpenJDK 6 is not affected.

Running Java code from the command-line is quite different from running it via a browser plugin. In the latter situation, the user generally does not invoke the code and it runs in a sandbox with a much restricted set of privileges. Security issues occur when ways are found of achieving privilege escalation and being able to do thiings from the browser plugin that shouldn’t be allowed, such as invoking a program on the user’s computer. Bugs that allow this have a much higher security impact. Such escalation is fairly irrelevant when running Java from the command line as generally users run without a security manager and the code has full privileges anyway.

It is generally advisable to only run plugins in the browser that are needed (this applies to both Java and others such as Flash) and, where possible, whitelists should be used so that plugins are only used on pages approved by the user (of course, this depends on how informed the user is about giving such approval). So, all these advisories to turn off the Java browser plugin have some merit, as if you don’t use the plugin, you won’t be hit by browser-based exploits from either this issue or any future issues which may occur. Some people, of course, have no choice but to use the plugin, as some sites they use require it. In these situations, the plugin should only be used on those sites and disable for others; browsers such as Firefox and Chromium are now starting to provide users with more options (such as ‘click to play’) as to when and where plugins are invoked, and this will also help with security issues.

As always, any opinions expressed here are my own, and not those of Red Hat, Inc.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

These releases update our OpenJDK7 support to include the latest security updates just released:

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

If you find an issue with one of these releases, please report it in our bug database under the appropriate component. Development discussion takes place on the OpenJDK distro-pkg-dev mailing list and patches are always welcome.

Full details of the releases can be found below.

What’s New?

New in release 2.3.4 (2013-01-15)

  • Security fixes
  • Backports
    • S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts
  • Bug fixes
    • G422525: Fix building with PaX enabled kernels.

New in release 2.2.4 (2013-01-15)

New in release 2.1.4 (2013-01-15)

The tarball can be downloaded from

SHA256 checksums:

  • 7762ce53479e49f8afffc81621515eb6c3f765c578ff13d4c601ce4af8935db6 icedtea-2.1.4.tar.gz
  • 6fd07ef223de0a24428384f56c848ce5e33e1030749de920adade570218f9ef3 icedtea-2.2.4.tar.gz
  • ea859f37fb20904ffd40802a41396326f7e301fa6873d88d01bf4afef5a60ca8 icedtea-2.3.4.tar.gz

Each tarball is accompanied by a digital signature available at the above ‘sig’ link. This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz
$ cd icedtea-${version}

where ${version} is the version you’ve downloaded.

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs --enable-pulse-java
--enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.10
  • IcedTea6 1.11.5
  • IcedTea7 2.1.3
  • IcedTea7 2.2.3
  • IcedTea7 2.3.3

We recommend that users upgrade to the latest release from the appropriate branch as soon as possible.

All updates contain the following security fixes:

The following fix is backported from 2.3.x to all other releases:

  • S7158800: Improve storage of symbol tables

Updates for OpenJDK6 also include:

  • S7176337: Additional changes needed for 7158801 fix

Updates for OpenJDK7 also include:

We believe that the 2.3.3 release takes IcedTea beyond u9[*], providing security updates from u7 and u9 on top of an OpenJDK7 u6 base, along with additional IcedTea patches to allow builds against system libraries and to support more estoric architectures.

Please note support for alternative VM solutions (CACAO, Shark, Zero) may be lacking in this release, as there has been little time for testing non-standard builds, and Zero is known to not work with 2.2.x (and only with 2.3.x via using the HotSpot from 2.1.x). Patches are welcome; please contact the mailing list and/or file bugs under the appropriate component. An update release may follow to correct issues with these builds, if necessary, but we deem it important to get the security updates out for mainstream builds as quickly as possible without further delay.

Full details of each release can be found below.

[*] It is difficult to make authoritative statements about u9 as the release
is proprietary. Oracle still do not provide GPL binaries based on OpenJDK.

What’s New?

New in release 1.10.10 (2012-10-16)

New in release 1.11.5 (2012-10-16)

New in release 2.1.3 (2012-10-17)

New in release 2.2.3 (2012-10-17)

New in release 2.3.3 (2012-10-17)

The tarballs can be downloaded from:

SHA256 checksums:

  • 644804a85b5b446d7840e3d11adf45782d73fcd880a2df5403c53c96cc288c3e icedtea6-1.10.10.tar.gz
  • 258d81d957f8ab9322fbaf7c90647f27f6b4e675504fa279858e6dfe513f7574 icedtea6-1.11.5.tar.gz
  • 1929e57eb6718d30735e1e04e9e129457f845f7d7a8404b2b028740d0779ddb6 icedtea-2.1.3.tar.gz
  • 4397ef71a0d729521be70f920bfc3fb6aec3455f1619b538cea75df512df1a16 icedtea-2.2.3.tar.gz
  • e5ac5564e00c4a8d7b3376ed6de91b18a2587c8abdad802ccc92c780765b1073 icedtea-2.3.3.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${ver}.tar.gz

Full build requirements and instructions are in INSTALL:

$ mkdir icedtea6-build
$ cd icedtea6-build
$ ../icedtea6-${ver}/configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

We are pleased to announce the release of IcedTea 2.1.2, based on OpenJDK7 u2, and IcedTea 2.2.2, based on OpenJDK7 u4, with additional security fixes.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

These releases includes fixes for the zero-day issues that arose this week:

Patches are welcome; please contact the mailing list (distro-pkg-dev at openjdk.java.net) and/or file bugs under the appropriate component.

Full details of the release can be found below.

What’s New?

