openjdk-7 (7u151-2.6.11-0ubuntu1.14.04.1) trusty-security; urgency=medium * IcedTea release 2.6.11 (based on 7u151). Closes: #869816. * Security fixes: - S8163958, CVE-2017-10102: Improved garbage collection. - S8167228: Update to libpng 1.6.28. - S8169209, CVE-2017-10053: Improved image post-processing steps. - S8169392, CVE-2017-10067: Additional jar validation steps. - S8170966, CVE-2017-10081: Right parenthesis issue. - S8172204, CVE-2017-10087: Better Thread Pool execution. - S8172461, CVE-2017-10089: Service Registration Lifecycle. - S8172465, CVE-2017-10090: Better handling of channel groups. - S8172469, CVE-2017-10096: Transform Transformer Exceptions. - S8173286, CVE-2017-10101: Better reading of text catalogs. - S8173697, CVE-2017-10107: Less Active Activations. - S8173770, CVE-2017-10074: Image conversion improvements. - S8174098, CVE-2017-10110: Better image fetching. - S8174105, CVE-2017-10108: Better naming attribution. - S8174113, CVE-2017-10109: Better sourcing of code. - S8174770: Check registry registration location. - S8174873: Improved certificate processing. - S8175106, CVE-2017-10115: Higher quality DSA operations. - S8175110, CVE-2017-10118: Higher quality ECDSA operations. - S8176055: JMX diagnostic improvements. - S8176067, CVE-2017-10116: Proper directory lookup processing. - S8176760, CVE-2017-10135: Better handling of PKCS8 material. - S8178135, CVE-2017-10176: Additional elliptic curve support. - S8181420, CVE-2017-10074: PPC: Image conversion improvements. - S8182054, CVE-2017-10243: Improve wsdl support. - S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements. - S8184119, CVE-2017-10111: Incorrect return processing for the LF editor of MethodHandles.permuteArguments. * d/control.in: - remove @bd_compress@ dependency. - replace @bd_autotools@ with fixed dependencies. * d/control.tests: package to hold all tests artifacts and logs. * d/repack: fixed and simplified download script. * d/rules: - include openjdk-7-tests package on Ubuntu derivatives only. - only save the full jtreg results when the openjdk-7-tests package is being built, otherwise stick to old behaviour (keep compressed test summaries + failed test results). Closes: #863007, #865533. - only run the long jdk testsuite when default vm is a hotspot. - only run the full testsuite for zero alternative vm on very fast systems, otherwise stick to the hotspot testsuite to avoid long build times. - try /etc/os-release before lsb-release; allow distrel to be set from the command line. - remove with_nss as all supported releases have it now. - remove gcc/g++ configurations for EOL releases. - keep libjpeg8 dependency on wheezy, replace it with libjpeg62-turbo on other Debian releases and libjpeg-turbo8 on Ubuntu. Closes: #766601. - remove old logic to depend on libcupsys2. - always set rhino_source, all supported releases have dpkg > 1.16.2. - remove bd_compress and pkg_compress as they haven't been used for quite a while. - remove with_wgy_zenhai logic, lenny is EOL. - remove bd_autotools logic if/then, call dh_autoreconf and dh_autoreconf_clean. - simplify bootstrap dependency logic and remove EOL releases. - remove EOL releases from gcc/g++ dependency logic. - remove unused jamvm_defaults and simplify jamvm_archs logic. - use ttf-indic-fonts for trusty, otherwise stick to fonts-indic. - have build rule depend on debian/control in order to fail if it is ever regenerated at build time. - patch configure after dh_autoreconf call to include additional /usr/lib/jvm directories; setting DEB_HOST_ARCH=alpha to check if patches apply correctly fails because alpha requires a jdk for bootstrap and IcedTea does not look into our usual directories. * d/p/fontconfig-arphic-uming.diff: removed, not used since lenny. * d/p/jdk-getAccessibleValue.diff: libatk-wrapper-java: File selection dialog not refreshed when changing directory. Kindly provided by Samuel Thibault. Closes: #827741. * d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch: deleted, included in IcedTea 2.6.10. * d/p/kfreebsd-support-jdk.diff: updated, was failing to apply due to jdk changes in NetworkInterface.c. * d/p/sec-webrev-8u131-*.patch: deleted, included in IcedTea 2.6.10. * d/p/zero-sparc.diff: commented out chaitin.hpp hunk #1 as that #ifdef has been removed by JDK-8011621 (backported by IcedTea 2.6.10); this was also backported to 7u131 through JDK-8160961 but then backed out, better keep the hunk in case IcedTea decides to back it out as well. -- Tiago Stürmer Daitx Thu, 18 May 2017 02:53:34 +0000 openjdk-7 (7u131-2.6.9-3) experimental; urgency=medium * Only include the failing tests in the packages, not the whole test world. * openjdk-7-jdk: Provide openjdk-7-jdk-headless. -- Matthias Klose Sat, 20 May 2017 15:52:17 -0700 openjdk-7 (7u131-2.6.9-2) experimental; urgency=high [ Tiago Stürmer Daitx ] * Fix JDK regression introduced by 7u131 upgrade: (LP: #1691126) - d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch: fix "IllegalArgumentException: jdk.tls.namedGroups" backported from http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f5d0aadb4d1c -- Matthias Klose Tue, 16 May 2017 21:42:12 -0700 openjdk-7 (7u131-2.6.9-1) experimental; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.9 (based on 7u131): * Security fixes - S8167110, CVE-2017-3514: Windows peering issue. - S8163528, CVE-2017-3511: Better library loading. - S8169011, CVE-2017-3526: Resizing XML parse trees. - S8163520, CVE-2017-3509: Reuse cache entries. - S8171533, CVE-2017-3544: Better email transfer. - S8170222, CVE-2017-3533: Better transfers of files. - S8171121, CVE-2017-3539: Enhancing jar checking. - S8172299: Improve class processing. * debian/compat: updated from 5 to 9. * debian/watch: using watch version 4 to download both icedtea and icedtea-sound. LP: #1642420. * debian/repack: simplified tarball download. * debian/rules: - removed 8u121 patches as they have been applied to 7u131. - building icedtea-sound on build/ directory - replaced 'dh_strip -k' calls by dh_prep - have the 'build' rule depend on 'debian/control' rule to force failure if debian/control gets regenerated. - added file 'security/blacklisted.cert' to be copied to etc dir (introduced by S8011402). - simplified build dependencies. - removed jtreg's xvfb-run call since icedtea takes care of calling it. - removed window manager as there are no additional significant failures on the jdk tests when not running one. - re-enabled jdk jtreg tests. - removed lpia arch. - use fonts-wqy-microhei and fonts-wqy-zenhei instead of transitional package names. - drop Recommends on obsolete GNOME libraries so they are not in a default GNOME desktop installation (Simon McVittie). Closes: #850270. + sun.net.spi.DefaultProxySelector prefers libglib2.0-0 (>= 2.24) over obsolete libgconf2-4. + sun.nio.fs.GnomeFileTypeDetector prefers libglib2.0-0 (>= 2.24) over libgnomevfs-2-0. + sun.xawt.awt_Desktop prefers libgtk2.0-0 (>= 2.14) over libgnomevfs2-0. * debian/control.in: added static build dependencies as their previous selection logic in debian/rules is no longer required. * debian/control: regenerated. * debian/patches/icedtea-sound.diff: removed, now packing icedtea-sound 1.0.1 which includes those fixes. * debian/upstream/signing-key.asc: add new signing key. [ Matthias Klose ] * Remove obsolete changelog entries from previous release. -- Matthias Klose Tue, 16 May 2017 13:49:35 -0700 openjdk-7 (7u121-2.6.8-2) experimental; urgency=high [ Tiago Stürmer Daitx ] * Security fixes from 8u121: - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. * Ignored - S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may leak information about k. -- Matthias Klose Tue, 07 Feb 2017 11:09:39 +0100 openjdk-7 (7u121-2.6.8-1) experimental; urgency=medium * IcedTea release 2.6.8 (based on 7u121): -- Matthias Klose Mon, 14 Nov 2016 13:38:40 +0100 openjdk-7 (7u111-2.6.7-3) experimental; urgency=medium [ Tiago Stürmer Daitx ] * Don't use precompiled header files on arm64. * Update the sec-webrev-8u111-S8159503.hotspot patch. -- Matthias Klose Sat, 05 Nov 2016 13:19:09 +0100 openjdk-7 (7u111-2.6.7-2) experimental; urgency=medium [ Tiago Stürmer Daitx ] * Backported security fixes from 8u111: - CVE-2016-5568, S8158993: Service Menu services. - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. - CVE-2016-5554, S8157739: Classloader Consistency Checking. - CVE-2016-5542, S8155973: Tighten jar checks. * debian/rules: - removed lcms version 1 option as no current release uses that, lcms2 is now default. - removed in-tree/system lcms selection to always use system's lcms. - removed all cacao references except for the transitional cacao package. - updated jtreg tests to use othervm. - simplified rhino and libcups dependency selection. * debian/buildwatch.sh: updated to stop it if no 'make' process is running, as it probably means that the build failed - otherwise buildwatch keeps the builder alive until it exits after the timer (3 hours by default) expires. * debian/control.in: removed cacao references. * debian/README.source: removed cacao references. * debian/patches/cacao-armv4.diff: deleted file. * Makefile.am: remove -samevm * debian/patches/it-jamvm-8158260-unsafe-methods.patch: fix JAMVM after the introduction of two new Unsafe methods in the OpenJDK hotspot. Closes: #833933. (LP: #1611598) [ Matthias Klose ] * Fix building the -dbg package depending on the debhelper level. -- Matthias Klose Fri, 04 Nov 2016 18:50:39 +0100 openjdk-7 (7u111-2.6.7-1) experimental; urgency=medium [ Matthias Klose ] * Fix handling of /usr/lib/jvm/*/jre/lib/zi if internal tzdata is used (Andreas Beckmann). Closes: #821858. * Add missing includes for aarch64 hotspot backport (building without pch). * Use in-tree lcms for backports. [ Tiago Stürmer Daitx ] * IcedTea release 2.6.7 (based on 7u111): * Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking - S8145446, CVE-2016-3485: Perfect pipe placement (Windows only) - S8147771: Construction of static protection domains under Javax custom policy - S8148872, CVE-2016-3500: Complete name checking - S8149962, CVE-2016-3508: Better delineation of XML processing - S8150752: Share Class Data - S8151925: Font reference improvements - S8152479, CVE-2016-3550: Coded byte streams - S8155981, CVE-2016-3606: Bolster bytecode verification - S8155985, CVE-2016-3598: Persistent Parameter Processing - S8158571, CVE-2016-3610: Additional method handle validation * debian/rules: - Create symbolic link in source package (thanks Avinash). Closes: #832720. * debian/JB-jre-headless.prerm.in: check for /var/lib/binfmts/jar instead of /var/lib/binfmts/@basename@ before removing jar entry from binfmts. Closes: #821146. -- Matthias Klose Sat, 30 Jul 2016 08:13:07 +0200 openjdk-7 (7u101-2.6.6-2) experimental; urgency=medium * Configure with --disable-arm32-jit, broken by the security update. -- Matthias Klose Sat, 23 Apr 2016 02:28:28 +0200 openjdk-7 (7u101-2.6.6-1) experimental; urgency=medium [ Tiago Stürmer Daitx ] * IcedTea release 2.6.6 (based on 7u101): * Security fixes - S8129952, CVE-2016-0686: Ensure thread consistency - S8132051, CVE-2016-0687: Better byte behavior - S8138593, CVE-2016-0695: Make DSA more fair - S8139008: Better state table management - S8143167, CVE-2016-3425: Better buffering of XML strings - S8144430, CVE-2016-3427: Improve JMX connections - S8146494: Better ligature substitution - S8146498: Better device table adjustments * debian/patches/jdk-8152335-improve-methodhandle-consistency.patch: removed, fix is upstream since 2.6.5 [ Matthias Klose ] * Fix handling of /usr/lib/jvm/*/jre/lib/zi if internal tzdata is used (Andreas Beckmann). Closes: #821858. -- Matthias Klose Fri, 22 Apr 2016 21:14:22 +0200 openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium [ Tiago Stürmer Daitx ] * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency [ Matthias Klose ] * Use internal tzdata for builds in stretch, unstable, experimental. Closes: #818308. -- Matthias Klose Thu, 24 Mar 2016 15:24:32 +0100 openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium * Upload to experimental. -- Matthias Klose Fri, 05 Feb 2016 17:51:20 +0100 openjdk-7 (7u95-2.6.4-1) unstable; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.4 (based on 7u95): * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed [ Matthias Klose ] * Remove obsolete IcedTea configure options. * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. * Don't run the test on mips, still having stone age buildd hardware and empty promises to fix these issues since 2010. -- Matthias Klose Thu, 21 Jan 2016 13:17:54 +0100 openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium * Fix stripping packages (use bash instead of expr substring). * openjdk-jre-headless: Add dependency on the package containing the mountpoint binary. Closes: #803717. * openjdk-7-jdk: Fix typo in sdk provides. Closes: #803150. * Build using giflib 5. -- Matthias Klose Mon, 30 Nov 2015 06:27:48 +0100 openjdk-7 (7u91-2.6.3-2) unstable; urgency=medium * Enable sparc64 for hotspot (John Paul Adrian Glaubitz). * Add debian/patches/sparc-libproc-fix.diff to include missing headers on sparc64 (David Matthew Mattli). Closes: #805846. -- Matthias Klose Wed, 25 Nov 2015 23:38:54 +0100 openjdk-7 (7u91-2.6.3-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * Icedtea release 2.6.3 (based on 7u91): * Security fixes - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed -- Matthias Klose Thu, 19 Nov 2015 01:27:25 +0100 openjdk-7 (7u91-2.6.2-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * IcedTea