Date: Mon, 21 Feb 2011 19:03:18 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/java/openjdk6 Makefile distinfo ports/java/openjdk6/files patch-FloatingDecimal.java patch-security patch-set Message-ID: <201102211903.p1LJ3IlO088839@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
jkim 2011-02-21 19:03:18 UTC FreeBSD ports repository Modified files: java/openjdk6 Makefile distinfo java/openjdk6/files patch-set Added files: java/openjdk6/files patch-security Removed files: java/openjdk6/files patch-FloatingDecimal.java Log: Update IcedTea-Web to 1.0.1 and fix multiple security vulnerabilities. CVE-2010-4469: Hotspot backward jsr heap corruption CVE-2010-4465: Swing timer-based security manager bypass CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation CVE-2010-4448: DNS cache poisoning by untrusted applets CVE-2010-4450: Launcher incorrect processing of empty library path entries CVE-2010-4471: Java2D font-related system property leak CVE-2010-4470: JAXP untrusted component state manipulation CVE-2011-0706: Multiple signers privilege escalation Obtained from: icedtea.classpath.org Obtained from: jaxp.java.net Revision Changes Path 1.42 +2 -2 ports/java/openjdk6/Makefile 1.18 +2 -2 ports/java/openjdk6/distinfo 1.2 +0 -11 ports/java/openjdk6/files/patch-FloatingDecimal.java (dead) 1.1 +1665 -0 ports/java/openjdk6/files/patch-security (new) 1.15 +7 -6 ports/java/openjdk6/files/patch-set
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102211903.p1LJ3IlO088839>