| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: java-1_6_0-openjdk-plugin | Distribution: openSUSE 11.3 |
| Version: 1.6.0.0_b18 | Vendor: openSUSE |
| Release: 1.1.5 | Build date: Fri Aug 20 15:57:42 2010 |
| Group: Development/Languages/Java | Build host: build31 |
| Size: 213384 | Source RPM: java-1_6_0-openjdk-1.6.0.0_b18-1.1.5.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://openjdk.java.net/ | |
| Summary: Java web browser plugin based on OpenJDK 6 and IcedTea 6 | |
This package provides a Java plugin for using Java applets in web browsers such as FireFox. It is based on gcjwebplugin using OpenJDK 6 and IcedTea 6. In Firefox, you can check the plugin used by the browser by typing the URL about:plugins into the URL field of the navigation toolbar.
GPLv2 ; - with the OpenJDK Assembly Exception and the GNU Classpath Exception
* Thu Jul 29 2010 mvyskocil@suse.cz
- update to icedtea6-1.8.1 (bnc#623905)
- update to openjdk-6-b18
- Latest security updates and hardening patches:
* (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299)
* (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
* (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653)
* (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217)
* (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954)
* (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390)
* (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703)
* (CVE-2010-0088): Inflater/Deflater clone issues (6745393)
* (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
* (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149)
* (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
* (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
* (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)
* (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823)
* (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866)
* (CVE-2009-3555): TLS: MITM attacks via session renegotiation
- IcedTeaNPPlugin.
* RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error
* Set context classloader for all threads in an applet's threadgroup
* PR436: Close all applet threads on exit
* PR480: NPPlugin with NoScript extension.
* PR488: Question mark changing into underscore in URL.
* RH592553: Fix bug causing 100% CPU usage.
* Don't generate a random pointer from a pthread_t in the debug output.
* Add ForbiddenTargetException for legacy support.
* Use variadic macro for plugin debug message printing.
* Don't link the plugin with libxul libraries.
* Fix race conditions in plugin initialization code that were causing hangs.
* RH506730: BankID (Norwegian common online banking authentication system) applet fails to load.
* Fix policy evaluation to match the proprietary JDK.
* PR491: pass java_{code,codebase,archive} parameters to Java.
* Adds javawebstart.version property and give user permission to read that property.
* Old plugin removed; NPPlugin is now the default and is controlled by
- -enable/disable-plugin. As with the old plugin, it produces a
IcedTeaPlugin.so library rather than IcedTeaNPPlugin.so.
* Dependence on the binary plugs mechanism removed. The plugin and NetX
code is now imported into the JDK build in the same manner as langtools,
CORBA, JAXP and JAXWS.
* Fix for plugin buffer overflow: https://bugzilla.mozilla.org/show_bug.cgi?id=555342
- NetX:
* Fix security flaw in NetX that allows arbitrary unsigned apps to set
any java property.
* Fix a flaw that allows unsigned code to access any file on the
machine (accessible to the user) and write to it.
* Make path sanitization consistent; use a blacklisting approach.
* Make the SingleInstanceServer thread a daemon thread.
* Handle JNLP files which use native libraries but do not indicate it
* Allow JNLP classloaders to share native libraries
* Added encoding support
- bug fixes
* Nimbus Look 'n' Feel backported from OpenJDK7.
* JAXP and JAXWS now external dependencies rather than being in-tree.
* 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups
* 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs
* 6910590: Application can modify command array in ProcessBuilder
* 6909597: JPEGImageReader stepX Integer Overflow Vulnerability
* 6932480: Crash in CompilerThread/Parser. Unloaded array klass?
* 6678385: Fixes jvm crashes when window is resized.
* Produces the "expected" behavior for full screen applications, when
running the Metacity window manager.
* Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code
* Zero/Shark
* Shark is now able to build itself.
* For ARM, add Thumb2 JIT.
* Fixed Shark sharkCompiler mattr memory corruption bug when using llvm 2.7.
* others
http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html
* Eliminate spurious exception throwing when using PulseAudio
* PR shark/483: Fix miscompilation of sun.misc.Unsafe::getByte.
* PR PR icedtea/324, icedtea/481: Fix Shark VM crash.
* Fix Zero build on Hitachi SH.
* PR476: Enable building SystemTap support on GCC 4.5.