New in release 2.2.2 (2012-08-31)

  • Security fixes
  • OpenJDK
    • Fix Zero FTBFS issues
    • PR1101: Undefined symbols on GNU/Linux SPARC
    • S7180036: Build failure in Mac platform caused by fix # 7163201
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S7188168: 7071904 broke the DEBUG_BINARIES option on Linux
    • S7190813: (launcher) RPATH needs to have additional paths

New in release 2.1.2 (2012-09-02):

  • Security fixes
  • OpenJDK
    • PR1101: Undefined symbols on GNU/Linux SPARC
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S7190813: (launcher) RPATH needs to have additional paths
  • ARM
    • ARM: Fix trashed thread ptr after recursive re-entry from
    • ARM: Rename a bunch of misleadingly-named functions
    • Enable _adapter_opt_spread* jsr 292 code, now passes
    • Fix call to handle_special_method(). Fix compareAndSwapLong.

The tarballs can be downloaded from:

SHA256 checksums:

  • c7ebdb84581dca48a4389e12790d2d506b9cfc05f16612169284d5a5e3a02269 icedtea-2.1.2.tar.gz
  • e645fdcae825e0c60093962cb0a8fbf194c94a5e669162b3b357d99a6e36c86d icedtea-2.2.2.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea${ver}.tar.gz
$ cd icedtea${ver}

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK6 and OpenJDK7 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.9
  • IcedTea6 1.11.4
  • IcedTea 2.3.2

All updates contain the following security fixes:

In addition, 2.3.2 contains:

Full details of each release can be found below.

What’s New?

New in release 1.10.9 (2012-08-31):

  • Security fixes
  • OpenJDK
    • S7182135: Impossible to use some editors directly
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
    • S6815182: GSSAPI/SPNEGO does not work with server using MIT Kerberos library
    • S6979329: CCacheInputStream fails to read ticket cache files from Kerberos 1.8.1
    • S7110373: krb5 test in openjdk6 without test infrastructure

New in release 1.11.4 (2012-08-31):

New in release 2.3.2 (2012-08-31):

  • Security fixes
  • OpenJDK
    • Fix Zero FTBFS issues with 2.3
    • S7180036: Build failure in Mac platform caused by fix # 7163201
    • S7182135: Impossible to use some editors directly
    • S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed
    • S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE
  • Bug fixes
    • PR1149: Zero-specific patch files not being packaged

The tarballs can be downloaded from:

SHA256 checksums:

  • ac55c57607177da579af46d9081e8cc53a5033e411704a1b0b074093b629427b icedtea6-1.10.9.tar.gz
  • 7bc0037514aedbbd5e65edcb2fa300a18285688d27b359c2144fcf563174e4fd icedtea6-1.11.4.tar.gz
  • d7e87de527934fcbb06c162e0e119d9b118069f3f52a1420d303fe19c5d74ef2 icedtea-2.3.2.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

  • Andrew John Hughes (all other patches/merging, reproducer testing & release management)
  • Matthias Klose (testing of 2.3.2 pre-release)
  • Chris Phillips (Zero FTBFS fix)
  • Roman Kennke (Zero FTBFS fix)
  • Jiri Vanek (testing of pre-releases for all three)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea${ver}.tar.gz
$ cd icedtea${ver}

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

We are pleased to announce the release of IcedTea 2.3.1 [*], based on OpenJDK7 u6.

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

This 2.3.1 release includes a fix for the zero-day issue that arose this week:

Security releases for the previous release branches, 2.1 & 2.2, will follow shortly.

We believe that the 2.3.1 release takes IcedTea to the level of Oracle’s proprietary 7u6 binaries, being based on the latest contents of the OpenJDK u6 Mercurial repositories.

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

As detailed in a previous blog, Zero is again supported again in this release, by the use of the older HotSpot from IcedTea 2.1 when building with --enable-zero.

Patches are welcome; please contact the mailing list (distro-pkg-dev at openjdk.java.net) and/or file bugs under the appropriate component.

[*] Note that IcedTea 2.3.0 ended up as a forest-based release only, as the need for a security update become apparent before a matching IcedTea release could be made.

Full details of the release can be found below.

What’s New?

New in release 2.3.1 (2012-08-29)

  • Security fixes
  • Bug fixes
    • PR902: PulseAudioClip getMicrosecondsLength() returns length in milliseconds, not microseconds
    • PR986: IcedTea7 fails to build with IcedTea6 CACAO due to low max heap size
    • PR1050: Stream objects not garbage collected
    • PR1119: Only add classes to rt-source-files.txt if the class (or one or more of its methods/fields) are actually missing from the boot JDK
    • PR1137: Allow JARs to be optionally compressed by setting COMPRESS_JARS
  • OpenJDK
    • Make dynamic support for GConf work again.
    • PR1095: Add configure option for -Werror
    • PR1101: Undefined symbols on GNU/Linux SPARC
    • PR1140: Unnecessary diz files should not be installed
    • S7192804, PR1138: Build should not install jvisualvm man page for OpenJDK
  • JamVM
    • ARMv6 armhf: Changes for Raspbian (Raspberry Pi)
    • PPC: Don’t use lwsync if it isn’t supported
    • X86: Generate machine-dependent stubs for i386
    • When suspending, ignore detached threads that have died, this prevents a user caused deadlock when an external thread has been attached to the VM via JNI and it has exited without detaching
    • Add missing REF_TO_OBJs for references passed from JNI, this enable JamVM to run Qt-Jambi

New in release 2.3.0 (2012-08-15)

