Mercurial > hg > icedtea6-hg

changeset 3129:963a9ab43d7f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add 1.11.15 release notes. 2014-01-30 Andrew John Hughes <gnu.andrew@redhat.com> * NEWS: Add 1.11.15 release notes.
author Andrew John Hughes <gnu.andrew@redhat.com>
date Thu, 30 Jan 2014 21:38:08 +0000
parents 2ec0e83f2e83
children 8c338e95fea0 7d844153dc95
files ChangeLog NEWS
diffstat 2 files changed, 55 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Thu Jan 23 18:56:55 2014 +0000
+++ b/ChangeLog	Thu Jan 30 21:38:08 2014 +0000
@@ -1,3 +1,7 @@
+2014-01-30  Andrew John Hughes  <gnu.andrew@redhat.com>
+
+	* NEWS: Add 1.11.15 release notes.
+
 2014-01-23  Andrew John Hughes  <gnu.andrew@redhat.com>
 
 	* acinclude.m4:
--- a/NEWS	Thu Jan 23 18:56:55 2014 +0000
+++ b/NEWS	Thu Jan 30 21:38:08 2014 +0000
@@ -14,6 +14,57 @@
 
 New in release 1.14.0 (201X-XX-XX):
 
+New in release 1.11.15 (2014-01-21):
+
+* Security fixes
+  - S6727821: Enhance JAAS Configuration
+  - S7068126, CVE-2014-0373: Enhance SNMP status
+  - S8010935: Better XML handling
+  - S8011786, CVE-2014-0368: Better applet networking
+  - S8021257, CVE-2013-5896: com.sun.corba.se.** should be on restricted package list
+  - S8022904: Enhance JDBC Parsers
+  - S8022927: Input validation for byte/endian conversions
+  - S8022935: Enhance Apache resolver classes
+  - S8022945: Enhance JNDI implementation classes
+  - S8023057: Enhance start up image display
+  - S8023069, CVE-2014-0411: Enhance TLS connections
+  - S8023245, CVE-2014-0423: Enhance Beans decoding
+  - S8023301: Enhance generic classes
+  - S8023672: Enhance jar file validation
+  - S8024306, CVE-2014-0416: Enhance Subject consistency
+  - S8024530: Enhance font process resilience
+  - S8024867: Enhance logging start up
+  - S8025014: Enhance Security Policy
+  - S8025018, CVE-2014-0376: Enhance JAX-P set up
+  - S8025026, CVE-2013-5878: Enhance canonicalization
+  - S8025034, CVE-2013-5907: Improve layout lookups
+  - S8025448: Enhance listening events
+  - S8025758, CVE-2014-0422: Enhance Naming management
+  - S8025767, CVE-2014-0428: Enhance IIOP Streams
+  - S8026172: Enhance UI Management
+  - S8026176: Enhance document printing
+  - S8026193, CVE-2013-5884: Enhance CORBA stub factories
+  - S8026204: Enhance auth login contexts
+  - S8026417, CVE-2013-5910: Enhance XML canonicalization
+  - S8027201, CVE-2014-0376: Enhance JAX-P set up
+* Backports
+  - S6763340: memory leak in com.sun.corba.se.* classes
+  - S6873605: Missing finishedDispatch() call in ORBImpl causes test failures after 5u20 b04
+  - S6893617: JDK 6 CNCtx always uses the default ORB
+  - S6980681: CORBA deadlock in Java SE believed to be related to CR 6238477
+  - S6995424: Eliminate dependency to a deprecated API com.sun.security.auth.PolicyFile 
+  - S7162902: Umbrella port of a number of corba bug fixes from JDK 6 to jdk7u/8
+  - S8026826: JDK 7 fix for 8010935 broke the build
+  - S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms
+* Bug fixes
+  - D729448: 32-bit alignment on mips and mipsel
+  - Fail if a C and C++ compiler are not detected.
+  - Only copy tz.properties if the destination directory exists.
+  - Fix GenerateBreakIteratorData tool so that crashes have stack traces.
+  - Fix path in nss-not-enabled-config.patch.
+* SystemTap support:
+  - Add garbage collection dtrace/SystemTap probes to HotSpot.
+
 New in release 1.13.1 (2014-01-22):
 
 * Security fixes