release 2.6.2 (based on 7u91): * Security fixes - S8048030, CVE-2015-4734: Expectations should be consistent - S8068842, CVE-2015-4803: Better JAXP data handling - S8076339, CVE-2015-4903: Better handling of remote object invocation - S8076383, CVE-2015-4835: Better CORBA exception handling - S8076387, CVE-2015-4882: Better CORBA value handling - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency - S8076413, CVE-2015-4883: Better JRMP message handling - S8078427, CVE-2015-4842: More supportive home environment - S8078440: Safer managed types - S8080541: More direct property handling - S8080688, CVE-2015-4860: Service for DGC services - S8081760: Better group dynamics - S8086092, CVE-2015-4840: More palette improvements - S8086733, CVE-2015-4893: Improve namespace handling - S8087350: Improve array conversions - S8103671, CVE-2015-4805: More objective stream classes - S8103675: Better Binary searches - S8130078, CVE-2015-4911: Document better processing - S8130193, CVE-2015-4806: Improve HTTP connections - S8130864: Better server identity handling - S8130891, CVE-2015-4843: (bf) More direct buffering - S8131291, CVE-2015-4872: Perfect parameter patterning - S8132042, CVE-2015-4844: Preserve layout presentation * d/patches/it-debian-build-flags.diff: refreshed * d/patches/it-set-compiler.diff: refreshed * d/patches/it-use-quilt.diff: refreshed and updated * d/patches/it-jamvm-2.0.diff: refreshed * d/patches/xrender: removed as it was applied upstream -- Matthias Klose Sun, 25 Oct 2015 22:30:06 +0100 openjdk-7 (7u85-2.6.1-6) unstable; urgency=medium [ Tiago Stürmer Daitx ] * Security fixes - S8048030, CVE-2015-4734: Expectations should be consistent - S8068842, CVE-2015-4803: Better JAXP data handling - S8076339, CVE-2015-4903: Better handling of remote object invocation - S8076383, CVE-2015-4835: Better CORBA exception handling - S8076387, CVE-2015-4882: Better CORBA value handling - S8076392, CVE-2015-4881: Improve IIOPInputStream consistency - S8076413, CVE-2015-4883: Better JRMP message handling - S8078427, CVE-2015-4842: More supportive home environment - S8078440: Safer managed types - S8080541: More direct property handling - S8080688, CVE-2015-4860: Service for DGC services - S8081744, CVE-2015-4868: Clear out list corner case - S8081760: Better group dynamics - S8086092. CVE-2015-4840: More palette improvements - S8086733, CVE-2015-4893: Improve namespace handling - S8087350: Improve array conversions - S8103671, CVE-2015-4805: More objective stream classes - S8103675: Better Binary searches - S8129611: Accessbridge error handling improvement - S8130078, CVE-2015-4911: Document better processing - S8130185: More accessible access switch - S8130193, CVE-2015-4806: Improve HTTP connections - S8130864: Better server identity handling - S8130891, CVE-2015-4843: (bf) More direct buffering - S8131291, CVE-2015-4872: Perfect parameter patterning - S8132042, CVE-2015-4844: Preserve layout presentation * S6966259: Make PrincipalName and Realm immutable, required for S8048030 * S8078822: 8068842 fix missed one new file PrimeNumberSequenceGenerator.java [ Matthias Klose ] * Re-enable the atk bridge for releases with a fixed atk bridge. Again closes: #797595. -- Matthias Klose Thu, 22 Oct 2015 00:42:34 +0200 openjdk-7 (7u85-2.6.1-5) unstable; urgency=medium * Fix passing --disable-system-sctp for non-linux targets. -- Matthias Klose Thu, 08 Oct 2015 07:01:54 +0200 openjdk-7 (7u85-2.6.1-4) unstable; urgency=medium * Build again with pulseaudio on alpha. * Update the kfreebsd support patches (Steven Chamberlain). Closes: #798123. * Fix parallel build. Closes: #798124. * Disable again the atk bridge, too many regressions. Reopens: #797595. -- Matthias Klose Wed, 07 Oct 2015 16:24:40 +0200 openjdk-7 (7u85-2.6.1-3) unstable; urgency=medium * Configure with --disable-system-sctp on KFreeBSD. * Stop building jamvm on mips and mipsel, fails to build. -- Matthias Klose Sat, 05 Sep 2015 16:54:38 +0200 openjdk-7 (7u85-2.6.1-2) unstable; urgency=medium * Stop building zero on AArch64, broken on the merged IcedTea Hotspot. * Only build-depend on libsctp-dev on linux architectures. * Configure for zero on sparc64, Hotspot build fails too. -- Matthias Klose Fri, 04 Sep 2015 17:47:56 +0200 openjdk-7 (7u85-2.6.1-1) unstable; urgency=medium * IcedTea7 2.6.1 release (based on OpenJDK 7u85). * Configure for Hotspot on sparc64. * Add mips to the openjdk stage1 architectures. * Sort the enums and the annotations in the package-tree.html files (Emmanuel Bourg). Closes: #787159. * Re-enable the atk bridge for releases with a fixed atk bridge. Closes: #797595. * Make derivatives builds the same as the parent distro. Closes: #797662. -- Matthias Klose Thu, 03 Sep 2015 12:47:16 +0200 openjdk-7 (7u79-2.5.6-2) unstable; urgency=medium * Fix installing the openjdk.desktop file when cautious-launch is available. LP: #1448548. -- Matthias Klose Thu, 13 Aug 2015 14:09:54 +0200 openjdk-7 (7u79-2.5.6-1) unstable; urgency=medium * IcedTea7 2.5.6 release (based on OpenJDK 7u79). * Security fixes - S8043202, CVE-2015-2808: Prohibit RC4 cipher suites. - S8067694, CVE-2015-2625: Improved certification checking. - S8071715, CVE-2015-4760: Tune font layout engine. - S8071731: Better scaling for C1. - S8072490: Better font morphing redux. - S8072887: Better font handling improvements. - S8073334: Improved font substitutions. - S8073773: Presume path preparedness. - S8073894: Getting to the root of certificate chains. - S8074330: Set font anchors more solidly. - S8074335: Substitute for substitution formats. - S8074865, CVE-2015-2601: General crypto resilience changes. - S8074871: Adjust device table handling. - S8075374, CVE-2015-4748: Responding to OCSP responses. - S8075378, CVE-2015-4749: JNDI DnsClient Exception Handling. - S8075738: Better multi-JVM sharing. - S8075833, CVE-2015-2613: Straighter Elliptic Curves. - S8075838: Method for typing MethodTypes. - S8075853, CVE-2015-2621: Proxy for MBean proxies. - S8076328, CVE-2015-4000: Enforce key exchange constraints. - S8076376, CVE-2015-2628: Enhance IIOP operations. - S8076397, CVE-2015-4731: Better MBean connections. - S8076401, CVE-2015-2590: Serialize OIS data. - S8076405, CVE-2015-4732: Improve serial serialization. - S8076409, CVE-2015-4733: Reinforce RMI framework. - S8077520, CVE-2015-2632: Morph tables into improved form. - PR2487, CVE-2015-4000: Make jdk8 mode the default for jdk.tls.ephemeralDHKeySize. * Update the kfreebsd hotspot support patch (Steven Chamberlain). Closes: #788982. * openjdk-7-jre: Recommend the real libgconf2-4 and libgnome2-0 packages. Closes: #786594. -- Matthias Klose Thu, 23 Jul 2015 17:19:35 +0200 openjdk-7 (7u79-2.5.5-1) unstable; urgency=high * IcedTea7 2.5.5 release (based on OpenJDK 7u79). * Security fixes - S8059064: Better G1 log caching. - S8060461: Fix for JDK-8042609 uncovers additional issue. - S8064601, CVE-2015-0480: Improve jar file handling. - S8065286: Fewer subtable substitutions. - S8065291: Improved font lookups. - S8066479: Better certificate chain validation. - S8067050: Better font consistency checking. - S8067684: Better font substitutions. - S8067699, CVE-2015-0469: Better glyph storage. - S8068320, CVE-2015-0477: Limit applet requests. - S8068720, CVE-2015-0488: Better certificate options checking. - S8069198: Upgrade image library. - S8071726, CVE-2015-0478: Better RSA optimizations. - S8071818: Better vectorization on SPARC. - S8071931, CVE-2015-0460: Return of the phantom menace. * Build the documentation when building with a Hotspot VM. Closes: #781577. * openjdk-7-jre.preinst: Fix version for alternatives cleanup. Closes: #775072. * Re-enable HotSpot on SPARC; zero doesn't workm and there seems to be some work ongoing upstream. * Refresh patches. * Only install the openjdk-java.desktop file when using cautious-launcher. -- Matthias Klose Wed, 15 Apr 2015 22:16:17 +0200 openjdk-7 (7u75-2.5.4-3) unstable; urgency=medium * Replace the ARM32 Thumb JIT with the ARM32 JIT. * Fix 8059327: XML parser returns corrupt attribute value. Closes: #780166. * openjdk-7-jre.preinst: Cleanup obsolete alternatives (javaws, pluginappletviewer) left by openjdk-6-jre/squeeze (Andreas Beckmann). Closes: #775072. -- Matthias Klose Wed, 11 Mar 2015 13:07:54 +0100 openjdk-7 (7u75-2.5.4-2) unstable; urgency=medium * Fix build on mips64 and mips64el. Addresses #776295. * Fix the build using the updated patch not following symlinks. -- Matthias Klose Thu, 05 Feb 2015 18:22:28 +0100 openjdk-7 (7u75-2.5.4-1) unstable; urgency=high * IcedTea7 2.5.4 release (based on OpenJDK 7u75). * Security fixes - S8046656: Update protocol support. - S8047125, CVE-2015-0395: (ref) More phantom object references. - S8047130: Fewer escapes from escape analysis. - S8048035, CVE-2015-0400: Ensure proper proxy protocols. - S8049253: Better GC validation. - S8050807, CVE-2015-0383: Better performing performance data handling. - S8054367, CVE-2015-0412: More references for endpoints. - S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel. - S8055309, CVE-2015-0408: RMI needs better transportation considerations. - S8055479: TLAB stability. - S8055489, CVE-2014-6585: Better substitution formats. - S8056264, CVE-2014-6587: Multicast support improvements. - S8056276, CVE-2014-6591: Fontmanager feature improvements. - S8057555, CVE-2014-6593: Less cryptic cipher suite management. - S8058982, CVE-2014-6601: Better verification of an exceptional invokespecial. - S8059485, CVE-2015-0410: Resolve parsing ambiguity. - S8061210, CVE-2014-3566: Issues in TLS. -- Matthias Klose Fri, 23 Jan 2015 12:14:42 +0100 openjdk-7 (7u71-2.5.3-2) unstable; urgency=medium * Regenerate the .orig.tar to omit a third hotspot tarball. * Really fix the libjpeg runtime dependency for sid and jessie. Closes: #766601. * Fix regression running JamVM after the 2.5.3 security update. Closes: #767771. LP: #1382205. * Fix regression running CACAO after the 2.5.3 security update. * Backport S8000897, VM crash in CompileBroker. Closes: #768747. * Fix building icedtea-sound on x32 (patch dropped in 7u71-2.5.3-1). Closes: #766610. * Don't use the compatibility path names from the ttf-dejavu packages for recent releases. LP: #1362099. -- Matthias Klose Thu, 13 Nov 2014 11:10:28 +0100 openjdk-7 (7u71-2.5.3-1) unstable; urgency=high * IcedTea7 2.5.3 release (based on OpenJDK 7u71). * Security fixes: - S8015256: Better class accessibility. - S8022783, CVE-2014-6504: Optimize C2 optimizations. - S8035162: Service printing service. - S8035781: Improve equality for annotations. - S8036805: Correct linker method lookup. - S8036810: Correct linker field lookup. - S8036936: Use local locales. - S8037066, CVE-2014-6457: Secure transport layer. - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams. - S8038364: Use certificate exceptions correctly. - S8038899: Safer safepoints. - S8038903: More native monitor monitoring. - S8038908: Make Signature more robust. - S8038913: Bolster XML support. - S8039509, CVE-2014-6512: Wrap sockets more thoroughly. - S8039533, CVE-2014-6517: Higher resolution resolvers. - S8041540, CVE-2014-6511: Better use of pages in font processing. - S8041529: Better parameterization of parameter lists. - S8041545: Better validation of generated rasters. - S8041564, CVE-2014-6506: Improved management of logger resources. - S8041717, CVE-2014-6519: Issue with class file parser. - S8042609, CVE-2014-6513: Limit splashiness of splash images. - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord. - S8044274, CVE-2014-6531: Proper property processing. [ Matthias Klose ] * Change B-D to libjpeg-dev to finish the transition to libjpeg-turbo (Ondřej Surý). Closes: #763489. * Depend on libnss3 instead of libnss3-1d for recent releases. Addresses: #760122. * Ship the apt binary and man page again. Closes: #765037. [ Bill Huey ] * Icedtea 2.5.3, jamvm-2.0.0 and icetea-sound-1.0.1 packaging updates. -- Matthias Klose Thu, 23 Oct 2014 15:53:05 +0200 openjdk-7 (7u65-2.5.2-4) unstable; urgency=medium * Update the hotspot for AArch64, rev 9580ebccfdc3. * Don't install tapset files. Not yet ready. Closes: #761043. -- Matthias Klose Thu, 18 Sep 2014 02:41:41 +0200 openjdk-7 (7u65-2.5.2-3) unstable; urgency=medium * Enable systemtap for development versions. * Fix the icedtea-sound build on x32. Closes: #760436. * Enable the template interpreter for ppc64 and ppc64el. -- Matthias Klose Tue, 09 Sep 2014 14:38:10 +0200 openjdk-7 (7u65-2.5.2-2) unstable; urgency=medium * Update JamVM patch for kfreebsd (Steven Chamberlain). Closes: #760160. -- Matthias Klose Tue, 02 Sep 2014 22:48:03 +0200 openjdk-7 (7u65-2.5.2-1) unstable; urgency=medium * IcedTea7 2.5.2 release (based on OpenJDK 7u65). * Update JamVM to 2.0.0. * Update the hotspot for AArch64, rev 778cb4032983. -- Matthias Klose Sun, 31 Aug 2014 22:21:19 +0200 openjdk-7 (7u65-2.5.1-5) unstable; urgency=medium * Fix quoting of configure args for the zero build. * Fix a stack verifier regression in the latest security updates. http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/bad107a5d096 (Bill Huey) LP: #1360392. * Don't ship the apt binary anymore for new releases (deprecated upstream). * Let openjdk-7-source replace openjdk-7-jdk, widening the version range. * Update the hotspot for AArch64, rev 778cb4032983. -- Matthias Klose Sun, 24 Aug 2014 10:16:14 +0200 openjdk-7 (7u65-2.5.1-4) unstable; urgency=medium * Let the file system check for the libpcsclite library succeed again, although we are not using it. Closes: #755893. -- Matthias Klose Fri, 25 Jul 2014 20:35:47 +0200 