  • OpenJDK
    • S6310967: SA: jstack -m produce failures in output
    • S6346658: (se) Selector briefly spins when asynchronously closing a registered channel [win]
    • S6414899: P11Digest should support cloning
    • S6888634: test/closed/javax/swing/Popup/TaskbarPositionTest.java fails
    • S6893617: JDK 6 CNCtx always uses the default ORB
    • S6924259: Remove offset and count fields from java.lang.String
    • S6961765: Double byte characters corrupted in DN for LDAP referrals
    • S6994562: Swing classes (both JTextArea and JTextField) don’t support caret width tuning
    • S7013850: Please change the mnemonic assignment system to avoid translation issue
    • S7024749: JDK7 b131—a crash in: Java_sun_awt_windows_ThemeReader_isGetThemeTransitionDurationDefined+0×75
    • S7024963: Notepad demo: remove non-translatable resources from Notepad.properties file
    • S7024965: Stylepad demo: remove non-translatable resources from Stylepad.properties file
    • S7027139: getFirstIndex() does not return the first index that has changed
    • S7027300: Unsynchronized HashMap access causes endless loop
    • S7043963: AWT workaround missing for Mutter.
    • S7049339: AnyBlit is broken with non-rectangular clips.
    • S7063674: Wrong results from basic comparisons after calls to Long.bitCount(long)
    • S7071826: Avoid benign race condition in initialization of UUID
    • S7071907: JDK: Full Debug Symbols
    • S7074616: java.lang.management.ManagementFactory.getPlatformManagementInterfaces fails
    • S7074853: TransparentRuler demos Readme should mention the correct jar file name
    • S7079902: Refine CORBA data models
    • S7080109: Dialog.show() lacks doPrivileged() to access system event queue
    • S7087428: move client tests out of jdk_misc
    • S7090832: Some locale info are not localized for some languages.
    • S7092140: Test: java/util/concurrent/locks/Lock/TimedAcquireLeak.java fails on SE-E due to -XX:-UsePerfData
    • S7092551: Double-click in TextField sets caret to the beginning
    • S7093156: NLS Please change the mnemonic assignment system to avoid translation issue (Swing files)
    • S7096436: (sc) SocketChannel.connect fails on Windows 8 when channel configured non-blocking
    • S7100140: [macosx] Test closed/javax/sound/sampled/DirectAudio/bug6400879.java is invalid
    • S7102323: RFE: enable Full Debug Symbols Phase 1 on Solaris
    • S7103665: HeapWord*ParallelScavengeHeap::failed_mem_allocate(unsigned long,bool)+0×97
    • S7103889: (fs) Reduce String concatenation when iterating over directory
    • S7104147: the fix for cr6887286 was not appropriate for backporting
    • S7105952: Improve finalisation for FileInputStream/FileOutputStream/RandomAccessFile
    • S7107063: Fork hs22.1 hsx from hs22.0 for 7u3 and reinitialize build number
    • S7107099: JScrollBar does not show up even if there are enough lebgth of textstring in textField
    • S7110104: It should be possible to stop and start JMX Agent at runtime
    • S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
    • S7110720: Issue with vm config file loadingIssue with vm config file loading
    • S7112115: Component.getLocationOnScreen() work incorrectly if create window in point (0, 0) on oel
    • S7112427: The doclet needs to be able to generate JavaFX documentation.
    • S7113740: hotspot_version file has wrong JDK_MINOR_VER
    • S7116462: Bump the hs21.1 build number to 02
    • S7118100: (prefs) Inconsistency when using system and user preference on OSX Lion
    • S7118280: The gbyc00102 JCK7 test causes an assert in JVM 7.0 fastdebug mode
    • S7118373: (se) Potential leak file descriptor when deregistrating at around the same time as an async close
    • S7120481: storeStore barrier in constructor with final field
    • S7120895: FontConfiguration should not use thread contextClassLoader
    • S7122740: PropertyDescriptor Performance Slow
    • S7123170: JCK vm/jvmti/ResourceExhausted/resexh001/resexh00101/ tests fails since 7u4 b02
    • S7123582: (launcher) display the -version and -XshowSettings
    • S7123896: Unexpected behavior due to Solaris using separate IPv4 and IPv6 port spaces
    • S7123957: Switch of Gnome theme ends up deadlocked in GTKEngine.native_switch_theme
    • S7124210: [macosx] Replacing text in a TextField does generate an extra TextEvent
    • S7124219: [macosx] Unable to draw images to fullscreen
    • S7124239: [macosx] sun.awt.SunToolkit.InfiniteLoop exception in realSync called from SwingTestHelper
    • S7124247: [macosx] Implement GraphicsDevice.setDisplayMode()
    • S7124262: [macosx] Drag events go to a wrong child.
    • S7124286: [macosx] Option modifier should work like AltGr as in Apple jdk 6
    • S7124321: [macosx] TrayIcon MouseListener is never triggered
    • S7124326: [macosx] An issue similar to autoshutdown one in two AppContexts situation.
    • S7124328: [macosx] javax.swing.JDesktopPane.getAllFramesInLayer returns unexpected value
    • S7124376: [macosx] Modal dialog lost focus
    • S7124400: [macosx] CGraphicsDevice.getConfigurations() returns reference to member (does not copy configs)
    • S7124411: [macosx] There’s no KEY_TYPED for VK_ESCAPE
    • S7124428: [macosx] Frame.setExtendedState() doesn’t work for undecorated windows
    • S7124523: [macosx] b216: Mising part of applet UI
    • S7124537: [macosx] Menu shortcuts for all menu items should be disabled if a menu itself is disabled
    • S7124551: [macosx] Once added, Menu shortcut cannot be removed
