# HG changeset patch # User Andrew John Hughes # Date 1329134355 0 # Node ID 8c64a69895aaef7a53bd4ef5550d84e34a6a42ed # Parent a6cca6f7805a94e3e9a63d2ea1f7aebd9e580181 Add CVE numbers. 2012-02-13 Andrew John Hughes * NEWS: Add CVE numbers. diff -r a6cca6f7805a -r 8c64a69895aa ChangeLog --- a/ChangeLog Sat Feb 11 13:22:56 2012 +0000 +++ b/ChangeLog Mon Feb 13 11:59:15 2012 +0000 @@ -1,3 +1,7 @@ +2012-02-13 Andrew John Hughes + + * NEWS: Add CVE numbers. + 2012-02-10 Andrew John Hughes * Makefile.am: Apply 7112642 security patch diff -r a6cca6f7805a -r 8c64a69895aa NEWS --- a/NEWS Sat Feb 11 13:22:56 2012 +0000 +++ b/NEWS Mon Feb 13 11:59:15 2012 +0000 @@ -11,15 +11,15 @@ New in release 1.8.13 (2012-02-14): * Security fixes - - S7082299: Fix in AtomicReferenceArray - - S7088367: Fix issues in java sound - - S7110683: Issues with some KeyboardFocusManager method - - S7110687: Issues with TimeZone class - - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - - S7110704: Issues with some method in corba - - S7112642: Incorrect checking for graphics rendering object - - S7118283: Better input parameter checking in zip file processing - - S7126960: Add property to limit number of request headers to the HTTP Server + - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray + - S7088367, CVE-2011-3563: Fix issues in java sound + - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method + - S7110687, CVE-2012-0503: Issues with TimeZone class + - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass + - S7110704, CVE-2012-0506: Issues with some method in corba + - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object + - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing + - S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server * Bug fixes - RH580478: Desktop files should not use hardcoded path