openjdk-7 (7u65-2.5.1-3) unstable; urgency=medium * Use the system libpcsclite library. Closes: #754952. * Let openjdk-7-source replace openjdk-7-jdk. Closes: #755126. -- Matthias Klose Wed, 23 Jul 2014 17:42:25 +0200 openjdk-7 (7u65-2.5.1-2) unstable; urgency=medium * openjdk-7-jdk: Fix src.zip symlink. Closes: #755126. -- Matthias Klose Sat, 19 Jul 2014 13:52:53 +0200 openjdk-7 (7u65-2.5.1-1) unstable; urgency=high * IcedTea7 2.5.1 release (based on OpenJDK 7u65). * Security fixes: - S8029755, CVE-2014-4209: Enhance subject class. - S8030763: Validate global memory allocation. - S8031340, CVE-2014-4264: Better TLS/EC management. - S8031346, CVE-2014-4244: Enhance RSA key handling. - S8031540: Introduce document horizon. - S8032536: JVM resolves wrong method in some unusual cases. - S8033055: Issues in 2d. - S8033301, CVE-2014-4266: Build more informative InfoBuilder. - S8034267: Probabilistic native crash. - S8034272: Do not cram data into CRAM arrays. - S8034985, CVE-2014-2483: Better form for Lambda Forms. - S8035004, CVE-2014-4252: Provider provides less service. - S8035009, CVE-2014-4218: Make Proxy representations consistent. - S8035119, CVE-2014-4219: Fix exceptions to bytecode verification. - S8035699, CVE-2014-4268: File choosers should be choosier. - S8035788. CVE-2014-4221: Provide more consistency for lookups. - S8035793, CVE-2014-4223: Maximum arity maxed out. - S8036571: (process) Process process arguments carefully. - S8036800: Attribute OOM to correct part of code. - S8037046: Validate libraries to be loaded. - S8037076, CVE-2014-2490: Check constant pool constants. - S8037157: Verify call. - S8037162, CVE-2014-4263: More robust DH exchanges. - S8037167, CVE-2014-4216: Better method signature resolution. - S8039520, CVE-2014-4262: More atomicity of atomic updates. * Build libjsig and libsaproc with hardening defaults. * Fix some lintian warnings. * Move libjavagtk into the -jre package. Closes: #754770. * Recognize -dcevm as a jvm. Closes: #748625. * Install the src.zip into an architecture independent path. Closes: #749648. -- Matthias Klose Wed, 16 Jul 2014 21:27:01 +0200 openjdk-7 (7u60-2.5.0-2) unstable; urgency=high * Refresh KFreeBSD patches (Steven Chamberlain). Closes: #754214. * Backport S7179339, xrender pipeline creates graphics corruption. (Matthias Bläsing). LP: #1101348. * Configure with --disable-infinality. Closes: #754343. LP: #1338897. -- Matthias Klose Thu, 10 Jul 2014 17:25:27 +0200 openjdk-7 (7u60-2.5.0-1) unstable; urgency=medium * IcedTea7 2.5.0 release (based on OpenJDK 7u60). * Convert to package format 3.0 (quilt). * Add the IcedTea Sound tarball. * Build the hotspot VM for ppc64 and ppc64el. * Replace the IcedTea patch system with quilt. * Re-enable the ARM assembler interpreter. -- Matthias Klose Sun, 06 Jul 2014 14:51:51 +0200 openjdk-7 (7u55-2.4.7-2) unstable; urgency=medium * Fix the quoting of configure flags for the zero build. * Update the java-access-bridge-security patch (Raphael Geissert). * Don't hard code the compiler names in the AArch64 hotspot build. * Build using GCC 4.9 where available. * Add MIPS64(el) support (Yunqiang Su). Closes: #746207. * Suggest fonts-indic instead of ttf-indic-fonts. Closes: #747694. -- Matthias Klose Fri, 16 May 2014 19:12:42 +0200 openjdk-7 (7u55-2.4.7-1) unstable; urgency=high * IcedTea7 2.4.7 release. * Security fixes - S8023046: Enhance splashscreen support. - S8025005: Enhance CORBA initializations. - S8025010, CVE-2014-2412: Enhance AWT contexts. - S8025030, CVE-2014-2414: Enhance stream handling. - S8025152, CVE-2014-0458: Enhance activation set up. - S8026067: Enhance signed jar verification. - S8026163, CVE-2014-2427: Enhance media provisioning. - S8026188, CVE-2014-2423: Enhance envelope factory. - S8026200: Enhance RowSet Factory. - S8026716, CVE-2014-2402: (aio) Enhance asynchronous channel handling. - S8026736, CVE-2014-2398: Enhance Javadoc pages. - S8026797, CVE-2014-0451: Enhance data transfers. - S8026801, CVE-2014-0452: Enhance endpoint addressing. - S8027766, CVE-2014-0453: Enhance RSA processing. - S8027775: Enhance ICU code. - S8027841, CVE-2014-0429: Enhance pixel manipulations. - S8028385: Enhance RowSet Factory. - S8029282, CVE-2014-2403: Enhance CharInfo set up. - S8029286: Enhance subject delegation. - S8029699: Update Poller demo. - S8029730: Improve audio device additions. - S8029735: Enhance service mgmt natives. - S8029740, CVE-2014-0446: Enhance handling of loggers. - S8029745, CVE-2014-0454: Enhance algorithm checking. - S8029750: Enhance LCMS color processing (LCMS 2 only). - S8029760, CVE-2013-6629: Enhance AWT image libraries (in-tree libjpeg). - S8029844, CVE-2014-0455: Enhance argument validation. - S8029854, CVE-2014-2421: Enhance JPEG decodings. - S8029858, CVE-2014-0456: Enhance array copies. - S8030731, CVE-2014-0460: Improve name service robustness. - S8031330: Refactor ObjectFactory. - S8031335, CVE-2014-0459: Better color profiling. - S8031352, CVE-2013-6954: Enhance PNG handling (in-tree libpng). - S8031394, CVE-2014-0457: (sl) Fix exception handling in ServiceLoader. - S8031395: Enhance LDAP processing. - S8032686, CVE-2014-2413: Issues with method invoke. - S8033618, CVE-2014-1876: Correct logging output. - S8034926, CVE-2014-2397: Attribute classes properly. - S8036794, CVE-2014-0461: Manage JavaScript instances. * AArch64 fixes. -- Matthias Klose Wed, 16 Apr 2014 15:37:40 +0200 openjdk-7 (7u51-2.4.6-1) unstable; urgency=medium * IcedTea7 2.4.6 release. * Explicitly use AC_MAINTAINER_MODE and automake-1.11 to create the debian .orig tarball. Addresses: #740289. * Apply patch from upstream to fix bold fonts in Swing applications using GTK L&F (Ryan Tandy). LP: #937200. * Explicitly build-depend on libkrb5-dev. * On AArch64 don't use the hotsport backport for the zero build. -- Matthias Klose Tue, 01 Apr 2014 09:25:19 +0200 openjdk-7 (7u51-2.4.6~pre1-1) unstable; urgency=medium * IcedTea7 2.4.6 prerelease. * Fix icedtea-web build failure on kfreebsd-* (unable to find sun.security.util.SecurityConstants). Steven Chamberlain. Closes: #739032. * Update the AArch64 Hotspot. -- Matthias Klose Thu, 27 Mar 2014 17:24:45 +0100 openjdk-7 (7u51-2.4.5-2) unstable; urgency=medium * Update the KFreeBSD patch (Steven Chamberlain). Closes: #736291. -- Matthias Klose Tue, 04 Feb 2014 13:28:10 +0100 openjdk-7 (7u51-2.4.5-1) unstable; urgency=medium * IcedTea7 2.4.5 release. * Build Hotspot client and server vms for AArch64. -- Matthias Klose Fri, 31 Jan 2014 06:13:20 -0500 openjdk-7 (7u51-2.4.4-1) unstable; urgency=medium * IcedTea7 2.4.4 release. * Security fixes - S6727821: Enhance JAAS Configuration. - S7068126, CVE-2014-0373: Enhance SNMP statuses. - S8010935: Better XML handling. - S8011786, CVE-2014-0368: Better applet networking. - S8021257, S8025022, CVE-2013-5896 : com.sun.corba.se.** should be on restricted package list. - S8021271, S8021266, CVE-2014-0408: Better buffering in ObjC code. - S8022904: Enhance JDBC Parsers. - S8022927: Input validation for byte/endian conversions. - S8022935: Enhance Apache resolver classes. - S8022945: Enhance JNDI implementation classes. - S8023057: Enhance start up image display. - S8023069, CVE-2014-0411: Enhance TLS connections. - S8023245, CVE-2014-0423: Enhance Beans decoding. - S8023301: Enhance generic classes. - S8023338: Update jarsigner to encourage timestamping. - S8023672: Enhance jar file validation. - S8024302: Clarify jar verifications. - S8024306, CVE-2014-0416: Enhance Subject consistency. - S8024530: Enhance font process resilience. - S8024867: Enhance logging start up. - S8025014: Enhance Security Policy. - S8025018, CVE-2014-0376: Enhance JAX-P set up. - S8025026, CVE-2013-5878: Enhance canonicalization. - S8025034, CVE-2013-5907: Improve layout lookups. - S8025448: Enhance listening events. - S8025758, CVE-2014-0422: Enhance Naming management. - S8025767, CVE-2014-0428: Enhance IIOP Streams. - S8026172: Enhance UI Management. - S8026176: Enhance document printing. - S8026193, CVE-2013-5884: Enhance CORBA stub factories. - S8026204: Enhance auth login contexts. - S8026417, CVE-2013-5910: Enhance XML canonicalization. - S8026502: java/lang/invoke/MethodHandleConstants.java fails on all platforms. - S8027201, CVE-2014-0376: Enhance JAX-P set up. - S8029507, CVE-2013-5893: Enhance JVM method processing. - S8029533: REGRESSION: closed/java/lang/invoke/8008140/Test8008140.java fails agains. * Remove alpha from stage1_gcj_archs. * Use the langtools and jdk tarballs as provided by IcedTea. * Hotspot is dead on sparc. Build the zero interpreter as the default. * Blindly update the KF***BSD patches. -- Matthias Klose Wed, 15 Jan 2014 10:34:34 +0100 openjdk-7 (7u45-2.4.3-5) unstable; urgency=medium * Run the jtreg tests on powerpcspe, tested by Roland Stigge. * Fix zero builds on 64k page kernel configs. * Fix more IcedTea bits to build on x32. -- Matthias Klose Sat, 11 Jan 2014 13:55:34 +0100 openjdk-7 (7u45-2.4.3-4) unstable; urgency=low * Re-enable running the testsuite on powerpc. * Run the testsuite on AArch64. * Fix IcedTea bits to build on x32. -- Matthias Klose Sun, 22 Dec 2013 21:20:10 +0100 openjdk-7 (7u45-2.4.3-3) unstable; urgency=low * Don't build on s390 anymore. * Update hotspot-mips-align patch (Aurelien Jarno). Closes: #732528). * Build for ppc64el. * Try to build zero on x32. * Configure with --enable-zero on sparc and sparc64. -- Matthias Klose Fri, 20 Dec 2013 14:42:38 +0100 openjdk-7 (7u45-2.4.3-2.3) unstable; urgency=medium * Disable bootstrap build on alpha. Closes: #719671. * Disable running the jdk jtreg tests on the hotspot architectures. Hanging on the buildds. * Re-enable the jexec patch, program logic confused by running jexec outside the assumed java home. Closes: #731961. * Don't apply the s390 patches on s390x. s390 is successfully dead. * Fix zero builds on little endian architectures, taken from the trunk. -- Matthias Klose Thu, 12 Dec 2013 18:24:44 +0100 openjdk-7 (7u45-2.4.3-1) unstable; urgency=medium * IcedTea7 2.4.3 release. * Security fixes: - S8006900, CVE-2013-3829: Add new date/time capability. - S8008589: Better MBean permission validation. - S8011071, CVE-2013-5780: Better crypto provider handling. - S8011081, CVE-2013-5772: Improve jhat. - S8011157, CVE-2013-5814: Improve CORBA portablility. - S8012071, CVE-2013-5790: Better Building of Beans. - S8012147: Improve tool support. - S8012277: CVE-2013-5849: Improve AWT DataFlavor. - S8012425, CVE-2013-5802: Transform TransformerFactory. - S8013503, CVE-2013-5851: Improve stream factories. - S8013506: Better Pack200 data handling. - S8013510, CVE-2013-5809: Augment image writing code. - S8013514: Improve stability of cmap class. - S8013739, CVE-2013-5817: Better LDAP resource management. - S8013744, CVE-2013-5783: Better tabling for AWT. - S8014085: Better serialization support in JMX classes. - S8014093, CVE-2013-5782: Improve parsing of images. - S8014098: Better profile validation. - S8014102, CVE-2013-5778: Improve image conversion. - S8014341, CVE-2013-5803: Better service from Kerberos servers. - S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations. - S8014530, CVE-2013-5825: Better digital signature processing. - S8014534: Better profiling support. - S8014987, CVE-2013-5842: Augment serialization handling. - S8015614: Update build settings. - S8015731: Subject java.security.auth.subject to improvements. - S8015743, CVE-2013-5774: Address internet addresses. - S8016256: Make finalization final. - S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names. - S8016675, CVE-2013-5797: Make Javadoc pages more robust. - S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately. - S8017287, CVE-2013-5829: Better resource disposal. - S8017291, CVE-2013-5830: Cast Proxies Aside. - S8017298, CVE-2013-4002: Better XML support. - S8017300, CVE-2013-5784: Improve Interface Implementation. - S8017505, CVE-2013-5820: Better Client Service. - S8019292: Better Attribute Value Exceptions. - S8019617: Better view of objects. - S8020293: JVM crash. - S8021275, CVE-2013-5805: Better screening for ScreenMenu. - S8021282, CVE-2013-5806: Better recycling of object instances. - S8021286: Improve MacOS resourcing. - S8021290, CVE-2013-5823: Better signature validation. - S8022931, CVE-2013-5800: Enhance Kerberos exceptions. - S8022940: Enhance CORBA translations. - S8023683: Enhance class file parsing. * Fix build failure on mips* (Aurelien Jarno). Closes: #729448). * Run autoreconf. Closes: #724083. * Merge the -jre-lib package into -jre-headless. Simplifies the packaging and the savings were not as big as wanted, because the rt.jar is still architecture dependant. Closes: #641049, #722510. -- Matthias Klose Sun, 08 Dec 2013 23:22:06 +0100 openjdk-7 (7u25-2.3.12-4ubuntu3) saucy; urgency=low * Apply missing patch to fix arm64/AArch64 detection. -- Matthias Klose Fri, 11 Oct 2013 17:51:33 +0200 openjdk-7 (7u25-2.3.12-4ubuntu2) saucy; urgency=low * openjdk-jre-headless: Loosen the dependency on -jre-lib. -- Matthias Klose Wed, 09 Oct 2013 16:29:15 +0200 openjdk-7 (7u25-2.3.12-4ubuntu1) saucy; urgency=low * Regenerate the control file. -- Matthias Klose Fri, 16 Aug 2013 12:09:47 +0200 openjdk-7 (7u25-2.3.12-4) unstable; urgency=low * Add the hotspot patches for AArch64, which apparently were not included in the IcedTea release by intent. * Don't interpret arm64 as an ARM architecture, but as AArch64. So much for Debian calling this port arm64 ... * Use host macros instead of build macros for corba and hotspot config. * Re-add multiarch library directories to the default library