Mercurial > hg > release > icedtea6-1.5

view NEWS @ 1552:6911ed874329

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated README
author Lillian Angel <langel@redhat.com>
date Tue, 19 May 2009 09:46:57 -0400
parents 926c38e2b283
children 3b93da7c778a
line wrap: on
line source

New in release 1.5 (2009-05-20)

- Static trace support through systemtap.
  When given the configure option --enable-systemtap IcedTea will build
  hotspot with the dtrace static markers enabled and install an hotspot
  tapset that can be used to dynamically trace execution of java
  applications at runtime. See the tapset/hotspot.stp file for
  documentation of the various trace points and arguments available.
- Allow building of other virtual machines besides the default VM. Additional
  virtual machines on architectures where hotspot is available are cacao
  and zero (or shark), and cacao, where zero (or shark) is available. It's
  not possible to build cacao as the default VM, and zero as additional VM.
- Update to latest HotSpot minor build (hs14b10-->hs14b15) from the new
  HotSpot Express repository.
- Updated to OpenJDK b16 build.
- VisualVM updated to 1.1.1.
- Updated to support CACAO 0.99.4.
- Several web browser plugin and javaws support fixes:
  - Fixed security handling to prevent access denials when there is a site
  specific exception in the policy file
  - Allow extentions (chrome) to run Java code with full permissions
  - Added non-trusted SSL support to WebStart (javaws)
  - Added proxy support
  - Other improvements that were breaking specific sites (tag parser fix,
    nested jar support, etc.)
  - Added JVM Console (used by http://chrispederick.com/work/web-developer/)
- Removed gcjwebplugin support.
- LCMS security fixes.
- Many build improvements.
- Many gervill, java2d, nio2, pulse java, zero/shark, jtreg fixes.
- Experimental out-of-the-box cross-compilation support (not yet finished)
- Other bug fixes.

New in release 1.4 (2009-01-29)

- Security fixes for:
  CVE-2008-5360 - Temporary files have guessable file names.
  CVE-2008-5350 - Allows to list files within the user home directory.
  CVE-2008-5348 - Denial-Of-Service in kerberos authentication.
  CVE-2008-5359 - Buffer overflow in image processing.
  CVE-2008-5351 - UTF-8 decoder accepts non-shortest form sequences.
  CVE-2008-5356 - Font processing vulnerability.
  CVE-2008-5353 - Calendar object deserialization allows privilege escalation.
  CVE-2008-5354 - Privilege escalation in command line applications.
  CVE-2008-5357 - Truetype Font processing vulnerability.
  CVE-2008-5352 - Jar200 Decompression buffer overflow.
  CVE-2008-5358 - Buffer Overflow in GIF image processing.
- Updated to OpenJDK b14 build.
- Upgraded to new OpenJDK7 Hotspot 14. The old OpenJDK6 Hotspot 11 can
  still be configured --with-hotspot-build=original but future versions
  will drop support for the old version and only support HS14. Zero
  and Shark have been forward ported to HS14 (from HS12).
- XRender pipeline support: Java2D are noticably faster and running over a 
  remote X connection feels like it is all local. Build by default
  (disable with --disable-xrender). Runtime enabled by running java
  -Dsun.java2d.xrender=True (default is to use the old X renderer for now).
- IcedTeaPlugin now supports HTTPS sites and adds a user prompt for
  untrusted https certificates.
- Use the ALSA 'default' device. Makes Java play nicer with PulseAudio.
- VisualVM integration has been removed.
- Gervill soft synthesizer integration updated to latest CVS version.
- Integrated jtreg upgraded to 4_0-src-b02-15_oct_2008.
- make check runs much faster now. jtreg -samevm support has been
  integrated into the langtools and jdk subsystems. Please package the
  test/jtreg-summary.log file with your distribution package so end users
  can compare the test results.
- Shark (--enable-shark) now builds on 64 bit platforms, but is a
  pre-alpha technology preview and not recommended for use.
- Better support for bootstrapping with different jar programs
  (supporting -J options).
- If --with-pkgversion isn't given the short mercurial rev node version
  will be used.  Package distributors are encouraged to build packages with
  --with-pkgversion to uniquely identify their distribution version number
  when java -version is run to help distribution specific bug reporting.
- Various freetype font, pisces renderer and awt X window size fixes
  to fix visual anomalies.
- Build fixes for gcc 4.3 and 4.4-pre-release.
- Added support for building against a specific openjdk src dir
  or hg revision (--with-openjdk-src-dir or --with-hg-revision).
- Many other Plugin, Zero, Shark and PulseAudio bug fixes.
- Build clean up.

New in release 1.3.1 (2008-10-27)

- Plugin including LiveConnect support built as default.
- Various bugs fixed: renderer patch, version string updated, 
chinese fonts filename fix for Fedora etc.
- More progress on Shark and Cacao.
- Several plugin bug fixes.
- Several build fixes.

New in release 1.3 (2008-10-15)

- Updated to b12 build.
- Fixed to use new sound service, Gervill.
- Many Netx fixes and now built by default.
- LiveConnect support (--enable-liveconnect).
- Implemented JavaScript->Java security.
- PulseAudio integrated (--enable-pulse-java)
- VisualVM tool integrated (--enable-visualvm).
- Added out-of-the-box CACAO support (--with-cacao).
- Added the experimental Shark JIT for Zero.
- Cleaned up crypto support, all algorithms and key sizes are fully
  supported now without any (regional) restrictions. No more need for
  separate crypto policy jars.
- Integration of Mozilla Rhino javascript support for javax.script.
  (See http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=179 when
   you want to enable non-system-installed versions of Rhino).
- Add support for Zero builds on alpha, arm, mips, mipsel, m68k, s390.
- Various build fixes.
- Several bug and security fixes.

New in release 1.2 (2008-05-28)

- Updated to b09 build.
- Added the the lcms library with PYCC and LINEAR_RGB ICC
  profiles.
- Integrated Gervill to provide midi support.
- JTreg integrated.
- javaws/NetX fixes:
  -improved security, namely catching Socket permissions during    
  runtime
  -implemented the remaining JNLP services api (PrintService, 
  JNLPRandomAccessFile)
  -applet focusing bug fixed
- sparc/sparc64 port
- Desktop file integration.
- Various zero fixes.
- Sound fixes.
- Font fixes.
- Several other bug fixes.

New in release 1.1 (2008-04-04)

- Zero builds on any architecture.
- New features added to NetX:
   - Certificate fingerprints now show as part 
     of certificate details.
   - gcjwebplugin can now run applets through NetX, 
     taking advantage of NetX's sandboxing and application security.
   - User trusted certificates can be managed by passing the -viewer 
     option to NetX. 
- Updated to b08.
- Several bug fixes.

New in release 1.0 (2008-02-15)

- Initial release