    • S7125044: [macosx] Test failure because Component.transferFocus() works differently in applet and application
    • S7126277: Alternative String hashing implementation
    • S7127235: (fs) NPE in Files.walkFileTree if cached attributes are GC’ed
    • S7128699: Change the bundle name so it won’t be overwritten when installing a new version
    • S7128738: dragged dialog freezes system on dispose
    • S7129401: PPC: runtime/7100935/TestShortArraycopy.java fails
    • S7129715: MAC: SIGBUS in nsk stress test
    • S7129872: test/sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failing on non-Solaris platforms on 7u4
    • S7130241: [macosx] TransparentRuler demo can not run due to lacking of perpixel transparency support
    • S7130404: [macosx] “os.arch” value should be “x86_64″ for compatibility with Apple JDK6
    • S7130521: [macosx] closed/javax/swing/JMenuItem/6209975/bug6209975.java failed on macosx
    • S7131021: [macosx] Consider using system properties to pass arguments from the launcher to AWT/SplashScreen
    • S7132070: Use a mach_port_t as the OSThread thread_id rather than pthread_t on BSD/OSX
    • S7132692: [macosx] Class com.apple.eawt not functioning
    • S7132793: [macosx] setWheelScrollEnabled action reversed
    • S7132808: [macosx] closed/javax/swing/JFileChooser/4524490/bug4524490.java fails on MacOS
    • S7133138: Improve io performance around timezone lookups
    • S7133566: [macosx] closed/javax/swing/JTable/4220171/bug4220171.java fails on MacOS
    • S7133571: [macosx] closed/javax/swing/JToolBar/4247996/bug4247996.java fails on MacOS
    • S7133573: [macosx] closed/javax/swing/JToolTip/4846413/bug4846413.java fails on MacOS
    • S7133581: [macosx] closed/javax/swing/JTree/4330357/bug4330357.java fails on MacOS
    • S7134701: [macosx] Support legacy native library names
    • S7136506: FDS: rework jdk repo Full Debug Symbols support
    • S7141141: Add 3 new test scenarios for testing Main-Class attribute in jar manifest file
    • S7142091: [macosx] RFE: Refactoring of peer initialization/disposing
    • S7142172: Custom TrustManagers that return null for getAcceptedIssuers will NPE
    • S7142641: -Xshared:on fails on ARM
    • S7142847: TEST_BUG: java/nio/file/WatchService/SensitivityModifier.java has incorrect @run tag, runs Basic
    • S7143353: -Xrunhprof fails in Java 7 due to bad switch
    • S7143606: File.createTempFile should be improved for temporary files created by the platform.
    • S7143614: SynthLookAndFeel stability improvement
    • S7143617: Improve fontmanager layout lookup operations
    • S7143744: (se) Stabilize KQueue SelectorProvider and make default on MacOSX
    • S7143851: Improve IIOP stub and tie generation in RMIC
    • S7143872: Improve certificate extension processing
    • S7144063: [macosx] Swing JMenu mnemonic doesn’t work; hint misleading; cross symbol typed
    • S7144086: TEST_BUG: java/nio/file/WatchService/SensitivityModifier.java failing intermittently
    • S7144328: Improper commandlines for -XX:+-UnlockCommercialFeatures require proper warning/error messages
    • S7144423: StAX EventReader swallows the cause of error
    • S7144488: Infinite recursion for some equals tests in Collections
    • S7144530: KeyTab.getInstance(String) no longer handles keyTabNames with “file:” prefix
    • S7144542: [macosx] Crash in liblwawt.dylib setBusy() when exiting an FX app
    • S7145024: Crashes in ucrypto related to C2
    • S7145239: Finetune package definition restriction
    • S7145768: [macosx] Regression: failure in b11 of ModalDialogInFocusEventTest
    • S7145771: [macosx] CreateFont/Register.java test fails because of cached results of getAllFonts()
    • S7145798: System.loadLibrary does not search current working directory
    • S7145827: [macosx] JCK failure in b11: FocusableWindow3
    • S7145980: Dispose method of window.java takes long
    • S7146099: NLS: [de,es,it,ko,pt_BR]launcher_**.properties, double backslash issue.
    • S7146131: [macosx] When click the show optionpane button,it display partly of dialog and hung until timeout
    • S7146431: java.security files out-of-sync
    • S7146442: assert(false) failed: bad AD file
    • S7146550: [macosx] DnD test failure in createCompatibleWritableRaster()
    • S7146564: DefaultProxySelector should filter 0.0.0.0 and ::0 [macosx]
    • S7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11
    • S7147055: [macosx] Cursors are changing over a blocked window; also blinking
    • S7147066: [macosx] FileDialog.getDirectory() returns incorrect directory
    • S7147078: [macosx] Echo char set in TextField doesn’t prevent word jumping
    • S7147407: remove never used debug code in DnsClient.java
    • S7147666: High lock time for com.sun.org.apache.xerces.internal.impl.dv.DTDDVFactory.getInstance()
    • S7147724: G1: hang in SurrogateLockerThread::manipulatePLL
    • S7147848: com.sun.management.UnixOperatingSystem uses hardcoded dummy values [macosx]
    • S7148143: PropertyChangeSupport.addPropertyChangeListener can throw ClassCastException
    • S7148242: Regression: valid code rejected during generic type well-formedness check
    • S7148275: [macosx] setIconImages() not working correctly (distorted icon when minimized)
    • S7148281: [macosx] JTabbedPane tabs with HTML text do not render correctly
    • S7148289: [macosx] Deadlock in sun.lwawt.macosx.CWrapper$NSScreen.visibleFrame
    • S7148556: Implementing a generic interface causes a public clone() to become inaccessible
