-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 09 Jun 2011 23:15:49 +0200 Source: sun-java6 Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo sun-java6-source sun-java6-doc sun-java6-javadb Architecture: ia64 Version: 6-26-0lenny1 Distribution: lenny Urgency: high Maintainer: ia64 Build Daemon (alkman) Changed-By: Torsten Werner Description: ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit) ia32-sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 (32-bit) sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture dependent sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples sun-java6-doc - Sun JDK(TM) Documention -- integration installer sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE) sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6 sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independen sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files Closes: 629852 Changes: sun-java6 (6-26-0lenny1) oldstable; urgency=high . [ Sylvestre Ledru ] * New upstream release (Closes: #629852) * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2011-0862): integer overflows in JPEGImageReader and font SunLayoutEngine (2D, 7013519) - (CVE-2011-0873): unspecified vulnerability fixed in 6u26 (2D) - (CVE-2011-0815): FileDialog.show() buffer overflow (AWT, 7012520) - (CVE-2011-0817): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0863): unspecified vulnerability fixed in 6u26 (Deployment) - (CVE-2011-0864): JVM memory corruption via certain bytecode (HotSpot, 7020373) - (CVE-2011-0802): unspecified vulnerabilities fixed in 6u26 (Sound) - (CVE-2011-0814): unspecified vulnerabilities fixed in 6u26 (Sound) - (CVE-2011-0871): MediaTracker created Component instances with unnecessary privileges (Swing, 7020198) - (CVE-2011-0786): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0788): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0866): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0868): incorrect numeric type conversion in TransformHelper (2D, 7016495) - (CVE-2011-0872): non-blocking sockets incorrectly selected for reading (NIO, 6213702) - (CVE-2011-0867): NetworkInterface information leak (Networking, 7013969) - (CVE-2011-0869): unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971) - (CVE-2011-0865): Deserialization allows creation of mutable SignedObject (Deserialization, 6618658) . [ Torsten Werner ] * Upload to oldstable. Checksums-Sha1: 0676f2f7fb0aedb687471ccdd08e762cb07bb3f7 30140998 ia32-sun-java6-bin_6-26-0lenny1_ia64.deb Checksums-Sha256: 1f773fef87acaa8f5eabbbc193d5978be2219c5140f3afa365196893ff8950d9 30140998 ia32-sun-java6-bin_6-26-0lenny1_ia64.deb Files: bb1df806c55493e12554939d6170fc0a 30140998 non-free/libs optional ia32-sun-java6-bin_6-26-0lenny1_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJN9iOSAAoJEK1Ex7ZZGrcePi0P/imuWgAhcSoSXLS4l3OPjLd6 q67ulr7vzKB7CRh6lxqFkjr+mrRwXucpHt3gxGutuv6deISu/kxP2P4R35yLYJYn 1TsRmZs43OEOryAWrXuNZD+PqIQdCoRAAv/Gv3/Ts8XZMw+7/as0NY38ZYxHGNf2 jnBQyGxg7YkXx+YIDpSD3DGu+YGOc//RWRxAYHI71RBO4SIBY3XAED3usdTXuVLL d2mAZI62GFPq6Nt8QchqN0PKtBSJRK8x/b2lnxB2j1cOQJqRY3VWPrY2QHig4X2v ziUXcnFhx+dxON06TxHtqRuOCzHLhJn/i0PKJDsVK++DrXRkAEYaIh+B5n8jUQWo 7grEHxtT0uc7SgnE6sts1HpFH5ZlN56qzoMp9yhiaQRlILPcGGs4C7nMDcTAi2Yh VOygUXQ/V9zYeeIxHxRZiAofTSuQhXY5WzYmmok7kb8xQlmSOBmaKAmx4LCcQJr/ g/kyParX01SxXCqnyXsdk3522aXT+1JwMMmhN6vErEQBDGeJwkHB+ZEJrTP4qxgd fZauJAg11Ju4poU3PoWTI8i73xKgR78SZ5q8vTrIT9BH//0iPS0l6kKPFYkLWdQ/ 1Tbcz7pSqlzKr7wW/b5xZ+M0bYNZKvrxGhLPTSfqJK0eQqjHF9BhpouFz8ME5WEC PW70E3kGrxTk7RXQVSDR =xzPk -----END PGP SIGNATURE-----