path. Closes: #712567. * Enable the two-stage build on alpha. Closes: #719671. * Build for powerpcspe (Roland Stigge). Closes: #712686. * Recommend fonts-dejavu-extra instead of ttf-dejavu-extra for current releases. Closes: #718839. -- Matthias Klose Thu, 15 Aug 2013 21:26:51 +0200 openjdk-7 (7u25-2.3.12-3) unstable; urgency=low * Fix kFreeBSD builds (Thanks to Christoph Egger for his help). -- Damien Raude-Morvan Mon, 12 Aug 2013 00:39:41 +0200 openjdk-7 (7u25-2.3.12-2) unstable; urgency=low [ Matthias Klose ] * Regenerate the hotspot-s390 patch. [ Damien Raude-Morvan ] * Update kfreebsd patches. -- Matthias Klose Sat, 03 Aug 2013 20:22:41 +0200 openjdk-7 (7u25-2.3.12-1) unstable; urgency=low * IcedTea7 2.3.12 release. * Don't build with pulseaudio on arm64. * Disable bootstraped build on s390 and sparc. -- Matthias Klose Fri, 02 Aug 2013 15:55:01 +0200 openjdk-7 (7u25-2.3.10-2ubuntu1) saucy; urgency=low * Regenerate the control file. -- Matthias Klose Mon, 15 Jul 2013 23:59:45 +0200 openjdk-7 (7u25-2.3.10-2) unstable; urgency=low [ Matthias Klose ] * Fix gcj-jdk build dependency on ia64 and s390. * Build zero on arm64. [ Gianfranco Costamagna ] * Fix build failure on kfreebsd (Closes: #714528) -- Matthias Klose Sun, 30 Jun 2013 17:12:28 +0200 openjdk-7 (7u25-2.3.10-1) unstable; urgency=high * IcedTea7 2.3.10 release. * Security fixes * S6741606, CVE-2013-2407: Integrate Apache Santuario. * S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls. * S7170730, CVE-2013-2451: Improve Windows network stack support. * S8000638, CVE-2013-2450: Improve deserialization. * S8000642, CVE-2013-2446: Better handling of objects for transportation. * S8001032: Restrict object access. * S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers. * S8001034, CVE-2013-1500: Memory management improvements. * S8001038, CVE-2013-2444: Resourcefully handle resources. * S8001043: Clarify definition restrictions. * S8001308: Update display of applet windows. * S8001309: Better handling of annotation interfaces. * S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost. * S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only). * S8003703, CVE-2013-2412: Update RMI connection dialog box. * S8004288, CVE-2013-2449: (fs) Files.probeContentType problems. * S8004584: Augment applet contextualization. * S8005007: Better glyph processing. * S8006328, CVE-2013-2448: Improve robustness of sound classes. * S8006611: Improve scripting. * S8007467: Improve robustness of JMX internal APIs. * S8007471: Improve MBean notifications. * S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes. * S8007925: Improve cmsStageAllocLabV2ToV4curves. * S8007926: Improve cmsPipelineDup. * S8007927: Improve cmsAllocProfileSequenceDescription. * S8007929: Improve CurvesAlloc. * S8008120, CVE-2013-2457: Improve JMX class checking. * S8008124, CVE-2013-2453: Better compliance testing. * S8008128: Better API coherence for JMX. * S8008132, CVE-2013-2456: Better serialization support. * S8008585: Better JMX data handling. * S8008593: Better URLClassLoader resource management. * S8008603: Improve provision of JMX providers. * S8008607: Better input checking in JMX. * S8008611: Better handling of annotations in JMX. * S8008615: Improve robustness of JMX internal APIs. * S8008623: Better handling of MBeanServers. * S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606. * S8008982: Adjust JMX for underlying interface changes. * S8009004: Better implementation of RMI connections. * S8009008: Better manage management-api. * S8009013: Better handling of T2K glyphs. * S8009034: Improve resulting notifications in JMX. * S8009038: Improve JMX notification support. * S8009057, CVE-2013-2448: Improve MIDI event handling. * S8009067: Improve storing keys in KeyStore. * S8009071, CVE-2013-2459: Improve shape handling. * S8009235: Improve handling of TSA data. * S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change. * S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields. * S8009654: Improve stability of cmsnamed. * S8010209, CVE-2013-2460: Better provision of factories. * S8011243, CVE-2013-2470: Improve ImagingLib. * S8011248, CVE-2013-2471: Better Component Rasters. * S8011253, CVE-2013-2472: Better Short Component Rasters. * S8011257, CVE-2013-2473: Better Byte Component Rasters. * S8012375, CVE-2013-1571: Improve Javadoc framing. * S8012421: Better positioning of PairPositioning. * S8012438, CVE-2013-2463: Better image validation. * S8012597, CVE-2013-2465: Better image channel verification. * S8012601, CVE-2013-2469: Better validation of image layouts. * S8014281, CVE-2013-2461: Better checking of XML signature. * S8015997: Additional improvement in Javadoc framing. * Breaks icedtea-netx (<< 1.4-2). -- Matthias Klose Fri, 28 Jun 2013 16:55:32 +0200 openjdk-7 (7u21-2.3.9-5) unstable; urgency=low * Update kFreeBSD support (Guido Guenther). Closes: #708818. * Stop building the transitional cacao package for sid. -- Matthias Klose Sat, 18 May 2013 20:13:33 +0200 openjdk-7 (7u21-2.3.9-4) unstable; urgency=high * Build the transitional cacao package for sid as well. Apparently some buildds are not updated to list wheezy as the code name for the current distribution. -- Matthias Klose Thu, 02 May 2013 03:27:44 +0200 openjdk-7 (7u21-2.3.9-3) unstable; urgency=high * Disable the cacao build again, causing build failures on i386 and s390. * Build a transitional cacao jre package instead. -- Matthias Klose Tue, 30 Apr 2013 00:27:05 +0200 openjdk-7 (7u21-2.3.9-2) unstable; urgency=high * On ia64, use gcj-4.7 for the bootstrap build. * Drop the cacao jre from recommends to suggests. * Re-enable cacao, was enabled in the 2.1.x series. -- Matthias Klose Sat, 27 Apr 2013 01:17:16 +0200 openjdk-7 (7u21-2.3.9-1) unstable; urgency=high * IcedTea7 2.3.9 release. * Security fixes: - S6657673, CVE-2013-1518: Issues with JAXP. - S7200507: Refactor Introspector internals. - S8000724, CVE-2013-2417: Improve networking serialization. - S8001031, CVE-2013-2419: Better font processing. - S8001040, CVE-2013-1537: Rework RMI model. - S8001322: Refactor deserialization. - S8001329, CVE-2013-1557: Augment RMI logging. - S8003335: Better handling of Finalizer thread. - S8003445: Adjust JAX-WS to focus on API. - S8003543, CVE-2013-2415: Improve processing of MTOM attachments. - S8004261: Improve input validation. - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames. - S8004986, CVE-2013-2383: Better handling of glyph table. - S8004987, CVE-2013-2384: Improve font layout. - S8004994, CVE-2013-1569: Improve checking of glyph table. - S8005432: Update access to JAX-WS. - S8005943: (process) Improved Runtime.exec. - S8006309: More reliable control panel operation. - S8006435, CVE-2013-2424: Improvements in JMX. - S8006790: Improve checking for windows. - S8006795: Improve font warning messages. - S8007406: Improve accessibility of AccessBridge. - S8007617, CVE-2013-2420: Better validation of images. - S8007667, CVE-2013-2430: Better image reading. - S8007918, CVE-2013-2429: Better image writing. - S8008140: Better method handle resolution. - S8009049, CVE-2013-2436: Better method handle binding. - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap. - S8009305, CVE-2013-0401: Improve AWT data transfer. - S8009677, CVE-2013-2423: Better setting of setters. - S8009699, CVE-2013-2421: Methodhandle lookup. - S8009814, CVE-2013-1488: Better driver management. - S8009857, CVE-2013-2422: Problem with plugin. * Backports: - S7130662: GTK file dialog crashes with a NPE. * Bug fixes - PR1363: Fedora 19 / rawhide FTBFS SIGILL. - PR1401: Fix Zero build on 2.3.8. - Fix offset problem in ICU LETableReference. - Change -Werror fix to preserve OpenJDK default. - PR1303: Correct #ifdef to #if. - PR1404: Failure to bootstrap with ecj 4.2. -- Matthias Klose Mon, 22 Apr 2013 03:27:08 +0200 openjdk-7 (7u17-2.3.8-2) experimental; urgency=low * Remove Torsten Werner as uploader. -- Matthias Klose Mon, 01 Apr 2013 00:39:58 +0200 openjdk-7 (7u17-2.3.8-1ubuntu1) raring; urgency=low * Regenerate the control file. -- Matthias Klose Sun, 31 Mar 2013 20:10:05 +0200 openjdk-7 (7u17-2.3.8-1) experimental; urgency=low * IcedTea7 2.3.8 release. * Security fixes: - S8007014, CVE-2013-0809: Improve image handling. - S8007675, CVE-2013-1493: Improve color conversion. * Backports: - S8002344: Krb5LoginModule config class does not return proper KDC list from DNS. - S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c. - S8006179: JSR292 MethodHandles lookup with interface using findVirtual(). - S8006882: Proxy generated classes in sun.proxy package breaks JMockit. * Bug fixes: - PR1303: Correct #ifdef to #if. - PR1340: Simplify the rhino class rewriter to avoid use of concurrency. - Revert 7017193 and add the missing free call, until a better fix is ready. -- Matthias Klose Sun, 31 Mar 2013 14:31:11 +0200 openjdk-7 (7u15-2.3.7-1ubuntu2) raring; urgency=low * Security fixes: - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion - debian/rules: updated to add 8007014.patch and 8007675.patch -- Jamie Strandboge Wed, 06 Mar 2013 14:12:03 -0600 openjdk-7 (7u15-2.3.7-1ubuntu1) raring; urgency=low * Regenerate the control file. -- Matthias Klose Wed, 20 Feb 2013 23:59:54 +0100 openjdk-7 (7u15-2.3.7-1) experimental; urgency=low * IcedTea7 2.3.7 release. * Security fixes: - S8004937, CVE-2013-1484: Improve proxy construction. - S8006439, CVE-2013-1485: Improve MethodHandles coverage. - S8006446, CVE-2013-1486: Restrict MBeanServer access. - S8006777, CVE-2013-0169: Improve TLS handling of invalid messages. - S8007688: Blacklist known bad certificate. * Backports: - S8007393: Possible race condition after JDK-6664509. - S8007611: logging behavior in applet changed. * For zero builds, use the same hotspot version as in 2.1.6. * Reenable bootstrap builds, except for alpha. * Explicitly disable building on mips/mipsel. Not supported by the Debian OpenJDK maintainers, the Debian mips porters, or the Debian Java team. -- Matthias Klose Wed, 20 Feb 2013 23:33:58 +0100 openjdk-7 (7u13-2.3.6-1) experimental; urgency=low * IcedTea7 2.3.6 release. - Disable bootstrap builds, currently broken in IcedTea. * Security fixes: - S6563318, CVE-2013-0424: RMI data sanitization. - S6664509, CVE-2013-0425: Add logging context. - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time. - S6776941: CVE-2013-0427: Improve thread pool shutdown. - S7141694, CVE-2013-0429: Improving CORBA internals. - S7173145: Improve in-memory representation of splashscreens. - S7186945: Unpack200 improvement. - S7186946: Refine unpacker resource usage. - S7186948: Improve Swing data validation. - S7186952, CVE-2013-0432: Improve clipboard access. - S7186954: Improve connection performance. - S7186957: Improve Pack200 data validation. - S7192392, CVE-2013-0443: Better validation of client keys. - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages. - S7192977, CVE-2013-0442: Issue in toolkit thread. - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies. - S7200491: Tighten up JTable layout code. - S7200500: Launcher better input validation. - S7201064: Better dialogue checking. - S7201066, CVE-2013-0441: Change modifiers on unused fields. - S7201068, CVE-2013-0435: Better handling of UI elements. - S7201070: Serialization to conform to protocol. - S7201071, CVE-2013-0433: InetSocketAddress serialization issue. - S8000210: Improve JarFile code quality. - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class. - S8000540, CVE-2013-1475: Improve IIOP type reuse management. - S8000631, CVE-2013-1476: Restrict access to class constructor. - S8001235, CVE-2013-0434: Improve JAXP HTTP handling. - S8001242: Improve RMI HTTP conformance. - S8001307: Modify ACC_SUPER behavior. - S8001972, CVE-2013-1478: Improve image processing. - S8002325, CVE-2013-1480: Improve management of images. * Fix font suggestion for indic fonts in wheezy. * Fix fontconfig definitions for japanese and korean fonts, fixing compilation of the fontconfig file. * Add Built-Using: rhino attribute for the -lib package. * Don't use concurrent features to rewrite the rhino jar file. * Enable class data sharing for the hotspot server VM. -- Matthias Klose Tue, 12 Feb 2013 20:59:48 +0100 openjdk-7 (7u9-2.3.4-1) experimental; urgency=low * IcedTea7 2.3.4 release. * Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries. - S8006017, CVE-2013-0422: Improve lookup resolutions. - S8006125: Update MethodHandles library interactions. * Bug fixes - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts. - G422525: Fix building with PaX enabled kernels. [ Matthias Klose ] * Loosen OpenGL dependency. Closes: #695028. * Fix error parsing drop files parameter from pcmanfm (Alberto Fernández Martínez). Closes: #695992. [ Thorsten Glaser ] * debian/rules: Use gcj-4.6-jdk for m68k builds. * d/patches/text-relocations.patch: build with -fPIC on all archs. -- Matthias Klose Tue, 15 Jan 2013 23:38:48 +0100 openjdk-7 (7u9-2.3.3-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Wed, 17 Oct 2012 15:16:51 +0200 openjdk-7 (7u9-2.3.3-0ubuntu1) quantal-security; urgency=low * IcedTea7 2.3.3 release. * Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking. - S7093490: adjust package access in rmiregistry. - S7143535, CVE-2012-5068: ScriptEngine corrected permissions. - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp. - S7158807: Revise stack management with volatile call sites. - S7163198, CVE-2012-5076: Tightened package accessibility. - S7167656, CVE-2012-5077: Multiple Seeders are being