Your message dated Sun, 29 Nov 2009 10:49:27 +0000 with message-id <e1nehll-0004j4...@ries.debian.org> and subject line Bug#558173: fixed in sun-java6 6-17-1 has caused the Debian Bug report #558173, regarding Update 17 fixes several security issues to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 558173: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558173 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: sun-java6 Severity: grave Tags: security Update 17 fixes a lot of security issues: [58]CVE-2009-3728 Directory traversal vulnerability in the ICC_Profile.getInstance ... [59]CVE-2009-3729 Unspecified vulnerability in the TrueType font parsing functionality ... [60]CVE-2009-3865 The launch method in the Deployment Toolkit plugin in Java Runtime ... [61]CVE-2009-3866 The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before ... [62]CVE-2009-3867 Stack-based buffer overflow in the HsbParser.getSoundBank function in ... [63]CVE-2009-3868 Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before ... [64]CVE-2009-3869 Stack-based buffer overflow in the setDiffICM function in the Abstract ... [65]CVE-2009-3871 Heap-based buffer overflow in the setBytePixels function in the ... [66]CVE-2009-3872 Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in ... [67]CVE-2009-3873 The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update ... [68]CVE-2009-3874 Integer overflow in the JPEGImageReader implementation in the ImageI/O ... [69]CVE-2009-3875 The MessageDigest.isEqual function in Java Runtime Environment (JRE) ... [70]CVE-2009-3876 Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before ... [71]CVE-2009-3879 Multiple unspecified vulnerabilities in the (1) X11 and (2) ... [72]CVE-2009-3880 The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in ... [73]CVE-2009-3881 Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, ... [74]CVE-2009-3882 Multiple unspecified vulnerabilities in the Swing implementation in ... [75]CVE-2009-3884 The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 ... [76]CVE-2009-3886 The Java Web Start implementation in Sun Java SE 6 before Update 17 ... Details can be found in the Debian Security Tracker. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.31-1-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---Source: sun-java6 Source-Version: 6-17-1 We believe that the bug you reported is fixed in the latest version of sun-java6, which is due to be installed in the Debian FTP archive: sun-java6-bin_6-17-1_i386.deb to non-free/s/sun-java6/sun-java6-bin_6-17-1_i386.deb sun-java6-demo_6-17-1_i386.deb to non-free/s/sun-java6/sun-java6-demo_6-17-1_i386.deb sun-java6-fonts_6-17-1_all.deb to non-free/s/sun-java6/sun-java6-fonts_6-17-1_all.deb sun-java6-javadb_6-17-1_all.deb to non-free/s/sun-java6/sun-java6-javadb_6-17-1_all.deb sun-java6-jdk_6-17-1_i386.deb to non-free/s/sun-java6/sun-java6-jdk_6-17-1_i386.deb sun-java6-jre_6-17-1_all.deb to non-free/s/sun-java6/sun-java6-jre_6-17-1_all.deb sun-java6-plugin_6-17-1_i386.deb to non-free/s/sun-java6/sun-java6-plugin_6-17-1_i386.deb sun-java6-source_6-17-1_all.deb to non-free/s/sun-java6/sun-java6-source_6-17-1_all.deb sun-java6_6-17-1.diff.gz to non-free/s/sun-java6/sun-java6_6-17-1.diff.gz sun-java6_6-17-1.dsc to non-free/s/sun-java6/sun-java6_6-17-1.dsc sun-java6_6-17.orig.tar.gz to non-free/s/sun-java6/sun-java6_6-17.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 558...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Giuseppe Iuculano <iucul...@debian.org> (supplier of updated sun-java6 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 28 Nov 2009 19:02:56 +0100 Source: sun-java6 Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo sun-java6-source sun-java6-javadb Architecture: source i386 all Version: 6-17-1 Distribution: unstable Urgency: low Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Giuseppe Iuculano <iucul...