java-1_4_2-sun-1.4.2_update17-0.1 RPM for i586

From SuSE Linux 10.2 updates for i386 / rpm / i586

The Java(TM) 2 Runtime Environment contains the Java virtual machine,
runtime class libraries, and Java application launcher that are
necessary to run programs written in the Java progamming language. It
is not a development environment and does not contain development tools
such as compilers and debuggers.  For development tools, see the
java-1_4_2-sun-devel package.

The Java 2 Runtime Environment is intended for software developers and
vendors who wish to redistribute their applications.

Provides

• java-1_4_2-sun
• jre-1.4.2-sun
• jre-sun
• jre-1.4.2
• java-1.4.2
• jre
• java-sun
• java
• java-1.4.2
• javaws
• jndi
• jndi-ldap
• jndi-cos
• jndi-rmi
• jndi-dns
• jaas
• jsse
• jce
• jdbc-stdext
• jdbc-stdext
• jre1.1.x
• jre1.2.x
• jre1.3.x
• jre1.4.x
• java2-jre
• j2re
• j2re
• libawt.so
• libcmm.so
• libdcpr.so
• libdt_socket.so
• libfontmanager.so
• libhpi.so
• libhprof.so
• libioser12.so
• libjaas_unix.so
• libjava.so
• libjawt.so
• libjcov.so
• libjdwp.so
• libjpeg.so
• libjsig.so
• libjsound.so
• libjvm.so
• libmlib_image.so
• libnative_chmod.so
• libnet.so
• libnio.so
• librmi.so
• libverify.so
• libzip.so

Requires

• /usr/sbin/update-alternatives
• /bin/ln
• jpackage-utils
• /bin/sh
• /bin/sh
• /bin/bash
• libX11.so.6
• libXext.so.6
• libXi.so.6
• libXp.so.6
• libXt.so.6
• libXtst.so.6
• libawt.so
• libc.so.6
• libdl.so.2
• libjava.so
• libjvm.so
• libm.so.6
• libmlib_image.so
• libnet.so
• libnsl.so.1
• libpthread.so.0
• libverify.so

