Mercurial > hg > release > icedtea6-1.9
view patches/security/20111018/7096936.patch @ 2352:941103576384
Add first batch of security patches.
S7000600, CVE-2011-3547: InputStream skip() information leak
S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow
S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager
S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine
S7055902, CVE-2011-3521: IIOP deserialization code execution
S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks
S7064341, CVE-2011-3389: JSSE
S7070134, CVE-2011-3558: Hotspot unspecified issue
S7077466, CVE-2011-3556: RMI DGC server remote code execution
S7083012, CVE-2011-3557: RMI registry privileged code execution
S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection
2011-10-13 Andrew John Hughes <ahughes@redhat.com>
* Makefile.am: Add patches.
* NEWS: List security updates.
* patches/icedtea-rhino.patch: Change
after 7046823 is applied.
* patches/security/20111018/7000600.patch,
* patches/security/20111018/7019773.patch,
* patches/security/20111018/7023640.patch,
* patches/security/20111018/7032417.patch,
* patches/security/20111018/7046823.patch,
* patches/security/20111018/7055902.patch,
* patches/security/20111018/7057857.patch,
* patches/security/20111018/7064341.patch,
* patches/security/20111018/7070134.patch,
* patches/security/20111018/7083012.patch,
* patches/security/20111018/7096936.patch:
First batch of security patches.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Thu, 13 Oct 2011 15:04:46 +0100 |
parents | |
children |
line wrap: on
line source
# HG changeset patch # User coffeys # Date 1317840677 -3600 # Node ID 4a17cd579c2b59a955e2dc7069e4c65778a3b47a # Parent 9a4fc5068e5f2d8e04facd272cc17900f54ef00c 7096936: issue in jsse/runtime Reviewed-by: xuelei, wetmore diff --git a/src/share/classes/com/sun/net/ssl/HttpsURLConnection.java b/src/share/classes/com/sun/net/ssl/HttpsURLConnection.java --- openjdk/jdk/src/share/classes/com/sun/net/ssl/HttpsURLConnection.java +++ openjdk/jdk/src/share/classes/com/sun/net/ssl/HttpsURLConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -179,6 +179,12 @@ class HttpsURLConnection extends HttpURL throw new IllegalArgumentException( "no SSLSocketFactory specified"); } + + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + sm.checkSetFactory(); + } + sslSocketFactory = sf; } diff --git a/src/share/classes/javax/net/ssl/HttpsURLConnection.java b/src/share/classes/javax/net/ssl/HttpsURLConnection.java --- openjdk/jdk/src/share/classes/javax/net/ssl/HttpsURLConnection.java +++ openjdk/jdk/src/share/classes/javax/net/ssl/HttpsURLConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -368,6 +368,10 @@ class HttpsURLConnection extends HttpURL "no SSLSocketFactory specified"); } + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + sm.checkSetFactory(); + } sslSocketFactory = sf; }