Bug#629852: marked as done (Oracle Java SE Critical Patch Update Advisory - June 2011)

Debian Bug Tracking System Thu, 09 Jun 2011 02:54:51 -0700

Your message dated Thu, 09 Jun 2011 09:50:15 +0000
with message-id <e1qubsv-0007pn...@franck.debian.org>
and subject line Bug#629852: fixed in sun-java6 6.26-1
has caused the Debian Bug report #629852,
regarding Oracle Java SE Critical Patch Update Advisory - June 2011
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
629852: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629852
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: openjdk-6-jre, sun-java6-jre
Severity: serious
Tags: security

A new round of java issues:
CVE-2011-0862 CVE-2011-0873 CVE-2011-0815 CVE-2011-0817 CVE-2011-0863 
CVE-2011-0864 CVE-2011-0802
CVE-2011-0814 CVE-2011-0871 CVE-2011-0786 CVE-2011-0788 CVE-2011-0866 
CVE-2011-0868 CVE-2011-0872
CVE-2011-0867 CVE-2011-0869 CVE-2011-0865

Some of the issues seem to be windows specific.

http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

pgpsJyKP3fdCS.pgp
Description: PGP signature

--- End Message ---

--- Begin Message ---

Source: sun-java6
Source-Version: 6.26-1

We believe that the bug you reported is fixed in the latest version of
sun-java6, which is due to be installed in the Debian FTP archive:

sun-java6-bin_6.26-1_i386.deb
  to non-free/s/sun-java6/sun-java6-bin_6.26-1_i386.deb
sun-java6-demo_6.26-1_i386.deb
  to non-free/s/sun-java6/sun-java6-demo_6.26-1_i386.deb
sun-java6-fonts_6.26-1_all.deb
  to non-free/s/sun-java6/sun-java6-fonts_6.26-1_all.deb
sun-java6-javadb_6.26-1_all.deb
  to non-free/s/sun-java6/sun-java6-javadb_6.26-1_all.deb
sun-java6-jdk_6.26-1_i386.deb
  to non-free/s/sun-java6/sun-java6-jdk_6.26-1_i386.deb
sun-java6-jre_6.26-1_all.deb
  to non-free/s/sun-java6/sun-java6-jre_6.26-1_all.deb
sun-java6-plugin_6.26-1_i386.deb
  to non-free/s/sun-java6/sun-java6-plugin_6.26-1_i386.deb
sun-java6-source_6.26-1_all.deb
  to non-free/s/sun-java6/sun-java6-source_6.26-1_all.deb
sun-java6_6.26-1.debian.tar.gz
  to non-free/s/sun-java6/sun-java6_6.26-1.debian.tar.gz
sun-java6_6.26-1.dsc
  to non-free/s/sun-java6/sun-java6_6.26-1.dsc
sun-java6_6.26.orig.tar.gz
  to non-free/s/sun-java6/sun-java6_6.26.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 629...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvestre Ledru <sylves...@debian.org> (supplier of updated sun-java6 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 09 Jun 2011 10:20:23 +0200
Source: sun-java6
Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin 
ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo 
sun-java6-source sun-java6-javadb
Architecture: source i386 all
Version: 6.26-1
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers 
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: Sylvestre Ledru <sylves...@debian.org>
Description: 
 ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit)
 ia32-sun-java6-plugin - Java(TM) Plug-in, Java SE 6 (32-bit)
 sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture 
dependent
 sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples
 sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE)
 sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby
 sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6
 sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture 
independen
 sun-java6-plugin - Java(TM) Plug-in, Java SE 6
 sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files
Closes: 629852
Changes: 
 sun-java6 (6.26-1) unstable; urgency=high
 .
   * New upstream release (Closes: #629852)
   * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
     - (CVE-2011-0862): integer overflows in JPEGImageReader and font
                        SunLayoutEngine (2D, 7013519)
     - (CVE-2011-0873): unspecified vulnerability fixed in 6u26 (2D)
     - (CVE-2011-0815): FileDialog.show() buffer overflow (AWT, 7012520)
     - (CVE-2011-0817): unspecified vulnerabilities fixed in 6u26 (Deployment,
                        JRE)
     - (CVE-2011-0863): unspecified vulnerability fixed in 6u26 (Deployment)
     - (CVE-2011-0864): JVM memory corruption via certain bytecode (HotSpot,
                        7020373)
     - (CVE-2011-0802): unspecified vulnerabilities fixed in 6u26 (Sound)
     - (CVE-2011-0814): unspecified vulnerabilities fixed in 6u26 (Sound)
     - (CVE-2011-0871): MediaTracker created Component instances with
                        unnecessary privileges (Swing, 7020198)
     - (CVE-2011-0786): unspecified vulnerabilities fixed in 6u26 (Deployment,
                        JRE)
     - (CVE-2011-0788): unspecified vulnerabilities fixed in 6u26 (Deployment,
                        JRE)
     - (CVE-2011-0866): unspecified vulnerabilities fixed in 6u26 (Deployment,
                        JRE)
     - (CVE-2011-0868): incorrect numeric type conversion in TransformHelper
                        (2D, 7016495)
     - (CVE-2011-0872): non-blocking sockets incorrectly selected for reading
                        (NIO, 6213702)
     - (CVE-2011-0867): NetworkInterface information leak (Networking, 7013969)
     - (CVE-2011-0869): unprivileged proxy settings change via SOAPConnection
                        (SAAJ, 7013971)
     - (CVE-2011-0865): Deserialization allows creation of mutable SignedObject
                        (Deserialization, 6618658)
Checksums-Sha1: 
 0879d91284878b7619bc74390a3a5bf24e2d4c53 1650 sun-java6_6.26-1.dsc
 c7f15162920859cc5aae1c4a701d4551aff6044e 168156091 sun-java6_6.26.orig.tar.gz
 915812271a5532fe1ff2ffc04dc5d0c2d6815f40 90555 sun-java6_6.26-1.debian.tar.gz
 6839583cc6b59a86fad6d02713278a20172ada00 30153380 sun-java6-bin_6.26-1_i386.deb
 bf050e8deb96a68e7721a8828976ea728a6dd7c6 2002 sun-java6-plugin_6.26-1_i386.deb
 15b2e2e77e15fa4ab0316784ec01ccdd753bedf7 20230264 sun-java6-jdk_6.26-1_i386.deb
 ea49128389683fef830c68fccfc79b481415aa9e 12148058 
sun-java6-demo_6.26-1_i386.deb
 aac77a45cd8b02ec0b44c148c5d6a0eef6ae3882 6377664 sun-java6-jre_6.26-1_all.deb
 da3868539b833b19f1a5e72bec3dc8e7b962c22c 1872 sun-java6-fonts_6.26-1_all.deb
 c5786fc48b8738c10ac2da3a0bf4e51b24f69cc9 17914406 
sun-java6-source_6.26-1_all.deb
 13c95fbdbb117cf1aa0bc7690ae660b43124d56a 10773996 
sun-java6-javadb_6.26-1_all.deb
Checksums-Sha256: 
 169e15d4a829e98de2d7971427fede25f9ecd7923d8268cf2cd0937f78e63206 1650 
sun-java6_6.26-1.dsc
 117b14d15630a41b08885f97d1ff1086ff216a945e23b6784d926cd05f50e7cf 168156091 
sun-java6_6.26.orig.tar.gz
 a887656bac5df85ccae7f511da723151f749748e3c73a1bc41c1e72d58b1955d 90555 
sun-java6_6.26-1.debian.tar.gz
 e4c47e821109cee07c75ddc242e1e357d6d923da93ca6ea08727802027052cfc 30153380 
sun-java6-bin_6.26-1_i386.deb
 4c8fd52521ee6e82fdcad9a6114f4a4558c17f34d05b61d34e5d67b9c1135de4 2002 
sun-java6-plugin_6.26-1_i386.deb
 140de62b241c69e870ea42cc1e2ca7318b421fc923e5b6a18e3703fec75cf2e5 20230264 
sun-java6-jdk_6.26-1_i386.deb
 8cf822a3cca33d84f076d611bb34becb77bff724240af4a7d1126ca0a47d4b51 12148058 
sun-java6-demo_6.26-1_i386.deb
 e425eaf18b213a6af3385cef37766b8c6fb8fe984c3d89302064e52fd164b5d8 6377664 
sun-java6-jre_6.26-1_all.deb
 1c0f34f10e8c5c056e4d9395ff3be694fc21b9761dc1bf093bbcc10319ff5a9b 1872 
sun-java6-fonts_6.26-1_all.deb
 3474e205bc31c52a62e8cb56eb095e88dae4f50e970de7746a97d2618ee1d765 17914406 
sun-java6-source_6.26-1_all.deb
 3faed2ee0b91066cc7973d31712315381dc60946482b25209b6170f6234530da 10773996 
sun-java6-javadb_6.26-1_all.deb
Files: 
 51521fac46da0aef16760bafb18e2d6b 1650 non-free/java optional 
sun-java6_6.26-1.dsc
 3555fae69a9abdba8fe3b5a25475a181 168156091 non-free/java optional 
sun-java6_6.26.orig.tar.gz
 9445d6e1522e9a63f52ae6558a6d5f08 90555 non-free/java optional 
sun-java6_6.26-1.debian.tar.gz
 bae99392a97c588af4e7fb5b2ebaec55 30153380 non-free/java optional 
sun-java6-bin_6.26-1_i386.deb
 72aded459af984f4b94b9a6ee42845c9 2002 non-free/web optional 
sun-java6-plugin_6.26-1_i386.deb
 794232c7982603107fcf596c116ac463 20230264 non-free/java optional 
sun-java6-jdk_6.26-1_i386.deb
 ef6d35a4ab961e1f1aa7b91e936e1cb2 12148058 non-free/java optional 
sun-java6-demo_6.26-1_i386.deb
 657950338d9c1dc60265fa95bd826004 6377664 non-free/java optional 
sun-java6-jre_6.26-1_all.deb
 ff51614ded97f74c35698d87b7f6f0dd 1872 non-free/fonts optional 
sun-java6-fonts_6.26-1_all.deb
 c9860b299245c712cc633afc5d8e29f9 17914406 non-free/java optional 
sun-java6-source_6.26-1_all.deb
 904c958b481496b2f0cac74207f0b2d2 10773996 non-free/java optional 
sun-java6-javadb_6.26-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3wkykACgkQiOXXM92JlhAJaACfdCKBima5fvwhJeuURR6XfDx1
PVAAoKzTk2AE8eagmqJZqpcWRiYKs0YD
=zu8f
-----END PGP SIGNATURE-----

--- End Message ---

Bug#629852: marked as done (Oracle Java SE Critical Patch Update Advisory - June 2011)

Reply via email to