    • S7148584: Jar tools fails to generate manifest correctly when boundary condition hit
    • S7148663: new hotspot build – hs23-b17
    • S7148921: More ProblemList updates (2/2012)
    • S7149005: [macosx] Java Control Panel’s UI controls are distorted when draging scroll bar.
    • S7149005: [macosx] Orphaned Choice popup window
    • S7149062: [macosx] dock menu don’t show available frames
    • S7149085: [macosx] Quit with QuitStrategy CLOSE_ALL_WINDOWS does terminate application
    • S7149320: Move sun.misc.VM.booted() to the end of System.initializeSystemClass()
    • S7149608: Default TZ detection fails on linux when symbolic links to non default location used.
    • S7149785: Minor corrections to ScriptEngineManager javadoc
    • S7149913: [macosx] Deadlock in LWTextComponentPeer
    • S7150051: incorrect oopmap in critical native
    • S7150089: [macosx] Default for a custom cursor created from non-existent image is not transparent
    • S7150105: [macosx] four scroll-buttons don’t display. scroll-sliders cursors are TextCursor
    • S7150322: Stop using drop source bundles in jaxws
    • S7150326: new hotspot build – hs23-b18
    • S7150345: [macosx] Can’t type into applets
    • S7150349: [macosx] Applets attempting to show popup menus activate the applet process
    • S7150390: JFR test crashed on assert(_jni_lock_count == count) failed: must be equal
    • S7150392: Linux build breaks with GCC 4.7 due to unrecognized option
    • S7150454: add release jdk7u4 to jprt.properties
    • S7150516: [macosx] appletviewer shouldn’t link against libX11 on the Mac
    • S7150637: No newline emitted after XML decl in XSLT output
    • S7151070: NullPointerException in Resolve.isAccessible
    • S7151118: Regressions on 7u4 b11 comp. 7u4 b06 on specjvm2008.xml.transform subbenchmark
    • S7151484: NullPointerException caused by a bug in XMLDocumentFragmentScannerImpl
    • S7151573: Fork hs23.1 hsx from hs23.0 for 7u5 and reinitialize build number
    • S7152564: Improve CodeSource.matchLocation(CodeSource) performance
    • S7152608: [macosx] Crash in liblwawt.dylib in AccelGlyphCache_RemoveCellInfo
    • S7152690: Initialization error with charset SJIS_0213 when security manager is enabled
    • S7152784: new hotspot build – hs23-b19
    • S7152800: All tests using the attach API fail with “well-known file is not secure” on Mac OS X
    • S7152811: Issues in client compiler
    • S7152952: [macosx] List rows overlap with enlarged font
    • S7152954: G1: Native memory leak during full GCs
    • S7153184: NullPointerException when calling SSLEngineImpl.getSupportedCipherSuites
    • S7153693: Three 2D_ImageIO tests failed due ImageFormatException on OEL 6.* Unbreakable Kernel x64
    • S7153735: [macosx] Text with diacritics is pasted with broken encoding
    • S7153977: Generate English man pages for JDK 7u4
    • S7154047: [macosx] When we choose print one page in the print dialog,it still prints all the pages.
    • S7154048: [macosx] At least drag twice, the toolbar can be dragged to the left side.
    • S7154062: [macosx] Mouse cursor isn’t updated in applets
    • S7154072: [macosx] swallowing key events
    • S7154088: [macosx] Regression: Component.createImage do not inherits component attributes
    • S7154130: Add Mac OS X Instructions to README-builds.html
    • S7154177: [macosx] An invisible owner frame becomes visible upon clicking a child window
    • S7154333: JVM fails to start if -XX:+AggressiveHeap is set
    • S7154480: [macosx] Not all popup menu items are visible
    • S7154505: [macosx] NetBeans sometimes starts with no text rendered
    • S7154516: [macosx] Popup menus have no visible borders
    • S7154677: new hotspot build – hs23-b20
    • S7154724: jdk7u4 test properties missing from jprt.properties
    • S7154758: NLS: 7u4 message drop 20
    • S7154770: NLS: 7u4 man page update
    • S7154809: JDI: update JDI/JDB debugee commandline option parsing
    • S7154822: forward port fix for Bug 13645891 to JDK8 jcmd (1024 byte file size limit issue)
    • S7155051: DNS provider may return incorrect results
    • S7155419: Remove reference to JRockit and commercial features from java man page
    • S7155453: [macosx] re-enable jbb tests in JPRT
    • S7155757: make jdk7u4 the default jprt release for hs23
    • S7156000: Change makefile to reflect refactored classes
    • S7156191: [macosx] Can’t type into applet demos in Pivot
    • S7156194: [macosx] Can’t type non-ASCII characters into applets
    • S7156657: Version 7 doesn’t support translucent popup menus against a translucent window
    • S7156729: PPC: R_PPC_REL24 relocation error related to some libraries built without -fPIC
    • S7156831: The jcmd man page is not included in generated bundles
    • S7156842: test/java/util/zip/ZipFile/vmcrash.zip triggers McAffe virus warning
    • S7156960: Incorrect copyright headers in parts of the Serviceability agent
    • S7156963: Incorrect copyright header in java/io/SerialCallbackContext
    • S7157141: crash in 64 bit with corrupted oops
    • S7157296: FDS: ENABLE_FULL_DEBUG_SYMBOLS flag should only affect OPT builds
    • S7157365: jruby/bench.bench_timeout crashes with JVM internal error
    • S7157608: One feature is not recognized.
    • S7157609: Issues with loop
    • S7157610: NullPointerException occurs when parsing XML doc
    • S7157659: [macosx] Landscape Printing orientation doesn’t work
    • S7157855: jvisualvm.1 not included in binaries