created. - S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types. - S7169887, CVE-2012-5074: Tightened package accessibility. - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector. - S7172522, CVE-2012-5072: Improve DomainCombiner checking. - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC. - S7189103, CVE-2012-5069: Executors needs to maintain state. - S7189490: More improvements to DomainCombiner checking. - S7189567, CVE-2012-5085: java net obselete protocol. - S7192975, CVE-2012-5071: Issue with JMX reflection. - S7195194, CVE-2012-5084: Better data validation for Swing. - S7195549, CVE-2012-5087: Better bean object persistence. - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved. - S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance. - S7196190, CVE-2012-5088: Improve method of handling MethodHandles. - S7198296, CVE-2012-5089: Refactor classloader usage. - S7158800: Improve storage of symbol tables. - S7158801: Improve VM CompileOnly option. - S7158804: Improve config file parsing. - S7198606, CVE-2012-4416: Improve VM optimization. -- Matthias Klose Wed, 17 Oct 2012 13:27:47 +0200 openjdk-7 (7u7-2.3.2a-1ubuntu1) quantal; urgency=low * Build a transitional icedtea-7-jre-cacao package to ease upgrades. -- Matthias Klose Wed, 19 Sep 2012 17:42:39 +0200 openjdk-7 (7u7-2.3.2a-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Sat, 15 Sep 2012 22:20:06 +0200 openjdk-7 (7u7-2.3.2a-0ubuntu1) quantal; urgency=low * Repackage the source to drop the cacao tarball (and packaging files). * Depend again on system provided tzdata-java and restore the zi symlink on upgrade. LP: #1050404. * libgnome2-0, libgnomevfs2-0, libgconf2-4 are not prepared for multiarch. Don't depend on these so that openjdk-7 can be installed as a multiarch package. -- Matthias Klose Sat, 15 Sep 2012 17:01:12 +0200 openjdk-7 (7u7-2.3.2-1ubuntu2) quantal; urgency=low * Make the avian VM a known runtime. -- Matthias Klose Wed, 05 Sep 2012 11:58:35 +0200 openjdk-7 (7u7-2.3.2-1ubuntu1) quantal; urgency=low * Fix 32bit hotspot build, don't set maximal heap space lower than minimal heap space for the docs build. * d/p/sane-library-paths.patch, d/p/ant-diagnostics.diff, d/p/fix-race-cond-print.diff, d/p/gcc-hotspot-opt-O[02].diff, d/p/gcc-mtune-generic.diff, d/p/openjdk-6986968.diff: Remove, not used. * Remove unused shark/llvm-3.0 patches. * d/p/zero-only-use-floating-point-if-floating-poi.patch: Remove, applied upstream. * Don't explicitly build with -march=i586 on i386 architectures. * Re-apply zero-missing-headers.diff. * Disable cacao builds, needs update for 7u7. * For Ubuntu quantal, set priorities for alternatives higher than for OpenJDK 6. * Call update-alternatives when the existing priority for the alternative is lower than the current one. * Configure with --disable-downloading. * Pass -avoid-version to libtool to create a JamVM libjvm.so without SONAME version numbers to match the Hotspot Server/Client libjvm.so. LP: #850433. * Revert the following change: Move libgnome2-0, libgnomevfs2-0, libgconf2-4 from Depends of JRE package to Recommends (#661465). The proper fix is to create a -jdk-headless package, or not depending on these gnome packages at all (e.g. using XDG libraries). -- Matthias Klose Tue, 04 Sep 2012 12:08:31 +0200 openjdk-7 (7u7-2.3.2-1) experimental; urgency=low * New upstream IcedTea7 2.3.2 release. * Security fixes: - CVE-2012-4681: Reintroduce PackageAccessible checks removed in 6788531. - S7079902, CVE-2012-1711: Refine CORBA data models. - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement. - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations. - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC. - S7143872, CVE-2012-1718: Improve certificate extension processing. - S7152811, CVE-2012-1723: Issues in client compiler. - S7157609, CVE-2012-1724: Issues with loop. - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile. - S7165628, CVE-2012-1726: Issues with java.lang.invoke.MethodHandles.Lookup. * Bump version to 7u7 (OpenJDK), 2.3.2 (IcedTea). Closes: #685276. * d/p/icedtea7-forest-jdk_7104625-XEvent_wrap_logging_calls_with_if.patch, d/p/hotspot-sparc.diff: Remove, integrated upstream. * d/p/{deb-multiarch,fix_extra_flags,hotspot-no-werror}.diff: Add variants for hotspot and zero builds. * d/p/default-jvm-cfg.diff, d/p/icedtea-4953367.patch, d/p/icedtea-patch.diff, d/p/icedtea-pretend-memory.diff, d/p/libpcsclite-dlopen.diff, d/p/nonreparenting-wm.diff: Update for 2.3.2. * Remove build support for Ubuntu releases earlier than hardy. * d/update-shasum.sh: Only update the shasums of the -dfsg tarballs. * Don't apply shark patches (not built anyway). -- Matthias Klose Sat, 01 Sep 2012 11:46:50 +0200 openjdk-7 (7u3-2.1.7-1) unstable; urgency=high * IcedTea7 2.1.7 release: * Security fixes: - S8007014, CVE-2013-0809: Improve image handling. - S8007675, CVE-2013-1493: Improve color conversion. * Backports: - S8002344: Krb5LoginModule config class does not return proper KDC list from DNS. - S8004344: Fix a crash in ToolkitErrorHandler() in XlibWrapper.c. - S8006179: JSR292 MethodHandles lookup with interface using findVirtual(). - S8006882: Proxy generated classes in sun.proxy package breaks JMockit. * Bug fixes: - PR1303: Correct #ifdef to #if - Stop libraries being stripped in the OpenJDK build. - PR1340: Simplify the rhino class rewriter to avoid use of concurrency. - Revert 7017193 and add the missing free call, until a better fix is ready. -- Matthias Klose Sat, 30 Mar 2013 11:31:12 +0100 openjdk-7 (7u3-2.1.6-1) unstable; urgency=high * IcedTea7 2.1.5 release: * Security fixes: - S6563318, CVE-2013-0424: RMI data sanitization. - S6664509, CVE-2013-0425: Add logging context. - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time. - S6776941: CVE-2013-0427: Improve thread pool shutdown. - S7141694, CVE-2013-0429: Improving CORBA internals. - S7173145: Improve in-memory representation of splashscreens. - S7186945: Unpack200 improvement. - S7186946: Refine unpacker resource usage. - S7186948: Improve Swing data validation. - S7186952, CVE-2013-0432: Improve clipboard access. - S7186954: Improve connection performance. - S7186957: Improve Pack200 data validation. - S7192392, CVE-2013-0443: Better validation of client keys. - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages. - S7192977, CVE-2013-0442: Issue in toolkit thread. - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies. - S7200491: Tighten up JTable layout code. - S7200493, CVE-2013-0444: Improve cache handling. - S7200499: Better data validation for options. - S7200500: Launcher better input validation. - S7201064: Better dialogue checking. - S7201066, CVE-2013-0441: Change modifiers on unused fields. - S7201068, CVE-2013-0435: Better handling of UI elements. - S7201070: Serialization to conform to protocol. - S7201071, CVE-2013-0433: InetSocketAddress serialization issue. - S8000210: Improve JarFile code quality. - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class. - S8000539, CVE-2013-0431: Introspect JMX data handling. - S8000540, CVE-2013-1475: Improve IIOP type reuse management. - S8000631, CVE-2013-1476: Restrict access to class constructor. - S8001235, CVE-2013-0434: Improve JAXP HTTP handling. - S8001242: Improve RMI HTTP conformance. - S8001307: Modify ACC_SUPER behavior. - S8001972, CVE-2013-1478: Improve image processing. - S8002325, CVE-2013-1480: Improve management of images. * Backports: - S7054590: (JSR-292) MethodHandleProxies.asInterfaceInstance() accepts private/protected nested interfaces. - S7175616: Port fix for TimeZone from JDK 8 to JDK 7. - S8002068: Build broken: corba code changes unable to use new JDK 7 classes. - S8004341: Two JCK tests fails with 7u11 b06. - S8005615: Java Logger fails to load tomcat logger implementation (JULI). * IcedTea7 2.1.6 release: * Security fixes: - S8004937, CVE-2013-1484: Improve proxy construction. - S8006439, CVE-2013-1485: Improve MethodHandles coverage. - S8006446, CVE-2013-1486: Restrict MBeanServer access. - S8006777, CVE-2013-0169: Improve TLS handling of invalid messages. - S8007688: Blacklist known bad certificate. * Backports: - S7123519: problems with certification path. - S8007393: Possible race condition after JDK-6664509. - S8007611: logging behavior in applet changed. * Fix font suggestion for indic fonts in wheezy. * Fix fontconfig definitions for japanese and korean fonts, fixing compilation of the fontconfig file. * Add Built-Using: rhino attribute for the -lib package. * Don't use concurrent features to rewrite the rhino jar file. * Enable class data sharing for the hotspot server VM. * Enable bootstrap builds for alpha. * Explicitly disable building on mips/mipsel. Not supported by the Debian OpenJDK maintainers, the Debian mips porters, or the Debian Java team. -- Matthias Klose Thu, 21 Feb 2013 03:38:13 +0100 openjdk-7 (7u3-2.1.4-1) unstable; urgency=low * IcedTea7 2.1.4 release. * Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries - S8006017, CVE-2013-0422: Improve lookup resolutions - S8006125: Update MethodHandles library interactions * Loosen OpenGL dependency. Closes: #695028. * Fix error parsing drop files parameter from pcmanfm (Alberto Fernández Martínez). Closes: #695992. -- Matthias Klose Wed, 16 Jan 2013 11:46:20 +0100 openjdk-7 (7u3-2.1.3-1) unstable; urgency=low * IcedTea7 2.1.3 release. * Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking. - S7093490: adjust package access in rmiregistry. - S7143535, CVE-2012-5068: ScriptEngine corrected permissions. - S7158796, CVE-2012-5070: Tighten properties checking in EnvHelp. - S7158807: Revise stack management with volatile call sites. - S7163198, CVE-2012-5076: Tightened package accessibility. - S7167656, CVE-2012-5077: Multiple Seeders are being created. - S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types. - S7169887, CVE-2012-5074: Tightened package accessibility. - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector. - S7172522, CVE-2012-5072: Improve DomainCombiner checking. - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC. - S7189103, CVE-2012-5069: Executors needs to maintain state. - S7189490: More improvements to DomainCombiner checking. - S7189567, CVE-2012-5085: java net obselete protocol. - S7192975, CVE-2012-5071: Issue with JMX reflection. - S7195194, CVE-2012-5084: Better data validation for Swing. - S7195549, CVE-2012-5087: Better bean object persistence. - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved. - S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance. - S7196190, CVE-2012-5088: Improve method of handling MethodHandles. - S7198296, CVE-2012-5089: Refactor classloader usage. - S7158801: Improve VM CompileOnly option. - S7158804: Improve config file parsing. - S7198606, CVE-2012-4416: Improve VM optimization. * Backports - S7175845: "jar uf" changes file permissions unexpectedly. - S7177216: native2ascii changes file permissions of input file. - S7106773: 512 bits RSA key cannot work with SHA384 and SHA512. - S7158800: Improve storage of symbol tables. -- Matthias Klose Wed, 17 Oct 2012 16:03:47 +0200 openjdk-7 (7u3-2.1.2-2ubuntu1) precise-security; urgency=low * Make the avian VM a known runtime. -- Matthias Klose Sat, 08 Sep 2012 16:01:31 +0200 openjdk-7 (7u3-2.1.2-2) unstable; urgency=high * Pass -avoid-version to libtool to create a JamVM libjvm.so without SONAME version numbers to match the Hotspot Server/Client libjvm.so. LP: #850433. -- Matthias Klose Tue, 04 Sep 2012 17:55:43 +0200 openjdk-7 (7u3-2.1.2-1) unstable; urgency=high * IcedTea7 2.1.2 release. * Security fixes - CVE-2012-4681, S7162473: Reintroduce PackageAccessible checks removed in 6788531. - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder. - S7194567, CVE-2012-3136: Improve long term persistence of java.beans objects. - S7163201, CVE-2012-0547: Simplify toolkit internals references. * d/p/hotspot-sparc.diff: Remove, integrated upstream. * Stop running the mauve tests. -- Matthias Klose Mon, 03 Sep 2012 23:17:11 +0200 openjdk-7 (7~u3-2.1.1-3) unstable; urgency=low * d/rules: Ensure we don't remove -02 (default) when -03 is disabled (fix jamvm FTBFS on armhf without -02). * d/patches/gcc-jdk-opt-O0.diff, d/patches/gcc-jdk-opt-O2.diff, d/patches/gcc-no-hardening.diff, d/patches/gcc-opt-O2.diff: removed. -- Damien Raude-Morvan Wed, 25 Jul 2012 21:18:15 +0200 openjdk-7 (7~u3-2.1.1-2) unstable; urgency=low * d/rules: On Debian Wheezy/Sid bump Build-Depends on libnss3-dev (>= 2:3.13.4) and Depends on libnss3 (>= 2:3.13.4) (ie. with epoch). (Closes: #679465). * d/control: Suggests icedtea-7-plugin instead of icedtea6-plugin (Closes: #680284). * d/patches/7130140-MouseEvent-systemout.diff: Remove "MEvent. CASE!" from console output. (Closes: #679036). * Disable -O3 compile: cause wrong Math.