- disabled systemtap support on openSUSE 11.2, as it requires more recent version
- require xulrunner191 on 11.1 too
* Thu May 20 2010 mvyskocil@suse.cz
- Change the policytool.desktop category to Utilities
* Wed May 19 2010 ro@suse.de
- set locale to utf-8 variant to fix build
(broke when going over certificates with utf-8 filenames)
* Thu May 13 2010 mvyskocil@suse.cz
- fix bnc#603316: openjdk run out of file descriptors
* add openjdk-6-src-b17-stack-protector-fclose.patch
add the missing fclose to the stack-protector patch
* Wed Apr 28 2010 mvyskocil@suse.cz
- fixes ppc build
* enable nio2 only for ix86 and x86_64
* refresh openjdk-6-src-b17-no-return-in-nonvoid-function-ppc.patch
- ignore old libopenssl on 11.3+
- use patch -i, instead of shell redirection
* Mon Apr 12 2010 mvyskocil@suse.cz
- update to icedtea6-1.7.3 (bnc#594415)
- security and hardending
* (CVE-2010-0837): JAR “unpack200â€⊃ must verify input parameters (6902299)
* (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807
* (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653)
* (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217)
* (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954)
* (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390)
* (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703)
* (CVE-2010-0088): Inflater/Deflater clone issues (6745393)
* (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
* (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149)
* (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
* (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
* (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)
* (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823)
* (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866)
* (CVE-2009-3555): TLS: MITM attacks via session renegotiation
* 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups
* 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs
* 6910590: Application can modify command array in ProcessBuilder
* 6909597: JPEGImageReader stepX Integer Overflow Vulnerability
* 6932480: Crash in CompilerThread/Parser. Unloaded array klass?
- Bug fixes:
* Backport of 6822370: ReentrantReadWriteLock: threads hung when there are no threads holding onto the lock
* Increase ThreadStackSize by 512kb on 32-bit Zero platforms
* Check cacerts database is valid
* Fix for plugin buffer overflow: Mozilla bug 555342
* Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code
* Thu Mar 18 2010 mvyskocil@suse.cz
- fix bnc#589021 - Better protect java stack
* openjdk-6-src-b17-stack-protector.patch
* Thu Mar 04 2010 mvyskocil@suse.cz
- Updates:
* icedtea6-1.7
* openjdk6 b17 14_oct_2009
- Enabled NPPlugin - fix [bnc#582206]
- patches changes:
* obsolete java-1.6.0-openjdk-sparc-fixes.patch
* obsolete java-1.6.0-openjdk-sparc-hotspot.patch
* obsolete icedtea6-1.6-npplugin-xulrunner191.patch
* obsolete icedtea6-1.6-no-return-in-nonvoid-function.patch
* obsolete icedtea6-ecc-support-b387a64caa08.patch
* add a lot of patches fixes a build of openjdk6 with gcc4.5 using
- Werror -Wall
openjdk-6-src-b17-no-multiline-comments.patch
openjdk-6-src-b17-enumeration-value.patch
openjdk-6-src-b17-suggest-parentheses.patch
openjdk-6-src-b17-no-efect.patch
openjdk-6-src-b17-initialized-after.patch
openjdk-6-src-b17-unused-variable.patch
* openjdk-6-src-b17-no-werror.patch (suppress the errors in autogenerated
code)
* icedtea6-1.7-no-return-in-non-void.patch
- move the noarch content to %%{_datadir}/ and create symlinks in usual
locations
- move demo/jvmti to the -devel package as it contains so files
- enable the --short-circuit in %%install section
- new alternatives - policytool and policytool.1.gz
* Tue Feb 09 2010 prusnak@suse.cz
- enable noarch subpackages
* Mon Nov 23 2009 mvyskocil@suse.cz
- Removed openjdk-6-src-b14-confluence-crash.patch from source dir
* Tue Nov 10 2009 mvyskocil@suse.cz
- Fixed bnc#554069 - VUL-0: Icedtea6 1.6.2 released
* a lot of security patches in icedtea6-1.6.2
* Improved jar performance,
http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/b35f1e5075a4
- Obsoleted java-1.6.0-openjdk-makefile.patch
* Wed Oct 14 2009 mvyskocil@suse.cz
- Fixed bnc#546468: openjdk fails on certificate creation
applied upstream patch icedtea6-ecc-support-b387a64caa08.patch
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=356
- Moved back from npplugin, as its not mature
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=385#c5
* Thu Oct 08 2009 mvyskocil@suse.cz
- Use 1.6.0 instead of javamajver macro to supress percent in provides error.