    • S7157903: JSSE client sockets are very slow
    • S7158067: FDS: ENABLE_FULL_DEBUG_SYMBOLS flag should only affect product builds
    • S7158116: Bump the hs23.1 build number to b02
    • S7158135: new hotspot build – hs23-b21
    • S7158366: [macosx] Print-to-file dialog doesn’t have an entry field for a name
    • S7158457: division by zero in adaptiveweightedaverage
    • S7158483: (tz) Support tzdata2012c
    • S7158712: Synth Property “ComboBox.popupInsets” is ignored
    • S7158800: Improve storage of symbol tables
    • S7158928: [macosx] NLS: Please change the mnemonic assignment system
    • S7159016: Static import of member in processor-generated class fails in JDK 7
    • S7159266: [macosx] ApplicationDelegate should not be set in the headless mode
    • S7159320: change default ZIP_DEBUGINFO_FILES back to ’1′ after fix for 7133529 is available
    • S7159381: [macosx] Dock Icon defaults to Generic Java Application Category
    • S7159766: Tiered compilation causes performance regressions
    • S7160293: [macosx] FileDialog appears on secondary display
    • S7160539: JDeveloper crashes on 64-bit Windows
    • S7160623: [macosx] Editable TextArea/TextField are blocking GUI applications from exit
    • S7160677: missing else in fix for 7152811
    • S7160757: Problem with hotspot/runtime_classfile
    • S7160895: tools/launcher/VersionCheck.java attempts to launch .debuginfo
    • S7161105: unused classes in jdk7u repository
    • S7161766: [macosx] javax/swing/JPopupMenu/6694823/bug6694823.java failed on Mac OS X
    • S7161881: (dc) DatagramChannel.bind(null) fails if IPv4 socket and running with preferIPv6Addresses=true
    • S7162043: Add headless mode tests to problem list [macosx]
    • S7162144: Missing AWT thread in headless mode in 7u4 b06
    • S7162440: Fix typo in BUNDLE_ID-related macro names
    • S7162440: Fix typo in BUNDLE_ID variable so it can be overridden
    • S7162440: Fix typo in macro so BUNDLE_ID can be overridden
    • S7162902: Umbrella port of a number of corba bug fixes from JDK 6 to jdk7u/8
    • S7163117: Agent can’t connect to process on Mac OSX
    • S7163470: Licensee source bundle build failed with CipherSpi not found (7u4)
    • S7163471: Licensee source bundle failed around 7u4
    • S7163524: Add SecTaskAccess attribute to jstack [macosx]
    • S7163621: Bump the hs23.1 build number to b03
    • S7164344: enabling ZIP_DEBUGINFO_FILES causes unexpected test failures on Solaris and Windows
    • S7165060: dtrace tests fail with FDS debug info files
    • S7165257: Add JFR tests to the JDK code base
    • S7165598: enable FDS on Solaris X64 when 7165593 is fixed
    • S7165628: Issues with java.lang.invoke.MethodHandles.Lookup
    • S7165725: JAVA6 HTML PARSER CANNOT PARSE MULTIPLE SCRIPT TAGS IN A LINE CORRECTLY
    • S7165755: OS Information much longer on linux than other platforms
    • S7166437: [macosx] Support for Window.Type.UTILITY on the Mac
    • S7166498: JVM crash in ClassVerifier
    • S7166570: JSSE certificate validation has started to fail for certificate chains
    • S7166687: InetAddress.getLocalHost().getHostName() returns FQDN
    • S7166956: Integrate the Java Access Bridge with Java Runtime
    • S7167028: new hotspot build – hs23.2-b01
    • S7167142: Consider a warning when finding a .hotspotrc or .hotspot_compiler file that isn’t used
    • S7167157: jcmd command file parsing does not respect the “stop” command
    • S7167254: Crash on OSX in Enumerator.nextElement() with compressed oops
    • S7167266: missing copyright notes in 3rd party code
    • S7167359: (tz) SEGV on solaris if TZ variable not set
    • S7167406: (Zero) Fix for InvokeDynamic needed
    • S7167625: Adjustments for SE-Embedded build process
    • S7168098: Adjustments for SE-Embedded build process
    • S7168110: Misleading jstack error message
    • S7168191: Signature validation can fail under certain circumstances
    • S7168249: new hotspot build – hs23.2-b02
    • S7168374: Upgrade of XML components to JAXB 2.2.4-2, SAAJ 1.3.16, JAXWS 2.2.4-1
    • S7168505: (bf) MappedByteBuffer.load does not load buffer’s content into memory
    • S7168520: No jdk8 TL Nightly linux builds due to broken link in b39-2012-05-13_231
    • S7168550: [macosx] duplicate OGL context state changes related to vertex cache
    • S7169050: (se) Selector.select slow on Solaris due to insertion of POLLREMOVE and 0 events
    • S7169111: Unreadable menu bar with Ambiance theme in GTK L&F
    • S7169226: NLS: Please change the mnemonic assignment system for windows and motif properties
    • S7169782: C2: SIGSEGV in LShiftLNode::Ideal(PhaseGVN*, bool)
    • S7170009: new hotspot build – hs23.2-b03
    • S7170145: C1 doesn’t respect the JMM with volatile field loads
    • S7170169: (props) System.getProperty(“os.name”) should return “Windows 8″ when run on Windows 8
    • S7170197: Update JPRT default build targets to support embedded builds
    • S7170203: TEST_BUG: test/java/nio/MappedByteBuffer/Truncate.java failing intermittently
    • S7170275: os::print_os_info needs to know about Windows 8
    • S7170449: Management is completely broken at least on Solaris 11 X86
    • S7170657: [macosx] There seems to be no keyboard/mouse action to select non-contiguous items in List
    • S7170716: JVM crash when opening an AWT app from a registered file.
    • S7171163: [macosx] Shortcomings in the design of the secondary native event loop made JavaFX DnD deadlock
