Mercurial > hg > release > icedtea6-1.9
changeset 2354:664021245703
Add better descriptions for a couple of security issues.
2011-10-13 Andrew John Hughes <ahughes@redhat.com>
* NEWS: Add better descriptions for
a couple of security issues.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Thu, 13 Oct 2011 15:31:14 +0100 |
parents | cee8f49929f9 |
children | 17e57c1e0898 |
files | ChangeLog NEWS |
diffstat | 2 files changed, 7 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Thu Oct 13 15:06:00 2011 +0100 +++ b/ChangeLog Thu Oct 13 15:31:14 2011 +0100 @@ -1,3 +1,8 @@ +2011-10-13 Andrew John Hughes <ahughes@redhat.com> + + * NEWS: Add better descriptions for + a couple of security issues. + 2011-10-13 Andrew John Hughes <ahughes@redhat.com> * NEWS: Add 1.9.10 release date.
--- a/NEWS Thu Oct 13 15:06:00 2011 +0100 +++ b/NEWS Thu Oct 13 15:31:14 2011 +0100 @@ -18,8 +18,8 @@ - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine - S7055902, CVE-2011-3521: IIOP deserialization code execution - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks - - S7064341, CVE-2011-3389: JSSE - - S7070134, CVE-2011-3558: Hotspot unspecified issue + - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) + - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer - S7077466, CVE-2011-3556: RMI DGC server remote code execution - S7083012, CVE-2011-3557: RMI registry privileged code execution - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection