Your message dated Mon, 13 Jun 2011 13:55:31 +0000
with message-id <e1qw7c3-0000su...@franck.debian.org>
and subject line Bug#629852: fixed in sun-java6 6.26-0squeeze1
has caused the Debian Bug report #629852,
regarding Oracle Java SE Critical Patch Update Advisory - June 2011
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
629852: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629852
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openjdk-6-jre, sun-java6-jre
Severity: serious
Tags: security
A new round of java issues:
CVE-2011-0862 CVE-2011-0873 CVE-2011-0815 CVE-2011-0817 CVE-2011-0863
CVE-2011-0864 CVE-2011-0802
CVE-2011-0814 CVE-2011-0871 CVE-2011-0786 CVE-2011-0788 CVE-2011-0866
CVE-2011-0868 CVE-2011-0872
CVE-2011-0867 CVE-2011-0869 CVE-2011-0865
Some of the issues seem to be windows specific.
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
pgpTZTvv3PH21.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: sun-java6
Source-Version: 6.26-0squeeze1
We believe that the bug you reported is fixed in the latest version of
sun-java6, which is due to be installed in the Debian FTP archive:
ia32-sun-java6-bin_6.26-0squeeze1_amd64.deb
to non-free/s/sun-java6/ia32-sun-java6-bin_6.26-0squeeze1_amd64.deb
sun-java6-bin_6.26-0squeeze1_amd64.deb
to non-free/s/sun-java6/sun-java6-bin_6.26-0squeeze1_amd64.deb
sun-java6-demo_6.26-0squeeze1_amd64.deb
to non-free/s/sun-java6/sun-java6-demo_6.26-0squeeze1_amd64.deb
sun-java6-fonts_6.26-0squeeze1_all.deb
to non-free/s/sun-java6/sun-java6-fonts_6.26-0squeeze1_all.deb
sun-java6-javadb_6.26-0squeeze1_all.deb
to non-free/s/sun-java6/sun-java6-javadb_6.26-0squeeze1_all.deb
sun-java6-jdk_6.26-0squeeze1_amd64.deb
to non-free/s/sun-java6/sun-java6-jdk_6.26-0squeeze1_amd64.deb
sun-java6-jre_6.26-0squeeze1_all.deb
to non-free/s/sun-java6/sun-java6-jre_6.26-0squeeze1_all.deb
sun-java6-plugin_6.26-0squeeze1_amd64.deb
to non-free/s/sun-java6/sun-java6-plugin_6.26-0squeeze1_amd64.deb
sun-java6-source_6.26-0squeeze1_all.deb
to non-free/s/sun-java6/sun-java6-source_6.26-0squeeze1_all.deb
sun-java6_6.26-0squeeze1.debian.tar.gz
to non-free/s/sun-java6/sun-java6_6.26-0squeeze1.debian.tar.gz
sun-java6_6.26-0squeeze1.dsc
to non-free/s/sun-java6/sun-java6_6.26-0squeeze1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 629...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Torsten Werner <twer...@debian.org> (supplier of updated sun-java6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 09 Jun 2011 16:56:39 +0200
Source: sun-java6
Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin
ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo
sun-java6-source sun-java6-javadb
Architecture: source amd64 all
Version: 6.26-0squeeze1
Distribution: stable
Urgency: high
Maintainer: Debian Java Maintainers
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: Torsten Werner <twer...@debian.org>
Description:
ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit)
ia32-sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 (32-bit)
sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture
dependent
sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples
sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE)
sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby
sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6
sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture
independen
sun-java6-plugin - The Java(TM) Plug-in, Java SE 6
sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files
Closes: 629852
Changes:
sun-java6 (6.26-0squeeze1) stable; urgency=high
.
[ Sylvestre Ledru ]
* New upstream release (Closes: #629852)
* SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
- (CVE-2011-0862): integer overflows in JPEGImageReader and font
SunLayoutEngine (2D, 7013519)
- (CVE-2011-0873): unspecified vulnerability fixed in 6u26 (2D)
- (CVE-2011-0815): FileDialog.show() buffer overflow (AWT, 7012520)
- (CVE-2011-0817): unspecified vulnerabilities fixed in 6u26 (Deployment,
JRE)
- (CVE-2011-0863): unspecified vulnerability fixed in 6u26 (Deployment)
- (CVE-2011-0864): JVM memory corruption via certain bytecode (HotSpot,
7020373)
- (CVE-2011-0802): unspecified vulnerabilities fixed in 6u26 (Sound)
- (CVE-2011-0814): unspecified vulnerabilities fixed in 6u26 (Sound)
- (CVE-2011-0871): MediaTracker created Component instances with
unnecessary privileges (Swing, 7020198)
- (CVE-2011-0786): unspecified vulnerabilities fixed in 6u26 (Deployment,
JRE)
- (CVE-2011-0788): unspecified vulnerabilities fixed in 6u26 (Deployment,
JRE)
- (CVE-2011-0866): unspecified vulnerabilities fixed in 6u26 (Deployment,
JRE)
- (CVE-2011-0868): incorrect numeric type conversion in TransformHelper
(2D, 7016495)
- (CVE-2011-0872): non-blocking sockets incorrectly selected for reading
(NIO, 6213702)
- (CVE-2011-0867): NetworkInterface information leak (Networking, 7013969)
- (CVE-2011-0869): unprivileged proxy settings change via SOAPConnection
(SAAJ, 7013971)
- (CVE-2011-0865): Deserialization allows creation of mutable SignedObject
(Deserialization, 6618658)
.
[ Torsten Werner ]
* Upload to stable.