    • S7171223: Building ExtensionSubtables.cpp should use -fno-strict-aliasing
    • S7171653: 32-bit cross-compile on 64-bit build host generates 64-bit data for awt/X11 leading to crash
    • S7171703: JNI DefineClass crashes client VM when first parameter is NULL
    • S7171852: new hotspot build – hs23.2-b04
    • S7172430: [macosx] debug message in non debug jdk build
    • S7172552: jabswitch utility should not request elevated privilege on the system
    • S7172708: 32/64 bit type issues on Windows after Mac OS X port
    • S7172722: Latest jdk7u from OSX broke universal build
    • S7173329: Fix build broken by 7126277 to jdk7u-dev
    • S7173432: Handle null key at HashMap resize
    • S7173436: new hotspot build – hs23.2-b05
    • S7173487: [macosx] Problems with popup menus, tooltips and dialog boxes in dual monitor setup
    • S7173515: (se) Selector.open fails with OOME on Solaris when unlimited file descriptors
    • S7173635: jprt.properties should include release jdk7u6
    • S7173645: (props) System.getProperty(“os.name”) should return “Windows Server 2012″ for Windows Server 2012
    • S7173918: set alternative string hashing threshold.
    • S7174244: NPE in Krb5ProxyImpl.getServerKeys()
    • S7174363: Arrays.copyOfRange leads to VM crash with -Xcomp -server if executed by testing framework
    • S7174510: 19 JCK compiler tests fail with C2 error: memNode.cpp:812 – ShouldNotReachHere
    • S7174645: Could not enable access bridge
    • S7174704: [macosx] New issue in 7u6 b12: HeadlessPrintingTest failure
    • S7174718: [macosx] Regression in 7u6 b12: PopupFactory leaks DefaultFrames.
    • S7174736: JCK test api/java_util/HashMap/index_EntrySet failing
    • S7174861: all/OPT jdk build on Solaris with FDS enabled sets wrong options
    • S7174928: JSR 292: unresolved invokedynamic call sites deopt and osr infinitely
    • S7174970: NLS [ccjk] Extra mnemonic keys at standard filechooserdialog (open and save) in metal L&F
    • S7175133: jinfo failed to get system properties after 6924259
    • S7175255: symlinks are wrong, which caused jdk8-promote-2 to fail (client/64/64 directories in debuginfo zips)
    • S7175331: Remove FDS files from embedded JRE images
    • S7175367: NLS: 7u6 message drop10 integration
    • S7175516: new hotspot build – hs23.2-b06
    • S7175758: Improve unit test of Map iterators and Iterator.remove()
    • S7175802: Missing jdk_jfr in top-level make file
    • S7175845: “jar uf” changes file permissions unexpectedly
    • S7176630: (sc) SocketChannel.write does not write more than 128k when channel configured blocking [win]
    • S7176784: Windows authentication not working on some computers
    • S7176894: back out LocaleNames_xx.properties files from 7u6 message drop10
    • S7177128: SA cannot get correct system properties after 7126277
    • S7177144: [macosx] Drag and drop not working (regression in 7u6)
    • S7177173: [macosx] JFrame.setExtendedState(JFrame.MAXIMIZED_BOTH) not working as expected in JDK 7
    • S7177216: native2ascii changes file permissions of input file
    • S7177365: new hotspot build – hs23.2-b07
    • S7177617: TEST_BUG: java/nio/channels/AsyncCloseAndInterrupt.java failing (win)
    • S7177701: error: Filling jar message during javax/imageio/metadata/IIOMetadataFormatImpl compilation
    • S7178079: REGRESSION: Some AWT Drag-n-Drop tests fail since JDK 7u6 b13
    • S7178113: build environment change
    • S7178483: Change version string for Embedded releases
    • S7178548: Hashtable alternative hashing threshold default ignored
    • S7178670: runtime/7158800/BadUtf8.java fails in SymbolTable::rehash_table
    • S7179138: Incorrect result with String concatenation optimization
    • S7179194: new hotspot build – hs23.2-b08
    • S7179349: [macosx] Java processes on Mac should not use default Apple icon
    • S7179759: ENV: Nightly fails during jdk copiyng for solaris platforms after FDS unzipping
    • S7180240: Disable alternative string hashing by default
    • S7180621: Hashtable has incorrect alternative hashing threshold default value
    • S7180884: new hotspot build – hs23.2-b09
    • S7180907: Jarsigner -verify fails if rsa file used sha-256 with authenticated attributes
    • S7181027: [macosx] Unable to use headless mode
    • S7181200: JVM new hashing code breaks SA in product mode
    • S7182135: Impossible to use some editors directly
    • S7182226: NLS: jdk7u6 message drop20 integration
    • S7182500: OCSP revocation checking fails if OCSP responce does not contain certificates
    • S7182902: [macosx] Test api/java_awt/GraphicsDevice/indexTGF.html#SetDisplayMode fails on Mac OS X 10.7
    • S7182971: Need to include documentation content for JCMD man page
    • S7183209: Backout 7105952 changes for jdk7u
    • S7183251: Netbeans editor renders text wrong on JDK 7u6 build
    • S7183292: HttpURLConnection.getHeaderFields() throws IllegalArgumentException: Illegal cookie name
    • S7184145: (pack200) pack200 –repack throws NullPointerException when JAR file specified without path
    • S7184401: JDk7u6 : Missing main menu bar in Netbeans after fix for 7162144
    • S7184845: Apps6: menu tree bean in form throws npe in jre 7 while closing
    • S7184951: [macosx] Exception at java.awt.datatransfer on headless mode (only in GUI session)
    • S7185512: The printout doesn’t match image on screen.
    • S7188168: 7071904 broke the DEBUG_BINARIES option on Linux
    • S7190813: (launcher) RPATH needs to have additional paths