Copyright

Other License(s), see package

Signatures

internal MD5: 8c6151dc024cd4800a5ce3ad0e92c194

GPG

Changelog

* Wed Mar 26 2008 - mvyskocil@suse.cz
  - update to 1.4.2u17: VUL-0: java: multiple vulnerabilities [bnc#368134]
  - CVE-2008-1158: Unspecified vulnerability in the Virtual Machine for
    Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0
    Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote
    attackers should gain privileges via an untrusted application or applet, a
    different issue than CVE-2008-1186.
  - CVE-2008-1186: Unspecified vulnerability in the Virtual Machine for
    Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier,
    and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain
    privileges via an untrusted application or applet, a different issue
    than CVE-2008-1185.
  - CVE-2008-1187: Unspecified vulnerability in Sun Java Runtime
    Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and
    earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to
    cause a denial of service (JRE crash) and possibly execute arbitrary
    code via unknown vectors related to XSLT transforms.
  - CVE-2008-1189: Buffer overflow in Java Web Start in Sun JDK and JRE
    6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE
    1.4.2_16 and earlier allows remote attackers to execute arbitrary code
    via unknown vectors, a different issue than CVE-2008-1188.
  - CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun
    JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and
    SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain
    privileges via an untrusted application, a different issue than
    CVE-2008-1191.
  - CVE-2008-1192: Unspecified vulnerability in the Java Plug-in for Sun
    JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and
    SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows
    remote attackers to bypass the same origin policy and "execute local
    applications" via unknown vectors.
  - CVE-2008-1195: Unspecified vulnerability in Sun JDK and Java Runtime
    Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and
    earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers
    to access arbitrary network services on the local host via unspecified
    vectors related to JavaScript and Java APIs.
  - CVE-2008-1196: Stack-based buffer overflow in Java Web Start
    (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update
    14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote
    attackers to execute arbitrary code via a crafted JNLP file.
* Thu Oct 11 2007 - mvyskocil@suse.cz
  - update to 1.4.2 / 16  [#332137]
     - Fixed vulnerabilities: CVE-2007-5232, CVE-2007-5236,
    CVE-2007-523, CVE-2007-523, CVE-2007-5240
* Tue Jul 03 2007 - dbornkessel@suse.de
  - update to 1.4.2 / 15 (Bug #284436 and Bug #271324)
    Changes in 1.4.2_15
    The official version number for this update release is 1.4.2_15-b02.
    OlsonData 2007f
    This release contains Olson time zone data version 2007f. For more information, see US DST Timezone Updater.
    Bug Fixes:
    - Additional path for 5.0 jvm crash on exhaustion of CodeBuffer
    - Running codecache out of space can cause vm abort.
    - CTW failure in optimize_inlining()
    - Badly formed debug statement in ReferenceProcessor::delete_null_referents_from_lists
    - Some GC info are not redirected to -Xloggc file
    - VM crashes because of something related to LoaderConstraintEntry in 6.0
    - Message on UnsatisfiedLinkError is not displayed correctly in Japanese locale
    - Java2D: Aakar and Rekha fonts crash JDK.
    - RI crashes on Windows when executing tests.api.java.awt.Toolkit.CursorTests
    - Regression: getResourceAsStream cannot access a resource inside a jar file that has spaces in path
    - regression of 5017051
    - Resources with percent encoded characters no longer load with 1.4.2_13
    - Nightly: Jaws hang on "Starting application..." window
    - 30 MB memory trashed to get 30 kb string url encoded
    - CR 4964288 (sound, Unexpected IAE raised while getting TargetData) is not fixed in windows-amd64 JDK
    - api/javax_sound/sampled/TargetDataLine/index.html#TargetDataLine fails
    - JFileChooser throws OOM in 1.4.2, 5.0u4 and 1.6.0
    - JFileChooser seems to cause OutOfMemory in 1.4.2, 5.0u4 and mustang-b75
    - (tz) Support tzdata2007f
    - ZipInputStream does not check CRC for stored (uncompressed) files
    - deadlock occurs in LogManager initialization and JVM termination
    - deadlock in LogManager
    - HeapDumpOnOutOfMemoryError option doesn't work with through-put collector in 1.4.2
    - jmap -permstat fails with Out of swap because uses too much memory
    - IE hangs when a modal dialog is active with concurrent window re-focus activities
    - Print Dialogue should be modal in 1.4.2/5.0
    - ControlPanelApplet can be access from client application
    - request header has garbage characters when size of cookie is greater than 4k
    - 1.4.2_15 MIME type in Java Plug-in 1.4.2_15-ea-b01 is missing
    - DNS provider does not cleanup resources properly
    Changes in 1.4.2_14
    The official version number for this update release is 1.4.2_14-b05.
    US Daylight Savings Time Sun Alert 102836
    Bug 6530336 that was part of Sun Alert 102836, has been fixed in this release. As a result, it is no longer necessary to run the tzupdater tool with the -bc flag to work around this bug. Bug 6466476, that was also part of Sun Alert 102836 has not yet been fixed. If your application uses the deprecated java.util.Timezone IDs and is sensitive to the behavior outlined in 6466476, you will still need to run the tzupdater tool with the -bc flag as a work-around. Note that running tzupdater with the -bc flag does not hinder the fix for 6530336 in any way.