Checksums-Sha1:
de08a4602f357510d8c5eed1715297240227ea57 1690 sun-java6_6.26-0squeeze1.dsc
b0f58538654918bf690308e5412fbb17327c847b 88572
sun-java6_6.26-0squeeze1.debian.tar.gz
b7f9d5563662d74540deb1437c2b792855d9487c 28677920
sun-java6-bin_6.26-0squeeze1_amd64.deb
20e081d8c865389247d9d02607ecb4e99de307d5 2014
sun-java6-plugin_6.26-0squeeze1_amd64.deb
02a1f353c93f6508db281e08b1811f0a50d52c03 30159346
ia32-sun-java6-bin_6.26-0squeeze1_amd64.deb
2440dd00c7640074ee9391f8ca1f2eea3fa79b24 20402560
sun-java6-jdk_6.26-0squeeze1_amd64.deb
b9a8e81cafdb19b03f5931bdc3489062378a7db6 12153110
sun-java6-demo_6.26-0squeeze1_amd64.deb
20a92471517089ccea32d7546ce4c8239e61b143 6512932
sun-java6-jre_6.26-0squeeze1_all.deb
6c0108016899e24b4334584a1f365c44601edbb8 1886
sun-java6-fonts_6.26-0squeeze1_all.deb
891140b8ed520bb6fbf87ce949eb88f358f47b34 17946408
sun-java6-source_6.26-0squeeze1_all.deb
977660d571e7b5ee56d67978fdc8923ecd8d521c 10779806
sun-java6-javadb_6.26-0squeeze1_all.deb
Checksums-Sha256:
9d8bde02f7a2e3894e2dcaa99da68d59c92c0a4e6c7d20ae7ea0d99ff62ca435 1690
sun-java6_6.26-0squeeze1.dsc
c6b35f70c19715f6b35ff523b3b518cf3fc23ffda4d1ab6a9e9de452572eee5d 88572
sun-java6_6.26-0squeeze1.debian.tar.gz
3ef86b6a49fb5d9f2bd85f619f91b0eb7c60036eb173d61c52a1b1a163937177 28677920
sun-java6-bin_6.26-0squeeze1_amd64.deb
fc1252e989a525ceaafee556ff260c42f06cf3890ba20bb852ca220cb4d4912f 2014
sun-java6-plugin_6.26-0squeeze1_amd64.deb
b6a56a0618541f2706f1613df091117e895695ea11754384633de1da060bd12b 30159346
ia32-sun-java6-bin_6.26-0squeeze1_amd64.deb
186f55e017556f4362e688dc647ac9cc8e9a158a8bf50c1353d96d9ddf8a3b6f 20402560
sun-java6-jdk_6.26-0squeeze1_amd64.deb
0a0fbea8e62e9c9730733aad64d92d532b343abcf12069b06c6571c3dde5e67f 12153110
sun-java6-demo_6.26-0squeeze1_amd64.deb
99bcd26a280782f219af935a6ba156edafc1277da1725d516bb28aea47517c8c 6512932
sun-java6-jre_6.26-0squeeze1_all.deb
0a1439e251b78fce1b53a86cea9eed3e2ea892a199c2e14a0fcd3b3141309f41 1886
sun-java6-fonts_6.26-0squeeze1_all.deb
2dca7b2256be3b0e68135cf0f51e4afe4ae5ad65a05dcfeafcf5c8c8bf7b4326 17946408
sun-java6-source_6.26-0squeeze1_all.deb
5bef1d68b1285c947bec01dba9d6e1d90bca9dc69daf2d20619e1474a336ba2d 10779806
sun-java6-javadb_6.26-0squeeze1_all.deb
Files:
5b1227a5681809bd3b19adedf5c70577 1690 non-free/java optional
sun-java6_6.26-0squeeze1.dsc
fd1ca19ce6e19094e39102c731b7f76f 88572 non-free/java optional
sun-java6_6.26-0squeeze1.debian.tar.gz
32c9ff1ce9b93a95976c4ca95d926ab4 28677920 non-free/java optional
sun-java6-bin_6.26-0squeeze1_amd64.deb
43c6e10a7db349700640cb266da524eb 2014 non-free/web optional
sun-java6-plugin_6.26-0squeeze1_amd64.deb
c3533766e28e319f103fdc943d94409e 30159346 non-free/java optional
ia32-sun-java6-bin_6.26-0squeeze1_amd64.deb
f70f5bf6e582f044a322beb83e7d2a78 20402560 non-free/java optional
sun-java6-jdk_6.26-0squeeze1_amd64.deb
c5fa9b99d9b3effc6e8aefd761c07789 12153110 non-free/java optional
sun-java6-demo_6.26-0squeeze1_amd64.deb
24ebf81f794a62f2f1a6bc9a30f5c13b 6512932 non-free/java optional
sun-java6-jre_6.26-0squeeze1_all.deb
e8bcc94ed27b2768395a798084a41d3c 1886 non-free/fonts optional
sun-java6-fonts_6.26-0squeeze1_all.deb
56b1e7f956ff995360964c84af5a18dc 17946408 non-free/java optional
sun-java6-source_6.26-0squeeze1_all.deb
183d0025658c0752a5e9747060a540a1 10779806 non-free/java optional
sun-java6-javadb_6.26-0squeeze1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk3w5GkACgkQfY3dicTPjsNItwCgkF4o/TwPhSa9itIBrhnY2Tev
vcQAnRR2PKUCbGuQ/oUJEuL8NulSp7rG
=U/EJ
-----END PGP SIGNATURE-----
--- End Message ---