@debian.org> Description: ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit) ia32-sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 (32-bit) sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture dependent sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE) sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6 sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independen sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files Closes: 558173 Changes: sun-java6 (6-17-1) unstable; urgency=low . * QA upload. * New upstream version. (Closes: #558173) Release notes at http://java.sun.com/javase/6/webnotes/6u17.html Checksums-Sha1: ac2f3b9a0debac7db0439ab9b056d4d1ca8fe3fc 1566 sun-java6_6-17-1.dsc d75bde4bde3e75aef5b8009b045d5520039906fb 161365048 sun-java6_6-17.orig.tar.gz 3e0ad0530aa629bd1e2bfda0466f1d176fbdef76 78537 sun-java6_6-17-1.diff.gz ba01ec79d2fb53e7c7b9b55ea5590ae7c173bdd6 29106010 sun-java6-bin_6-17-1_i386.deb df0a6d240444650815595215736fd84d97bc386a 1780 sun-java6-plugin_6-17-1_i386.deb 0a8bace1a3396ba6846110425abae7d16f24fd01 18527780 sun-java6-jdk_6-17-1_i386.deb 798ea3adeee70f7af274d22ce1346102749265e8 12245710 sun-java6-demo_6-17-1_i386.deb 6e42fef501667c6a7e43a2014d4f3cb401485347 6432356 sun-java6-jre_6-17-1_all.deb 82d0d113b9b6245c992a0bb9758d4c29cf919a30 1864 sun-java6-fonts_6-17-1_all.deb 55ef8539d64728690fbdfcbc68a7c4f9265863b7 17850672 sun-java6-source_6-17-1_all.deb 6517a305de4f6bd992d1afc593fca7a9bd4c870e 10038772 sun-java6-javadb_6-17-1_all.deb Checksums-Sha256: 26ea51a8e1c2a3a5f59612e709adb358e97c380416af35d1a445495ba382f1e2 1566 sun-java6_6-17-1.dsc 9651d1bd0c50658b1d40671d6b9836995a00264fa321fe406132a7017232fb5a 161365048 sun-java6_6-17.orig.tar.gz af98c0e87ea5750fdfd8720f25ba78069178c76d98ecca4a3973e88b20218584 78537 sun-java6_6-17-1.diff.gz 2b822ab82438e0a11f435383943e50e0bd5b9c26dcdd996dfd3504e189467ab1 29106010 sun-java6-bin_6-17-1_i386.deb 8d9576448d07c4483569dd5b19e464c033bd7992a5e3000f6c5ac427f8bf2d63 1780 sun-java6-plugin_6-17-1_i386.deb fa7ec199b394f6b86c8519d1fcebb4627597eba992caa78f08d63e587fa21282 18527780 sun-java6-jdk_6-17-1_i386.deb 2e691ce0d626ebee1216c43f6d94fa01035614b29ee8adf90cc34693c49c3681 12245710 sun-java6-demo_6-17-1_i386.deb 7c67e0612f7812614ed9f036da67eef109d4170018f0e3cc20893134809d4ba2 6432356 sun-java6-jre_6-17-1_all.deb 27ca0701a19fe1ea34d0772cda16e7d7fc17f2fdc72e94268dada294e1286e4c 1864 sun-java6-fonts_6-17-1_all.deb eab2abf58f0ea989699ad2b7c643bb39931ecf4ffd615c9e27caaad93a2b919a 17850672 sun-java6-source_6-17-1_all.deb 59da03cc8d98ca54bd246ae4a661dd2ac9b2d2b4932ba3ea686bf90ecbdc860d 10038772 sun-java6-javadb_6-17-1_all.deb Files: 79a74e6ed6bd1d03c85e9de541d66f4a 1566 non-free/java optional sun-java6_6-17-1.dsc 82dbc013455904d579f7e903e51ce7eb 161365048 non-free/java optional sun-java6_6-17.orig.tar.gz 05b9a37ff1b8d939753ea1d2f8cd8e0f 78537 non-free/java optional sun-java6_6-17-1.diff.gz dc13b99e5b5698af6d68dd7119de3f11 29106010 non-free/java optional sun-java6-bin_6-17-1_i386.deb 04fef31462b00c0e5ecf5c9ce389d0f5 1780 non-free/web optional sun-java6-plugin_6-17-1_i386.deb fd4478730eb1a6da24e9b01268ebace1 18527780 non-free/java optional sun-java6-jdk_6-17-1_i386.deb 9c8bb74ea20f99e6e381ed6b608c59ea 12245710 non-free/java optional sun-java6-demo_6-17-1_i386.deb d04d83221dab67b6fe2e580ffadc1aab 6432356 non-free/java optional sun-java6-jre_6-17-1_all.deb 380630ccb864e0d25a81ca8bc3621711 1864 non-free/fonts optional sun-java6-fonts_6-17-1_all.deb a24daaf2dc7dc540331849d69b81d535 17850672 non-free/java optional sun-java6-source_6-17-1_all.deb e2e0c3d84ea02e479ebf0ea065b30826 10038772 non-free/java optional sun-java6-javadb_6-17-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksSPTkACgkQNxpp46476arOBwCeKZNL6t2Ptj4LHtOeYYdER60p gDAAnj52DhjnBcbkVLq0iETxQ55IJf2B =oFvu -----END PGP SIGNATURE-----
--- End Message ---