* computations. (Closes: #679292 and Closes: #678228). LP: #1044857. * debian/patches/FreetypeFontScaler_getFontMetricsNative.diff: Fix "OpenJDK returns the text height greater than font size". (Closes: #657854) -- Damien Raude-Morvan Sat, 30 Jun 2012 18:17:51 +0200 openjdk-7 (7~u3-2.1.1-1) unstable; urgency=medium * New upstream release with security fixes (Closes: #677486): - S7079902, CVE-2012-1711: Refine CORBA data models - S7110720: Issue with vm config file loadingIssue with vm config file loading - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC - S7143872, CVE-2012-1718: Improve certificate extension processing - S7145239: Finetune package definition restriction - S7152811, CVE-2012-1723: Issues in client compiler - S7157609, CVE-2012-1724: Issues with loop - S7160677: missing else in fix for 7152811 - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile - S7165628, CVE-2012-1726: Issues with java.lang.invoke.MethodHandles.Lookup * Patches merged upstream: - debian/patches/arm-thumb-fix.diff - debian/patches/gcc-4.7.diff [ James Page ] * Cherry picked patch from openjdk-6 to fix handling of ICC profiles (LP: #888123, #888129) (Closes: #676351). [ Damien Raude-Morvan ] * Move libgnome2-0, libgnomevfs2-0, libgconf2-4 from Depends of JRE package to Recommends (Closes: #661465). * New jni_md_h_JNIEXPORT_visibility.patch to allow JNIEXPORT definition to work with -fvisibility=hidden. (Closes: #670896). -- Damien Raude-Morvan Mon, 11 Jun 2012 21:01:10 +0200 openjdk-7 (7~u3-2.1.1~pre1-2) unstable; urgency=low * Don't mark the -demo package as Multi-Arch same. Closes: #670038. * Build using gcc-4.4 on mips, mipsel. * Build again with older gcj version on s390 (4.6). -- Matthias Klose Thu, 03 May 2012 10:44:20 +0200 openjdk-7 (7~u3-2.1.1~pre1-1ubuntu3) precise-proposed; urgency=low * Default to the ARM assembler interpreter instead to JamVM on ARM. LP: #993380. -- Matthias Klose Wed, 02 May 2012 17:58:20 +0200 openjdk-7 (7~u3-2.1.1~pre1-1ubuntu2) precise; urgency=low * Use the /usr/bin path for the policytool desktop file. LP: #980205. Closes: #670037. -- Matthias Klose Thu, 12 Apr 2012 23:29:06 +0200 openjdk-7 (7~u3-2.1.1~pre1-1ubuntu1) precise; urgency=low * Regenerate the control file. -- Matthias Klose Wed, 11 Apr 2012 07:21:41 +0200 openjdk-7 (7~u3-2.1.1~pre1-1) unstable; urgency=low * Update from the IcedTea7-2.1 release branch (20110410). * Install desktop files again, using the common /usr/bin/java interpreter name. * Build-depend on libpng-dev for newer releases. Closes: #662452. * Let dlopen handle finding the libpcsclite library. LP: #898689. * Build-depend on fonts-ipafont-mincho, fixing a build failure in the fontconfig compiler (find out why it breaks ...). * Build using gcc-4.7/gcj-4.7 for sid/wheezy, fix build failure. * Remove `-icedtea' suffix from the release identification. * Fix arm thumb build, update taken from IcedTea6. -- Matthias Klose Tue, 10 Apr 2012 14:11:09 +0200 openjdk-7 (7~u3-2.1-4) unstable; urgency=low [ Matthias Klose ] * Don't install the binary fontconfig file. LP: #964303. [ Damien Raude-Morvan ] * Remove libxp-dev check in configure.ac, it's not needed anymore (Closes: #657260) and so drop build dependency on libxp-dev. * Fix FTBFS with glib 2.32 by adding explicit dependency gthread-2.0.pc (Closes: #665666). * Use libpng-dev instead of libpng12-dev for wheezy/sid (Closes: #662453). -- Damien Raude-Morvan Mon, 09 Apr 2012 00:21:20 +0200 openjdk-7 (7~u3-2.1-3) unstable; urgency=low * d/rules,Makefile.am: Improve handling of dpkg-buildflags: don't overwrite CFLAGS of hotspot but use EXTRA_* flags into icedtea and openjdk Makefile. (Closes: #661695). * d/rules: Build everything with -03 opt level (jamvm, cacao and jdk) * d/patches/kfreebsd-support-*.diff: Refresh kfreebsd patches and fix FTBFS on k-i386 (ie. at least on a sid VM). * Backport S7104625 as d/patches/icedtea7-forest-jdk_7104625*.patch to check for logging to prevent wasted CPU (Closes: #651423). -- Damien Raude-Morvan Tue, 06 Mar 2012 01:09:09 +0100 openjdk-7 (7~u3-2.1-2) unstable; urgency=low [ Matthias Klose ] * Use NanumMyeongjo as the preferred korean font. LP: #792471. * Fix crash in java.net.NetworkInterface.getNetworkInterfaces() when ifr_ifindex exceeds 255. LP: #925218. S7078386. * Use IPAfont as the preferred japanesse font. Closes: #646054. * Build using gcj on alpha and armel. Closes: #655750. [ Damien Raude-Morvan ] * d/patches/sparc-stubgenerator.diff: Fix FTBFS on sparc on stubGenerator_sparc.cpp by using explicit class typedef (Closes: #660871). * d/patches/fix_extra_flags.diff: Improve support for hardened build, also send flags to jdk build and send -Wl,-z,relro during hotspot link. * Bump Standards-Version to 3.9.3: no changes needed. * d/control: Don't use nonexistent dlopenjl:Recommends substvar, replaced by dlopenhl:Recommends. * d/*.{prerm,postrm}: Use set -e inside script instead of sh -e shebang. * Cleanup lintian-overrides. -- Damien Raude-Morvan Wed, 29 Feb 2012 00:52:49 +0100 openjdk-7 (7~u3-2.1-1ubuntu2) precise; urgency=low * Make sure that the nss.cfg doesn't mention any library path. LP: #939361, #939419. * Disable the accessibility wrapper, doesn't work yet. LP: #935296. -- Matthias Klose Fri, 24 Feb 2012 15:10:12 +0100 openjdk-7 (7~u3-2.1-1ubuntu1) precise; urgency=low [ Damien Raude-Morvan ] * d/patches/jexec.diff: Dropped, uneeded and not compatible with multi-arch. * d/rules: Use dpkg-buildflags to enable hardened build. (Closes: #660021). [ Matthias Klose ] * Merge r522 from openjdk6: - Make upgrades from non-multiarch to multiarch builds more silent. - Fix order of grant decls in java.policy. - Make doc files multi-arch installable. - JB-archive.applications.in: Use /usr/bin/java by default. Maybe should be moved to the default-jdk package. * Explicitly look for the gthread-2.0 pkgconfig module. -- Matthias Klose Wed, 22 Feb 2012 14:07:16 +0100 openjdk-7 (7~u3-2.1-1) unstable; urgency=low * Update icedtea7 2.1 (OpenJDK7 ~u3 release): - Check for logging to prevent wasted CPU (Closes: #651423). * Fix following security issues: - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass - S7110704, CVE-2012-0506: Issues with some method in corba - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing - S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server [ Matthias Klose ] * openjdk-7-jre-lib: Mark as Multi-Arch: foreign. [ Damien Raude-Morvan ] * Merge r501-521 from openjdk6: - Fix plugin name in jinfo file. - Fix build flags for cppInterpreter_arm.o. - Use java-atk-wrapper instead of java-access-bridge for accessibility. - Make the java.policy file multi-arch installable. - Don't install desktop and menu files for multiarch builds. Needs a better solution. - Don't install an alternative for the deprecated apt tool. - Make the upgrade from a non-multiarch installation location more robust; don't depend on version numbers, but check the path of the alternatives. - Disable test for armel and powerpc (broken on buildd) * d/rules: Make symbolic links to src.zip on /usr/lib/jvm/java-7-openjdk-amd64 like openjdk-6-jdk (Closes: #649618). * d/rules: Pass -n to gzip when compressing manpages to be Multi-Arch: same safe. * d/rules: Add build-arch/build-indep target. * d/rules: Re-enable Cacao VM! * d/{rules,control}: Only rhino 1.7R3 is supported by openjdk7, update B-D. * d/patches/hotspot-s390.diff: Update for latest Hotspot. * d/patches/icedtea-patch.diff: Move nssLibraryDirectory handling to d/rules. * d/rules: Remove --with-*-drop-zip options, as code drops are embedded. * d/patches/hsx23-zero.patch, patches/shark-compiler-fixes.patch: Fix FTBFS for Zero under Hotspot >= v22. * d/patches/kfreebsd-*: Refreshed. * d/control: Make openjdk-7-source:all package binNMU-able by using Depends ">=" on openjdk-7-jre (ie. src.zip won't change). -- Damien Raude-Morvan Wed, 15 Feb 2012 20:55:52 +0100 openjdk-7 (7~b147-2.0-1) unstable; urgency=low * New upstream IcedTea7 release. - S7000600, CVE-2011-3547: InputStream skip() information leak. - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor. - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow. - S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager. - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak. - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine. - S7055902, CVE-2011-3521: IIOP deserialization code execution. - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks. - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST). - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer. - S7077466, CVE-2011-3556: RMI DGC server remote code execution. - S7083012, CVE-2011-3557: RMI registry privileged code execution. - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection. [ Matthias Klose ] * Merge debian packaging r501 from openjdk-6: - Tighten inter-package dependencies for Debian builds. Closes: #641240. * Build-depend on wdiff. -- Damien Raude-Morvan Sat, 01 Oct 2011 10:53:15 +0200 openjdk-7 (7~b147-2.0~pre6-2) unstable; urgency=low * d/rules: Fix java.policy to include jre/lib/ext/* files (instead of non-existant ext/*). It'll restore privilegied access from sunpkcs11.jar to sun.* code. * d/patches/s390_hotspot_fix.diff: Update to fix FTBFS on s390. -- Damien Raude-Morvan Sat, 01 Oct 2011 10:53:15 +0200 openjdk-7 (7~b147-2.0~pre6-1) unstable; urgency=low * Update to IcedTea7 (20110928). [ Matthias Klose ] * Merge debian packaging r496 from openjdk-6: - Fix dangling java-1.7.0-openjdk symlink for non-multiarch builds. [ Damien Raude-Morvan ] * d/rules: --disable-compile-against-syscalls for kFreeBSD (since there is no epoll support). * Update patches: - d/patches/sun-awt-buildsystem.diff: Drop, merged upstream. - d/patches/icedtea-override-redirect-compiz.patch: Refresh. - d/patches/s390_hotspot_fix.diff: Extracted (instead of direct patch). * Add Build-Depends on libattr1-dev. -- Damien Raude-Morvan Wed, 28 Sep 2011 17:19:33 +0200 openjdk-7 (7~b147-2.0~pre5-1) unstable; urgency=low * Update to IcedTea7 (20110914). - d/patches/jdk-no-mapfile.diff: Drop, merged in icedtea7-forest (for real this time). - d/patches/sun-awt-buildsystem.diff: Fix icedtea7-forest awt build. * d/patches/kfreebsd-support-jdk.diff: Refresh. * d/patches/icedtea-patch.diff: Remove usage of nssLibraryDirectory because while it works for nss3, it fails for softokn3 (since the latter is in nss/ subdirectory). Without this parameter, openjdk-7 will rely on default ld.so behavior. (Closes: #637337, #638008) In openjdk-6, nssLibraryDirectory was not used to load softokn3 (Secmod). * d/control: openjdk-7-jre Provides java7-runtime, openjdk-7-jre-headless Provides java7-runtime-headless and openjdk-7-jdk Provides java7-jdk. (Closes: #641668). -- Damien Raude-Morvan Mon, 19 Sep 2011 16:33:15 +0200 openjdk-7 (7~b147-2.0~pre4-1) unstable; urgency=low * Update to IcedTea7 (20110906): - JamVM: support for armhf and other various fixes. * Upload to unstable. * Regenerate control file for debian unstable. * Makefile.am: Force JAVA_HOME for ant call to --with-jdk-home value (without this, it defaults to existing JAVA_HOME env or /usr/bin/java link) -- Damien Raude-Morvan Mon, 05 Sep 2011 23:50:43 +0200 openjdk-7 (7~b147-2.0~pre3-3ubuntu2) oneiric; urgency=low * Merge debian packaging r491 from openjdk-6: - Move the -lib files into a different location so that the java-7-openjdk name can be used as a symlink. - Symlink the jre/cmm directory, instead of the files inside. Closes: #639883. -- Matthias Klose Thu, 01 Sep 2011 21:08:45 +0200 openjdk-7 (7~b147-2.0~pre3-3ubuntu1) oneiric; urgency=low * Regenerate the control file. -- Matthias Klose Sun, 28 Aug 2011 23:42:18 +0200 openjdk-7 (7~b147-2.0~pre3-3) experimental; urgency=low * Merge debian packaging r485:489 from openjdk-6: - Build using GCC-4.4 on sparc and sparc64. - Enable testsuite runs in s390x. * Merge debian packaging r490 from openjdk-6: - Set plugin name for the jinfo file. Closes: #638548, - Disable the mauve testsuite on i386. - Make the installation multiarch aware. -- Matthias Klose Sun, 28 Aug 2011 20:42:54 +0200 openjdk-7 (7~b147-2.0~pre3-2) experimental; urgency=low * d/patches/jdk-no-mapfile.diff: Re-add was not merged into current (e46d527097f1) revision but latter. -- Damien Raude-Morvan Mon, 22 Aug 2011 00:11:33 +0200 openjdk-7 (7~b147-2.0~pre3-1) experimental; urgency=low * Update to IcedTea7 (20110821): - JamVM updates. - S7070134,S7044738,S7068051,S7073913: Fix random segfaults and related invalid results from loop unroll optimization. - d/patches/jdk-no-mapfile.diff: Drop, merged in icedtea7-forest. [ Matthias Klose ] * Build using GCC-4.4 on mips/mipsel. Closes: #628620. * Merge debian packaging r482:485 from openjdk-6: - Call dbus-launch --exit-with-session in testsuite. Closes: #612394. - Build for s390x using Zero. [ Damien Raude-Morvan ] * d/patches/kfreebsd-support-hotspot.diff: Add workaround to handle #637378. * d/generate-dfsg-zip.sh: Update to also handle langtools.tar.gz. Closes: #623693. -- Damien Raude-Morvan Sun, 21 Aug 2011 20:08:50 +0200 openjdk-7 (7~b147-2.0~pre2-3) experimental; urgency=low * d/patches/kfreebsd-support-hotspot.diff: Fix access to CPU registry under kfreebsd-amd64. -- Damien Raude-Morvan Sun, 07 Aug 2011 12:22:47 +0200 openjdk-7 (7~b147-2.0~pre2-2) experimental; urgency=low * d/patches/kfreebsd-support-jamvm.diff: Add support for kfreebsd-amd64. * d/patches/kfreebsd-support-hotspot.diff: Small fixes for Hotspot on kfreebsd-i386. * Split d/patches/hotspot-s390.diff and zero-missing-headers.diff. * Re-add missing changes from last upload: - patches/use-idx_t.patch: Edit upstream patch to avoid FTBFS on s390. - Makefile.