    This release contains Olson time zone data version 2007a. If you need the latest Olson data (currently 2007c) in order to accommodate the America/Indiana/Winamac changes (see US Daylight Savings Time Changes and the Java SE Platform: FAQ (Appendix)), then you will need to run the tzupdater (with -bc flag as appropriate) after installing this release. Please see Sun Java SE JDK tzupdater Tool for more information on how to do this.
    Bug Fixes
    Bug fixes are listed in the following table.
    - hotspot SIGSEGV in CE_Eliminator::block_do
    - Remainder operation seems to cause an exception in 1.4.2_12
    - Excessively long CMS preclean cycle eventually leads to concurrent mode failure
    - 1.4.2_11 java_g iCMS assert(referent->is_oop(),"Adding a bad referent")")
    - 1.5.0: CMS: misleading preclean and abortable preclean statistics
    - Crash due to fatal error in Par_PushAndMarkClosure::do_oop()
    - CMS+ParNew: wildly different ParNew pause times depending on heap shape caused by allocation spread
    - Memory leaks of C-heap allocated ResourceObjs
    - Assertion failure "wrong array object size"
    - CMS: NewRatio ignored in the setting of NewSize and MaxNewSize
    - CMS: Enable icms statistics gathering from cms initiation
    - ParNewGC times spiking, eventually taking up 20 out of every 30 seconds
    - Allocation of huge array which would cause OutOfMemoryError causes JVM to hang with -Xincgc
    - The JVM unblocks SIGUSR1 if the -XX:+UseAltSigs option is used.
    - delayed attach JVMPI clients hang after setup of JVMPI interface
    - Abort (core dumped) occurs related to deoptimization in 1.4.2_07
    - compatibility issue due to 5060487
    - icache invalidation code can segv
    - JVM should output some message when VM cannot get contiguous memory with big -Xmx in 1.4.2
    - java.beans.EventHandler defeats AWT exception handling
    - (process) Runtime.exec won't execute programs belonging to other groups on Unix
    - HTTP Request-URI contains fragment when connecting through proxy
    - URLConnection is silently retrying POST request
    - VISTA: Socket setTcpNoDelay & setKeepAlive working incorrectly
    - (bf) ByteBuffer.reset throws InvalidMarkException if ByteBuffer.duplicate called when mark == 0
    - (so) Missing encoding conversion in handleSocketError
    - (tz) DST bug in latest jdk releases when using EST MST and HST abbreviations
    - (tz) Support tzdata2006n
    - (tz) Support tzdata2007a
    - (tz) Support tzdata2006p
    - FREE_AND_RETURN_NULL target in readLoc() in zip_util.c is missing null check
    - Copyright year need to modify with 2007 in J2SE UR releases
    - error message at rpm uninstall, deleted /etc/mailcap
    - CAxControl::OnJSInvokeMethod() - Access violation potential
    - To download an applet does not finish for 10 minutes with proxy server and IIS
    - Plugin can freeze when multiple applets use Thread.setName()
    - krb5 shouldn't use an empty salt field in KRB_ERROR
    - could put in a workaround for 4796657
* Thu Dec 21 2006 - dbornkessel@suse.de
  - Security update to version 1.4.2 update 13 due to Bug #229905
    For more info consult Sun advisory page at:
    http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1
* Wed Sep 13 2006 - dbornkessel@suse.de
  - Update to 1.4.2 update 12
  - Versioning naming according to sun style (1.4.2_update12)
* Wed Aug 16 2006 - sndirsch@suse.de
  - fixed font paths for X.Org 7
* Mon Jul 10 2006 - dbornkessel@suse.de
  - deleted explicit self-provide of jdbc sub-package
* Wed Apr 19 2006 - dbornkessel@suse.de
  - subsequent update-alternatives call deleted symbolic links (Bug #164953)
* Mon Mar 27 2006 - dbornkessel@suse.de
  - update to 1.4.2-11 due to Bug #158033
  - Provide j2re for runtime and j2sdk for sdk ... Bug #160109
* Fri Mar 17 2006 - dbornkessel@suse.de
  - added versionless jdbc provide:
    Provides:       %{name}-jdbc = %{version}, %{name}-jdbc,  java-jdbc = %{version}, java-jdbc
* Mon Mar 13 2006 - dbornkessel@suse.de
  - added missing PreReq: /usr/bin/update-alternatives
* Fri Feb 17 2006 - stbinner@suse.de
  - fix Name<->GenericName duplication .desktop file
* Mon Feb 13 2006 - schwab@suse.de
  - Fix %pluginpath.
* Wed Jan 25 2006 - mls@suse.de
  - converted neededforbuild to BuildRequires
* Thu Dec 15 2005 - dbornkessel@suse.de
  - NoSource'd binary tar balls
* Fri Nov 18 2005 - dbornkessel@suse.de
  - updated to 1.4.2-10
  - removed x86_64 as a build platform, as we don't have a package for that platform
  - created menu entry for plugin configuration tool and javaws
  - created plugin link in /usr/lib/browser-plugins
  - created correct link for javaws
* Wed Oct 05 2005 - dbornkessel@suse.de
  - updated to release 09
* Thu Sep 29 2005 - dmueller@suse.de
  - add norootforbuild
* Wed Mar 02 2005 - skh@suse.de
  - add improved font.properties (#62328, #61686)
* Fri Nov 26 2004 - skh@suse.de
  - updated to release 06 to fix privilege escalation vulnerability
    in plugin:
    http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1
* Fri Oct 01 2004 - skh@suse.de
  - #46638: Fix font.properties.ja so that it uses useable and
    correct fonts for Japanese (mfabian@suse.de)
* Wed Sep 29 2004 - skh@suse.de
  - #46379: use force-symlinking in %post where necessary
    (choeger@suse.de)
* Fri Sep 17 2004 - skh@suse.de
  - Add Obsoletes and Provides for smoother update experience
  - create compat symlinks in %post
* Mon Sep 13 2004 - skh@suse.de
  - Added Provides for SUSE compatibility
* Tue Sep 07 2004 - ro@suse.de
  - fixed typo in last change
* Mon Sep 06 2004 - ro@suse.de
  - replaced BuildArch with ExclusiveArch
* Mon Sep 06 2004 - skh@suse.de
  - Remove dots from package name to not confuse tools
* Thu Sep 02 2004 - skh@suse.de
  - Initial JPackage version 1.4.2 (JPackage 1.5)

Files

łA'

Generated by rpm2html 1.8.1

Daniel Veillard, Fri Sep 5 04:37:28 2008