Mercurial > hg > release > icedtea6-1.6

changeset 1671:9f84fb766ec8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added CVEs to NEWS
author langel
date Tue, 25 Aug 2009 12:05:50 -0400
parents 9b85d9f17c40
children d8cd6df4b152
files NEWS
diffstat 1 files changed, 11 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/NEWS	Tue Aug 25 10:58:37 2009 -0400
+++ b/NEWS	Tue Aug 25 12:05:50 2009 -0400
@@ -1,6 +1,17 @@
 New in release 1.6 (UNRELEASED)
 
 - Added java method tracing using systemtap version 0.9.9+.
+- Security fixes for:
+  CVE-2009-2670 - OpenJDK Untrusted applet System properties access
+  CVE-2009-2671 CVE-2009-2672 - OpenJDK Proxy mechanism information leaks
+  CVE-2009-2673 - OpenJDK proxy mechanism allows non-authorized socket connections  
+  CVE-2009-2674 - Java Web Start Buffer JPEG processing integer overflow
+  CVE-2009-2675 - Java Web Start Buffer unpack200 processing integer overflow
+  CVE-2009-2625 - OpenJDK XML parsing Denial-Of-Service
+  CVE-2009-2475 - OpenJDK information leaks in mutable variables 
+  CVE-2009-2476 - OpenJDK OpenType checks can be bypassed
+  CVE-2009-2689 - OpenJDK JDK13Services grants unnecessary privileges
+  CVE-2009-2690 - OpenJDK private variable information disclosure
 
 New in release 1.5 (2009-05-20)