{am,im}: Force bootclasspath (useful when building from openjdk-6). -- Damien Raude-Morvan Sat, 06 Aug 2011 23:50:58 +0200 openjdk-7 (7~b147-2.0~pre2-1) experimental; urgency=low * Update to icedtea7-forest snapshot (20110804): - d/patches/pr753.diff: drop, merged in icedtea7-forest. - d/patches/pr757.diff: drop, merged in icedtea7-forest. - d/patches/zero-jsr292-fixes.diff: drop, merged in icedtea7-forest. - d/patches/no-compiler-path.diff: drop, now handled correctly icedtea7's configure and openjdk's Makefile (by CC and CXX environment variables). - Updated JamVM to the 2011-08-01 revision. [ Damien Raude-Morvan ] * d/patches/zero-fpu-control-is-noop.diff: Remove ShouldNotCallThis from os_linux_zero.cpp (fix crash under i386). * d/rules: Enable support for GNU/kFreeBSD arch: - d/patches/kfreebsd-support-*: Update with latest fixes. - d/patches/kfreebsd-sync-issues.diff: hack to force some wait until we fix sync issues. - d/rules: Enable shark for GNU/kFreeBSD. * d/rules: Use DEB_HOST_ARCH_CPU for jvmarch/archdir. Thanks to Jérémie Koenig for patch. * d/patches/jexec.diff: Update for openjdk-7. * d/JB-jdk.overrides.in: Fix override for new Lintian 2.5.0 path handling. * d/icedtea-7-jre-jamvm.overrides: As for others libjvm.so, we use --strip-debug instead of --strip-unneeded. * d/source.lintian-overrides: Drop, not used anymore in openjdk-7. [ Matthias Klose ] * Merge debian packaging r472:482 from openjdk-6: - openjdk-6-jre-headless: Depend on icedtea-6-jre-jamvm, if it's the default VM. - Use gcj-4.4 as the stage1 java VM on mips and mipsel. - Make JamVM the default VM on Ubuntu oneiric/ARM. -- Matthias Klose Thu, 04 Aug 2011 11:38:01 +0200 openjdk-7 (7~b147-2.0~pre1-1) experimental; urgency=low * New b147 code drop (OpenJDK7 RC1). [ Matthias Klose ] * Fix build on sparc64. * Recognize 32bit user space on sparc. * Build shark using llvm-2.9. [ Damien Raude-Morvan ] * d/patches/zero-jsr292-fixes.diff: Fixes on Zero/Shark for JSR 292 support from Chris Phillips . * d/generate-dfsg-zip.sh: Update for OpenJDK7 as a first step to get #623693 fixed. * d/patches/kfreebsd-*: WiP patches for GNU/kFreeBSD support (not yet enabled by default). -- Matthias Klose Sun, 17 Jul 2011 16:08:51 +0200 openjdk-7 (7~b143-2.0~pre1-2) experimental; urgency=low * Upload to experimental. -- Matthias Klose Tue, 12 Jul 2011 14:30:01 +0200 openjdk-7 (7~b143-2.0~pre1-1ubuntu1) oneiric; urgency=low * Fix zero builds on non-ix86 architectures. * Fix build on sparc. * Build using jpeg8. -- Matthias Klose Tue, 12 Jul 2011 14:25:24 +0200 openjdk-7 (7~b143-2.0~pre1-1) experimental; urgency=low [ Damien Raude-Morvan ] * New b143 code drop. * Drop d/patches/7031385.diff: Merged upstream. * Drop d/patches/jamvm-oj7.patch: Merged upstream. * Manpages are now ja_JP.UTF-8 instead of ja_JP.eucJP [ Matthias Klose ] * Apply fix for IcedTea issue #753, #757. * Update s390 hotspot build fixes. * Re-enable zero on i386. -- Matthias Klose Sun, 10 Jul 2011 14:28:17 +0200 openjdk-7 (7~b136-2.0~pre1-2) experimental; urgency=low * Disable zero on i386. -- Matthias Klose Sun, 29 May 2011 12:37:03 +0200 openjdk-7 (7~b136-2.0~pre1-1ubuntu1) oneiric; urgency=low * Upload to oneiric. -- Matthias Klose Sun, 29 May 2011 07:59:01 +0200 openjdk-7 (7~b136-2.0~pre1-1) experimental; urgency=low [ Matthias Klose ] * Fix non-bootstrap builds. * Merge debian packaging r469:472 from openjdk-6. * Run jtreg tests using JamVM too. * Don't run the jtreg tests with the NSS security provider enabled. * Update JamVM to 20110528. * Re-enable the zero build, keep the shark builds disabled. [ Damien Raude-Morvan ] * Only apply jamvm-oj7.patch when jamvm build in enabled. -- Matthias Klose Sat, 28 May 2011 17:17:23 +0200 openjdk-7 (7~b136-1.14+debian1-1) experimental; urgency=low * New upstream release: Icedtea 1.14. - debian/patches/jamvm-oj7.patch: support new instruction (JVM_FindClassFromBootLoader) in JamVM. - Makefile.am: Fix some missing depends between patch and extract targets. * debian/patches/nonreparenting-wm.diff: Update. * Replace B-D on libxalan2-java by xsltproc for bootstrapping JMVTI. * Don't use GCJ_SUFFIX=4.6 for sid/wheezy/oneiric as GCJ version is not homogeneous between arch. * Enable JamVM support: - d/control: Add B-D on libtool. -- Damien Raude-Morvan Thu, 26 May 2011 23:03:56 +0200 openjdk-7 (7~b136-1.14~pre0-4) experimental; urgency=low * Re-add build dependency on fastjar. * Fix dependency on liblcms2-2. -- Matthias Klose Sun, 08 May 2011 10:21:21 +0200 openjdk-7 (7~b136-1.14~pre0-3) experimental; urgency=low * Fix liblcms dependency for -jre-headless package. -- Damien Raude-Morvan Sat, 07 May 2011 17:20:15 +0200 openjdk-7 (7~b136-1.14~pre0-2ubuntu2) oneiric; urgency=low * Re-add build dependency on fastjar. -- Matthias Klose Sun, 08 May 2011 02:51:47 +0200 openjdk-7 (7~b136-1.14~pre0-2) experimental; urgency=low * Fix build failure on i386 with GCC 4.6. -- Matthias Klose Fri, 06 May 2011 17:10:00 +0200 openjdk-7 (7~b136-1.14~pre0-1) experimental; urgency=low [ Damien Raude-Morvan ] * New b136 code drop: - d/rules: Use jaxp-1_4_5-dev1.zip as jaxp-drop-zip. - d/patches/icedtea-pretend-memory.diff: Refreshed. [ Matthias Klose ] * Fix -jre-lib dependency on -jre. Closes: #624846. * Add lcms configury. -- Matthias Klose Thu, 05 May 2011 21:08:55 +0200 openjdk-7 (7~b130-1.14~pre0-2) experimental; urgency=low * Remove obsolete conflicts. Closes: #624090. * Add copyright for the rewriter class. Addresses part of #623693. * Lower priorities for the alternatives below these of OpenJDK 6, as long as OpenJDK 7 is not yet released. * Don't build HotSpot with -Werror on architectures other than amd64 and i386. -- Matthias Klose Wed, 27 Apr 2011 23:03:45 +0200 openjdk-7 (7~b130-1.14~pre0-1) experimental; urgency=low * New b130 code drop. * Merge debian packaging r464:469 from openjdk-6. * Do not bump the epoch, package was never uploaded to any official repository. -- Matthias Klose Wed, 20 Apr 2011 21:46:32 +0200 openjdk-7 (1:7~b129-1.14~pre0-1) experimental; urgency=low * New b129 code drop. * Bump epoch to 1 and use ~ to indicate that's not openjdk-7 final relaase. -- Damien Raude-Morvan Mon, 14 Feb 2011 00:34:45 +0100 openjdk-7 (7b128-1.14~pre0-1) UNRELEASED; urgency=low * New b128 code drop. * Exclude "release" file for dh_install. -- Damien Raude-Morvan Mon, 07 Feb 2011 23:45:13 +0100 openjdk-7 (7b126-1.14~pre0-1) UNRELEASED; urgency=low * Merge debian packaging r446:464 from openjdk-6 but keep the following changes : - Replace DISABLE_PRECOMPILED_HEADER=1 by USE_PRECOMPILED_HEADER=0 - Use "ant, ant-optionnal" for all distrel - Drop "with_hotspot" variable (only one hotspot supported by IcedTea7) - Drop --enable-xrender (not supported by IcedTea7) * New b125 code drop: - d/rules: Use new archives by --with-*-src-zip * Refresh patches: - d/patches/shebang.diff: Year updated - d/patches/ld-symbolic-functions.diff and d/patches/no-compiler-path.diff: Changed corba generic Makefiles. - d/patches/default-jvm-cfg.diff and d/patches/set-exec-name.diff: Upstream merged "solaris" and "linux" java.c and java_md.c * Drop patches: - d/patches/too-many-args-ftbfs.diff (merged upstream) - d/patches/sparc.diff (merges upstream) - d/patches/hotspot-include-fixes.diff (includeDB dropped upstream) -- Damien Raude-Morvan Mon, 24 Jan 2011 00:18:38 +0100 openjdk-7 (7b106~pre1-0lucid2) lucid; urgency=low * Build for lucid. -- Matthias Klose Thu, 09 Sep 2010 15:32:13 +0200 openjdk-7 (7b106~pre1-0ubuntu2) maverick; urgency=low * Build openjdk-7 snapshot (7b106) * Symlink timezone data. * Disable shark builds, currently broken in 7b106. -- Matthias Klose Tue, 07 Sep 2010 04:56:48 +0200 openjdk-7 (7b89-1.13-0ubuntu1) maverick; urgency=low * Update to the IcedTea 1.13 release. * openjdk-7-jre: Recommend ttf-dejavu-extra. LP: #569396. -- Matthias Klose Fri, 30 Jul 2010 01:19:45 +0200 openjdk-7 (7b89~pre1-0lucid3) lucid; urgency=low * Include docs in the -doc package. LP: #600834. * Update from the IcedTea6 trunk. - Plugin and netx fixes. - Don't link the plugin against the libxul libraries. Closes: #576361. - More plugin cpu usage fixes. Closes: #584335, #587049. - Plugin: fixes AppletContext.getApplets(). * Fix Vcs-Bzr location. Closes: #530883. * Search for unversioned llvm-config tool. * Don't set XFILESEARCHPATH and NLSPATH on startup. LP: #586641. * Fix chinese font metrics and prefer using 'WenQuanYi Micro Hei' font. LP: #472845. * Strip libjvm.so with --strip-debug instead of --strip-unneeded. LP: #574997. * Fix inter-package dependencies. -- Matthias Klose Thu, 15 Jul 2010 18:12:17 +0200 openjdk-7 (7b89~pre1-0lucid1) lucid; urgency=low [ Damien Raude-Morvan ] * Merge debian packaging r403:430 from openjdk-6. * Add myself to Uploaders. * Build openjdk-7 snapshot (7b89) * Use ant+ant-optional (IcedTea7 support ant 1.8). * Merge debian packaging r431:436 from openjdk-6. [ Matthias Klose ] * Merge debian packaging r430:445 from openjdk-6. * Update debian patches to 7b89. * Reenable the two stage build. * Reenable building cacao. * Reenable building zero. -- Matthias Klose Tue, 13 Jul 2010 10:32:11 +0200 openjdk-7 (7b77-0ubuntu1~ppa1) lucid; urgency=low * Build openjdk-7 snapshot (7b77). * Merge debian packaging r391:403 from openjdk-6. -- Matthias Klose Mon, 21 Dec 2009 16:58:34 +0100 openjdk-7 (7b72-0ubuntu1~ppa1) karmic; urgency=low * Build openjdk-7 snapshot (7b72). * Merge debian packaging r371:391 from openjdk-6. * Disable the zero build for now. -- Matthias Klose Sat, 03 Oct 2009 16:35:27 +0200 openjdk-7 (7b66-0ubuntu1~ppa1) karmic; urgency=low * Build openjdk-7 snapshot (7b66). * Merge debian packaging r362:371 from openjdk-6. -- Matthias Klose Thu, 06 Aug 2009 12:40:00 +0200 openjdk-7 (7b59-0ubuntu1) karmic; urgency=low * Reenable the build of zero. * Reapply fontconfig patch. * Apply icedtea-cacao-no-mmap-first-page patch. -- Matthias Klose Fri, 29 May 2009 10:19:26 +0200 openjdk-7 (7b59-0ubuntu1~ppa1) karmic; urgency=low * Build openjdk-7 snapshot (7b59). * Merge debian packaging r205:362 from openjdk-6. -- Matthias Klose Wed, 27 May 2009 12:09:16 +0200 openjdk-7 (7b40-0ubuntu2) jaunty; urgency=low * Add build dependency on libxrender-dev. * Don't use fastjar on ia64, working around a build failure. * Add configury for shark builds. -- Matthias Klose Thu, 04 Dec 2008 16:26:15 +0100 openjdk-7 (7b40-0ubuntu1) jaunty; urgency=low * Build openjdk-7 snapshot (7b40). * Update packaging for openjdk-7. -- Matthias Klose Tue, 02 Dec 2008 14:27:03 +0100 openjdk-6 (6b22-1.10.1-0ubuntu1) natty; urgency=low * IcedTea6 1.10.1 release. -- Matthias Klose Tue, 05 Apr 2011 12:20:36 +0200 openjdk-6 (6b22-1.10.1~pre1-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Sat, 26 Mar 2011 10:43:49 +0100 openjdk-6 (6b22-1.10.1~pre1-0ubuntu1) natty; urgency=low * Update from the IcedTea6-1.10 release branch (20110325). * Add multiarch directories to the default library path. LP: #737603. -- Matthias Klose Fri, 25 Mar 2011 16:33:57 +0100 openjdk-6 (6b22-1.10-3) experimental; urgency=low * Fix JamVM build on mips/mipsel (Robert Lougher). * Re-enable the JamVM build on mips/mipsel. -- Matthias Klose Sun, 06 Mar 2011 15:01:54 +0100 openjdk-6 (6b22-1.10-2) experimental; urgency=low * Mention that IcedTea is copyrigh GPLv2 + "CLASSPATH" EXCEPTION. Closes: #611269. * Don't run the jdk checks for the alternate builds (hotspot and langtools checks are still run). * Disable the JamVM build on mips/mipsel. -- Matthias Klose Sat, 05 Mar 2011 16:13:40 +0100 openjdk-6 (6b22-1.10-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Fri, 04 Mar 2011 16:12:50 +0100 openjdk-6 (6b22-1.10-0ubuntu2) natty; urgency=low * Disable the jdk tests with the Shark, JamVM and Cacao VMs. -- Matthias Klose Fri, 04 Mar 2011 15:32:50 +0100 openjdk-6 (6b22-1.10-0ubuntu1) natty; urgency=low * IcedTea6 1.10 release. -- Matthias Klose Thu, 03 Mar 2011 09:32:19 +0100 openjdk-6 (6b21~pre3-0ubuntu1) natty; urgency=low * Update from the IcedTea6 trunk (20110224). * icedtea-6-jre-jamvm: Build JamVM as an alternative VM, start with `java -jamvm'. -- Matthias Klose Thu, 24 Feb 2011 02:45:56 +0100 openjdk-6 (6b21~pre2-0ubuntu1) natty; urgency=low * Update from the IcedTea6 trunk (20110217). * Update hotspot hs20 (not yet enabled). * Add ppc64 packaging bits. -- Matthias Klose Fri, 18 Feb 2011 15:55:41 +0100 openjdk-6 (6b21~pre1-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Sat, 22 Jan 2011 15:34:21 +0100 openjdk-6 (6b21~pre1-0ubuntu1) natty; urgency=low * Update to 6b21. -- Matthias Klose Sat, 22 Jan 2011 14:28:28 +0100 openjdk-6 (6b20-1.10~pre3-0ubuntu4) natty; urgency=low * Fix shark build on powerpc. -- Matthias Klose Fri, 24 Dec 2010 11:06:32 +0100 openjdk-6 (6b20-1.10~pre3-0ubuntu3) natty; urgency=low * Update from the IcedTea6 trunk (20101223). -- Matthias Klose Thu, 23 Dec 2010 14:27:17 +0100 openjdk-6 (6b20-1.10~pre3-0ubuntu1) natty; urgency=low * Update from the IcedTea6 trunk (20101126). * Update hotspot hs19. * Fix build failures on ia64, s390 and sparc64. -- Matthias Klose Fri, 26 Nov 2010 16:38:16 +0100 openjdk-6 (6b20-1.10~pre2-0ubuntu7~ppa1) natty; urgency=low * Reenable shark on amd64, but build using llvm-2.7. -- Matthias Klose Thu, 21 Oct 2010 23:59:30 +0200 openjdk-6 (6b20-1.10~pre2-0ubuntu5) natty; urgency=low * Don't try to set up an alternative for javaws -- Matthias Klose Thu, 21 Oct 2010 17:38:48 +0200 openjdk-6 (6b20-1.10~pre2-0ubuntu3) natty; urgency=low * Stop building zero/shark on amd64. Fails the self tests. -- Matthias Klose Thu, 21 Oct 2010 13:49:56 +0200 openjdk-6 (6b20-1.10~pre2-0ubuntu2) natty; urgency=low * Don't include OpenJDK's javaws either. * openjdk-6-jre: Recommend icedtea-netx. -- Matthias Klose Thu, 21 Oct 2010 08:34:07 +0200 openjdk-6 (6b20-1.10~pre2-0ubuntu1) natty; urgency=low * Update from the IcedTea6 trunk (20101020). * Remove the plugin and javaws from the packaging, removed upstream. -- Matthias Klose Wed, 20 Oct 2010 17:45:09 +0200 openjdk-6 (6b20-1.10~pre1-0ubuntu2) natty; urgency=low * Build with hotspot 19. -- Matthias Klose Thu, 14 Oct 2010 11:28:38 +0200 openjdk-6 (6b20-1.10~pre1-0ubuntu1) natty; urgency=low * Snapshot, taken from the IcedTea6 trunk (20101013). -- Matthias Klose Wed, 13 Oct 2010 08:36:44 +0200 openjdk-6 (6b20-1.9.2-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Wed, 