The tarball can be downloaded from:

SHA256 checksums:

  • 4d5f253fb20d4026ae55e8ab97840e257ca5b89897593a68dd18bb1c48b6f3e9 icedtea-2.3.1.tar.gz

Each tarball is accompanied by a digital signature (see above links). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-2.3.1.tar.gz
$ cd icedtea6-2.3.1

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

The IcedTea 2.1.1 & 2.2.1 release updates our OpenJDK7 support to include the latest security updates just released:

We believe that the 2.2.1 release takes IcedTea to the level of 7u5, including both the changes in the public OpenJDK7 repository for u4 and the security updates, which is what we believe u5 is comprised of[*].

In addition, IcedTea includes the usual IcedTea patches to allow builds against system libraries and to support more estoric architectures.

Please note that support for alternative VM solutions (CACAO, Shark, Zero) may be lacking in this release. Specifically, Zero/Shark are known not to work with the 2.2 release series. Patches are welcome; please contact the mailing list (distro-pkg-dev at openjdk.java.net) and/or file bugs (http://icedtea.classpath.org/bugzilla) under the appropriate component.

Full details of the releases can be found below.

What’s New?

New in release 2.2.1 (2012-06-12):

New in release 2.1.1 (2012-06-12):

  • Security fixes
  • Bug fixes
    • PR885: IcedTea7 does not build scripting support
    • Fix bug whereby JPEG_LIBS were not set by jdk_generic_profile.sh
    • S7150392: Linux build breaks with GCC 4.7 due to unrecognized option
    • Support glib >= 2.32.
  • ARM port
    • Add arm_port from IcedTea 6
    • added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler
    • Adjust saved SP when safepointing.
    • ARM: First cut of invokedynamic
    • ARM: JIT-compilation of ldc methodHandle
    • Changes for HSX22
    • corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2
    • Don’t save locals at a return.
    • Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged
    • invokedynamic and aldc for JIT
    • Minor review cleanups.
    • modified safepoint check to rely on memory protect signal instead of polling
    • patched method handle adapter code to deal with failures in TCK
    • Phase 1
    • Phase 2
    • RTC Thumb2 JIT enhancements.
    • Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo.
    • Use ldrexd for atomic reads on ARMv7.
    • Use unified syntax for thumb code.

The tarball can be downloaded from:

SHA256 checksums:

  • 4a015cf3fb8fb9aa6b3ce4a41fd9bc5dcb417a1885a10a01e92d0cc7a5ffdc65 icedtea-2.1.1.tar.gz
  • 0f5ba163904f7c50374ab345216dd1b66c077fc431592eb3d4801f7ecda200b6 icedtea-2.2.1.tar.gz

Each tarball is accompanied by a digital signature (link above). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy hacking!

[*] It is difficult to make authoritative statements about u5 as the release is proprietary. Oracle still do not provide GPL binaries based on OpenJDK.

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative virtual machines.

A new set of security releases is now available:

  • IcedTea6 1.10.8
  • IcedTea6 1.11.3

All updates contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.10.8 (2012-06-12):

New in release 1.11.3 (2012-06-12):

The tarballs can be downloaded from:

SHA256 checksums:

  • 7723882c52d21f859c67f64d84764d5e6c69ac79245ecc0579ccac29e086000a icedtea6-1.10.8.tar.gz
  • 7d91c407b9795bd6f6255bcf0fb808416b36418c57f601dc47cfabff83194cf4 icedtea6-1.11.3.tar.gz

Each tarball is accompanied by a digital signature (link above). This is produced using my public key. See details below.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

Happy Hacking!

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

A new set of security releases is now available for IcedTea6, which uses OpenJDK6 as its base:

  • IcedTea6 1.8.13 (based on OpenJDK6 b18)
  • IcedTea6 1.9.13 (based on OpenJDK6 b20)
  • IcedTea6 1.10.6 (based on OpenJDK6 b22)

and one for IcedTea 2.x, which uses OpenJDK7 as its base:

  • IcedTea 2.0.1 (based on OpenJDK7 u1 + u3 security patches)

All updates contain the following security fixes:

Full details of each release can be found below. For details of the 1.11.1 security release, see Omair’s e-mail.

*PLEASE NOTE*: With this release, the 1.8 series is now NO LONGER SUPPORTED. We strongly recommend that you upgrade to a new release series; either 1.9.13, 1.10.6 or 1.11.1 for OpenJDK6. Alternatively, make the jump to OpenJDK7 with 2.0.1 or the new 2.1.0 (to be released shortly).

What’s New?

New in release 2.0.1 (2012-02-14)

New in release 1.10.6 (2012-02-14)

New in release 1.9.13 (2012-02-14)

New in release 1.8.13 (2012-02-14)

The tarballs can be downloaded from:

SHA256 checksums:

  • 9d3c4d3676c2286003cf9beb9fc3ee442d2c04b3f8b229be140fe636c9e70101 icedtea-2.0.1.tar.gz
  • 4bdd8ff2e6a93455425eeabd6c073137bf3816ad16ce6e89979ec1521e03c7f1 icedtea6-1.10.6.tar.gz
  • 1c972e03be7021e1b789e6077df9c74af7df239182d20d2478f7a60bc68e3c61 icedtea6-1.9.13.tar.gz
  • be3afacb9a08cdf932e4772f7f5575c53f21a2a60456eb4e8e63e18fa4e2e41b icedtea6-1.8.13.tar.gz

Each tarball is accompanied by a digital signature (available at the above URL + ‘.sig’). This is produced using my public key:

  • PGP Key: 248BDC07 (https://keys.indymedia.org/)
  • Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf <tarball name>
$ cd <tarball name minus .tar.gz suffix>

Full build requirements and instructions are in INSTALL:

$ ./configure [--with-parallel-jobs[=x] --enable-pulse-java --enable-systemtap ...]
$ make

Happy Hacking!

The IcedTea project provides a harness to build the source code from OpenJDK6 using Free Software build tools, along with additional features such as a PulseAudio sound driver and support for alternative
virtual machines.

A new set of security releases is now available for versions of IcedTea which include the plugin and Web Start support now developed in the IcedTea-Web project:

  • IcedTea6 1.8.11
  • IcedTea6 1.9.11

Where possible, we recommend using IcedTea-Web in preference to these older versions, in order to obtain the latest bug fixes and features.

All updates contain the following security fixes:

Full details of each release can be found below.

What’s New?

New in release 1.9.11 (2011-11-08)

  • Security fixes

New in release 1.8.11 (2011-11-08)

  • Security fixes

The tarballs can be downloaded from:

SHA256 checksums:

  • 6eb418ec0609080a71bda16896124d6e1ac23b2f54af52e05fc22c719e12ca29 icedtea6-1.8.11.tar.gz
  • fd3b32f8dd1010fa8b752f0224fb25a8fe102c9f82652f0ded32138fd4ba3714 icedtea6-1.9.11.tar.gz

Each tarball is accompanied by a digital signature (available at the above URL + ‘.sig’). This is produced using my public key. See details below in the signature.

The following people helped with these releases:

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-<ver>.tar.gz
$ cd icedtea6-<ver>

Full build requirements and instructions are in INSTALL:

$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

« Previous PageNext Page »