* Tue Sep 29 2009 mvyskocil@suse.cz
- fixed bnc#542545: added 32/64bit specific provides to be compatible with
other JVM and OpenOffice.org
* Thu Sep 10 2009 mvyskocil@suse.cz
- Updates:
* icedtea6-1.6 - fixes bnc#537969
* hospot 09f7962b8b44
- patches changes:
* added icedtea6-1.6-npplugin-xulrunner191.patch
* added java-1.6.0-openjdk-sparc-fixes.patch (from Fedora)
* added java-1.6.0-openjdk-sparc-hotspot.patch (from Fedora)
* added icedtea6-1.6-no-return-in-nonvoid-function.patch
(allows build on 11.1)
* regenerated java-1.6.0-openjdk-java-access-bridge-security.patch
* regenerated java-1.6.0-openjdk-makefile.patch
* removed icedtead6-1.5-npplugin-xulrunner191.patch
* removed java-1.6.0-openjdk-execvpe.patch
* removed java-1.6.0-openjdk-netx.patch
* Wed Aug 19 2009 mvyskocil@suse.cz
- Fixed bnc#530046 - jmap fails: NoSuchSymbolException: Could not find symbol
"gHotSpotVMTypeEntryTypeNameOffset"
keep non debug symbols in libjvm.so
* Tue Aug 11 2009 mvyskocil@suse.cz
- Updates:
* icedtea6-1.5.1 contains a lot of security fixes from Sun JDK6u15
This includes fixes for:
* bnc#524505: Vulnerability in OpenJDK/NetX
* bnc#514421: XML Signature weakness (HMAC truncation)
- Fixed bnc#521512: lcms pointer dereference
- Dropped some s390 patches, because they was obsoleted and not used
- Fixed bnc#525097 - openjdk installs dead .desktop files
* now removed *.desktop from %%files of openjdk
* Wed Jul 29 2009 mvyskocil@suse.cz
- Updates:
* icedtea-1.5
* visualvm-111
* hotspot 25a020f13592
- Fixed bnc#525097 - openjdk installs dead .desktop files
- Remove archsuffix usage
- patches changes:
* added java-1.6.0-openjdk-accessible-toolkit.patch
* added java-1.6.0-openjdk-netx.patch
* added java-1.6.0-openjdk-execvpe.patch
* added icedtead6-1.5-nppplugin-xulrunner191.patch
* removed openjdk-6-src-b14-confluence-crash.patch
* refreshed java-1.6.0-openjdk-makefile.patch
- new features and fixes:
* Fixed security handling to prevent access denials when there is a site
specific exception in the policy file
* Allow extentions (chrome) to run Java code with full permissions
* Added non-trusted SSL support to WebStart (javaws)
* Added proxy support
* Other improvements that were breaking specific sites (tag parser fix,
nested jar support, etc.)
* Added JVM Console (used by http://chrispederick.com/work/web-developer/)
* Many gervill, java2d, nio2, pulse java, zero/shark, jtreg fixes.
* New IcedTeaNPPlugin
* Thu Jun 11 2009 mvyskocil@suse.cz
- Merged fontfonfig for openjdk and Sun:
* Use Sazanami Mincho for monospaced fonts
* Added AWT X11 font paths
* Mon May 25 2009 mvyskocil@suse.cz
- Enabled systemtap only for jit architectures only
- Refreshed non-return-in-non-void ppc patch
* Fri May 15 2009 mvyskocil@suse.cz
- 'used systemtap-sdt-devel (see bnc#503088)'
* Thu May 14 2009 mvyskocil@suse.cz
- Change version system for openjdk, now it uses a
%%{javaver}.%%{buildver}_%{{openjdkver}
- Enabled systemtap support
- Moved jpackage macro definitions upper in spec
* Wed May 13 2009 mvyskocil@suse.cz
- updates:
* openjdk b16
* icedtea snapshot cc658d9f4a64
* hotspot snapshot fc6a5ae3fef5
- new features:
* systemtap support (not yet enabled in SUSE)
* removed gcjwebplugin
* fixed lcms breakage
https://bugs.openjdk.java.net/show_bug.cgi?id=100050
* fixes in JNLP runtime
* various improvements in support of third party VMs (shark, cacao, zero)
- patches changes:
* removed obsoleted pulseaudio patch
* added openjdk-6-src-b16-no-return-in-nonvoid-function.patch
- enabled tests
- build using xulrunner 1.9.1 on 11.2
* Tue Apr 21 2009 mvyskocil@suse.cz
- fixed bnc#496378: openjdk has an empty keystore
* Tue Apr 14 2009 mvyskocil@suse.cz
- fixed bnc#493146: pulse-java integer overflow
* Tue Apr 07 2009 mvyskocil@suse.cz
- fixed bnc#492555: tomcat6 and confluence causes a JVM crash
http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/039a914095f4
* Fri Apr 03 2009 mvyskocil@suse.cz
- icedtea 1.4.1:
- Fixed version string: Set PRODUCT_NAME to OpenJDK, unless doing a CACAO
build (set to IcedTea).
- Plugin fixes: icedtead bug#264.
- Re-implemented visualvm.
* Mon Mar 02 2009 mvyskocil@suse.cz
- fixed ppc/ppc64 build bnc#471829 comment#28
- added openjdk-6-src-b14-no-return-in-nonvoid-function-ppc.patch
/usr/lib64/jvm/java-1.6.0-openjdk-1.6.0/jre/lib/amd64/IcedTeaPlugin.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Jun 10 04:57:03 2013