24 Nov 2010 05:29:43 +0100 openjdk-6 (6b20-1.9.2-0ubuntu1) maverick-security; urgency=low * IcedTea6 1.9.2 release. - CVE-2010-3860: Fix IcedTea System property information leak via public static. * Build using Hotspot hs19. * Start metacity using dbus-launch, when running the testsuite. LP: #632594. -- Matthias Klose Sun, 21 Nov 2010 18:30:39 +0100 openjdk-6 (6b20-1.9.1-1ubuntu3) maverick-security; urgency=low * Move all japanese man pages belonging to the jre into the -jre package. Closes: #600765. * Add -jdk replaces for -jre and -jre-headless. Closes: #600809. -- Matthias Klose Wed, 20 Oct 2010 12:51:34 +0200 openjdk-6 (6b20-1.9.1-1ubuntu1) maverick-security; urgency=low * Fix upgrade to symlinked timezone data. Closes: #600359. * Move all japanese man pages belonging to the jre into the -jre package. Closes: #600765. -- Matthias Klose Mon, 18 Oct 2010 16:07:48 +0200 openjdk-6 (6b20-1.9.1-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Tue, 12 Oct 2010 15:07:35 +0200 openjdk-6 (6b20-1.9.1-0ubuntu1) maverick-security; urgency=low * IcedTea6 1.9.1 release. - Security updates: - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation. - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition. - S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities. - S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free. - S6938813, CVE-2010-3557: OpenJDK Swing mutable static. - S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak. - S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability. - S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution. - S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution. - S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies. - S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage. - S6623943: javax.swing.TimerQueue's thread occasionally fails to start. - S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host. - S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting). - S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code. - S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection. - S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts. - S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection. - S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection. - Plugin fixes. - Backports from newer IcedTea releases. -- Matthias Klose Tue, 12 Oct 2010 12:13:40 +0200 openjdk-6 (6b20-1.9-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Tue, 07 Sep 2010 21:19:21 +0200 openjdk-6 (6b20-1.9-0ubuntu1) maverick; urgency=low * IcedTea6 1.9 release. -- Matthias Klose Tue, 07 Sep 2010 18:13:20 +0200 openjdk-6 (6b20~pre2-0ubuntu2) maverick; urgency=low * Update from the IcedTea6 trunk. * Really let the build fail on armel. -- Matthias Klose Fri, 30 Jul 2010 16:55:38 +0200 openjdk-6 (6b20~pre2-0ubuntu1) maverick; urgency=high * Update from the IcedTea6 trunk. - (CVE-2010-2783): IcedTea 'Extended JNLP Services' arbitrary file access. - (CVE-2010-2548): IcedTea incomplete property access check for unsigned applications * openjdk-6-jre: Recommend ttf-dejavu-extra. LP: #569396. * Explicitely fail the build on armel. The ARM assembler interpreter is disabled and would a 3-5x performance regression compared to the current 6b18 armel binaries in the archive. -- Matthias Klose Thu, 29 Jul 2010 00:10:53 +0200 openjdk-6 (6b20~pre1-2) experimental; urgency=low * Upload to experimental. -- Matthias Klose Thu, 15 Jul 2010 13:55:02 +0200 openjdk-6 (6b20~pre1-1ubuntu1) maverick; urgency=low * Include docs in the -doc package. LP: #600834. * Update from the IcedTea6 trunk. - Plugin and netx fixes. - Don't link the plugin against the libxul libraries. Closes: #576361. - More plugin cpu usage fixes. Closes: #584335, #587049. - Plugin: fixes AppletContext.getApplets(). * Fix Vcs-Bzr location. Closes: #530883. * Search for unversioned llvm-config tool. * Don't set XFILESEARCHPATH and NLSPATH on startup. LP: #586641. * Fix chinese font metrics and prefer using 'WenQuanYi Micro Hei' font. LP: #472845. * Strip libjvm.so with --strip-debug instead of --strip-unneeded. LP: #574997. -- Matthias Klose Thu, 15 Jul 2010 12:40:10 +0200 openjdk-6 (6b20~pre1-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Mon, 28 Jun 2010 00:50:58 +0200 openjdk-6 (6b20~pre1-0ubuntu2) maverick; urgency=low * Shark & CACAO build fixes. -- Matthias Klose Fri, 25 Jun 2010 02:27:10 +0200 openjdk-6 (6b20~pre1-0ubuntu1) maverick; urgency=low * Update to 6b20 code drop. -- Matthias Klose Wed, 14 Apr 2010 02:53:37 +0200 openjdk-6 (6b18-1.8-4) unstable; urgency=low * Update from the 1.8 branch. - Plugin and netx fixes. - Don't link the plugin against the libxul libraries. Closes: #576361. - More plugin cpu usage fixes. Closes: #584335, #587049. - Plugin: fixes AppletContext.getApplets(). - Fix race conditions in plugin initialization code that were causing hangs when loading multiple applets in parallel. * Fix Vcs-Bzr location. Closes: #530883. * Search for unversioned llvm-config tool. * Don't set XFILESEARCHPATH and NLSPATH on startup. LP: #586641. * Fix chinese font metrics and prefer using 'WenQuanYi Micro Hei' font. LP: #472845. * Strip libjvm.so with --strip-debug instead of --strip-unneeded. LP: #574997. * Don't turn on the ARM assembler interpreter when building the shark VM. -- Matthias Klose Thu, 15 Jul 2010 00:40:13 +0200 openjdk-6 (6b18-1.8-3) unstable; urgency=low * Update from the 1.8 branch. - Plugin fixes. LP: #597714. * Add powerpcspe build fixes (Sebastian Andrzej Siewior). Closes: #586359. * Work around build failure on buildds configured with low ARG_MAX (Giovanni Mascellani). Closes: #575254. -- Matthias Klose Sun, 27 Jun 2010 10:16:27 +0200 openjdk-6 (6b18-1.8-2ubuntu3) maverick; urgency=low * Update from the 1.8 branch. - Plugin fixes. LP: #597714. * Add powerpcspe build fixes (Sebastian Andrzej Siewior). Closes: #586359. * Work around build failure on buildds configured with low ARG_MAX (Giovanni Mascellani). Closes: #575254. -- Matthias Klose Sun, 27 Jun 2010 10:16:27 +0200 openjdk-6 (6b18-1.8-2ubuntu2) maverick; urgency=low * Search for unversioned llvm-config tool. -- Matthias Klose Sun, 02 May 2010 12:03:01 +0200 openjdk-6 (6b18-1.8-2ubuntu1) maverick; urgency=low * Upload to maverick. -- Matthias Klose Sun, 02 May 2010 11:23:16 +0200 openjdk-6 (6b18-1.8-2) unstable; urgency=low * Update from the 1.8 branch. - Fix build on Hitachi SH. Closes: #575346. - Shark and Zero fixes. * Build shark using llvm-2.7. * Don't use shark to run the test harness when testing the shark build. * README.Debian: Add paragraph about debugging the IcedTea NPPlugin. -- Matthias Klose Sat, 01 May 2010 12:35:19 +0200 openjdk-6 (6b18-1.8-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Wed, 14 Apr 2010 02:53:37 +0200 openjdk-6 (6b18-1.8-0ubuntu1) lucid; urgency=low * Update IcedTea6 to the icedtea6-1.8 release. * Fix builds on Ubuntu/dapper and Debian/lenny. * On hppa, configure --without-rhino --disable-plugin. * Fix Hitachi SH configury. Closes: #575346. * Start a window manager when running the tests. Prefer metacity, as more tests pass with it. * Let XToolkit.isTraySupported() return true, if Compiz is running. Works around sun#6438179. LP: #300948. * Make /jre/lib/security/nss.cfg a config file. * Fail in the configuration of the packages, if /proc is not mounted. java currently uses tricks to find its own shared libraries depending on the path of the binary. Will be changed in OpenJDK7. Closes: #576453. * Fix PR icedtea/469, testsuite failures with the NSS based security provider. LP: #556549. * Do not pass LD_LIBRARY_PATH from the plugin to the java process. While libnss3.so gets loaded from /usr/lib, the dependent libraries are loaded from MOZILLA_FIVE_HOME (See #561216 for the wrong firefox config). LP: #561124. Closes as well: LP: #551328, #554909, #560829, #549010, #553452. * Always build shark with hs14. -- Matthias Klose Wed, 14 Apr 2010 01:53:33 +0200 openjdk-6 (6b18~pre4-1ubuntu1) lucid; urgency=low * Build-depend on xulrunner-1.9.2-dev instead of xulrunner-dev, unexpectedly demoted to universe. * icedtea6-plugin: Hardcode dependency on xulrunner-1.9.2. No way to do better? See #552780. * Fix builds on Ubuntu hardy. -- Matthias Klose Wed, 31 Mar 2010 22:21:49 +0200 openjdk-6 (6b18~pre4-1) unstable; urgency=high * Upload to unstable. -- Matthias Klose Wed, 31 Mar 2010 16:35:18 +0200 openjdk-6 (6b18~pre4-0ubuntu2) lucid; urgency=low * Fix typo in NPPlugin code. LP: #552287. -- Matthias Klose Wed, 31 Mar 2010 10:41:11 +0200 openjdk-6 (6b18~pre4-0ubuntu1) lucid; urgency=low [ Matthias Klose ] * Update IcedTea6 form the 1.8 branch. * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299). - (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807). - (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653). - (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217). - (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) [ZDI-CAN-603]. - (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390). - (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703). - (CVE-2010-0088): Inflater/Deflater clone issues (6745393). - (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains (6633872). - (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149). - (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) [ZDI-CAN-588]. - (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265). - (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691). - (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823). - (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866). - (CVE-2009-3555): TLS: MITM attacks via session renegotiation. - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups. - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly. encoded CommonName OIDs. - 6910590: Application can modify command array in ProcessBuilder. - 6909597: JPEGImageReader stepX Integer Overflow Vulnerability. - 6932480: Crash in CompilerThread/Parser. Unloaded array klass? - 6898739: TLS renegotiation issue. [ Torsten Werner ] * Switch off IPV6_V6ONLY for IN6_IS_ADDR_UNSPECIFIED addresses, too. (Closes: #575163) -- Matthias Klose Wed, 31 Mar 2010 02:34:04 +0200 openjdk-6 (6b18~pre3-1) unstable; urgency=low [ Matthias Klose ] * Update IcedTea build infrastructure (20100321). * Update support for SH4 (Nobuhiro Iwamatsu). * Handle renaming of the plugin name. [ Torsten Werner ] * Improve patch for IPv4 mapped IPv6 addresses even more. (Closes: #573742) -- Matthias Klose Sun, 21 Mar 2010 22:52:12 +0100 openjdk-6 (6b18~pre2-1ubuntu2) lucid; urgency=low * Fix build failure on ARM. -- Matthias Klose Fri, 12 Mar 2010 15:19:13 +0100 openjdk-6 (6b18~pre2-1ubuntu1) lucid; urgency=low * Upload to lucid. -- Matthias Klose Wed, 10 Mar 2010 23:34:57 +0100 openjdk-6 (6b18~pre2-1) unstable; urgency=low * Update IcedTea build infrastructure (20100310). * Disable building the plugin the plugin on alpha (borked xulrunner packaging using binary indep packages). * Use a two stage build on alpha. * Add note about the reparenting WM workaround. Closes: #573026. * Prefer Sazanami instead of Kochi for Japanese fonts (Hideki Yamane). Closes: #572511. * openjdk-6-doc: Don't compress package-list files. Closes: #567899. -- Matthias Klose Wed, 10 Mar 2010 11:19:19 +0100 openjdk-6 (6b18~pre1-4) unstable; urgency=low * Improve patch for IPv4 mapped IPv6 addresses. -- Torsten Werner Sun, 07 Mar 2010 01:14:36 +0100 openjdk-6 (6b18~pre1-3) unstable; urgency=low * Add a patch for improved handling of IPv4 mapped IPv6 addresses. (Closes: #560056, #561930, #563699, #563946) -- Torsten Werner Tue, 02 Mar 2010 23:46:57 +0100 openjdk-6 (6b18~pre1-2) unstable; urgency=low * Change Build-Depends: ant1.7-optional because of a bus error in gij. -- Torsten Werner Mon, 01 Mar 2010 07:17:16 +0100 openjdk-6 (6b18~pre1-1ubuntu1) lucid; urgency=low * Ignore error code running ant -diagnostics. * Build-depend on ant-optional. * Disable the cacao build on armel, fails to build with the non bootstrap build. -- Matthias Klose Sat, 20 Feb 2010 15:36:06 +0100 openjdk-6 (6b18~pre1-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Fri, 19 Feb 2010 21:52:32 +0100 openjdk-6 (6b18~pre1-0ubuntu1) lucid; urgency=low * New Openjdk6 b18 source code drop. * Use mangled copy of rhino. Closes: #512970. LP: #255149. -- Matthias Klose Fri, 19 Feb 2010 18:17:23 +0100 openjdk-6 (6b17-1.7-1ubuntu1) lucid; urgency=low * ARM Thumb2 updates. * Test build using Hotspt hs14 on ix86. -- Matthias Klose Sun, 31 Jan 2010 21:56:59 +0100 openjdk-6 (6b18~pre1-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Fri, 19 Feb 2010 21:52:32 +0100 openjdk-6 (6b18~pre1-0ubuntu1) lucid; urgency=low * New Openjdk6 b18 source code drop. * Use mangled copy of rhino. Closes: #512970. LP: #255149. -- Matthias Klose Fri, 19 Feb 2010 18:17:23 +0100 openjdk-6 (6b17-1.7-1ubuntu1) lucid; urgency=low * ARM Thumb2 updates. * Test build using Hotspt hs14 on ix86. -- Matthias Klose Sun, 31 Jan 2010 21:56:59 +0100 openjdk-6 (6b17-1.7-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Wed, 27 Jan 2010 23:44:47 +0100 openjdk-6 (6b17-1.7-0ubuntu1) lucid; urgency=low * IcedTea6 1.7 release. * Don't try to load libjpeg7; still building with libjpeg62. Closes: #563999. * Run the testsuite on sh4. * Ubuntu only: Implement an execute bit checker for the Non-Exec Policy - debian/JB-java.desktop.in: update mime handler to use new launcher. * armel: Apply the thumb2 patches from the trunk, plus proposed patches for the trunk. -- Matthias Klose Wed, 27 Jan 2010 22:48:24 +0100 openjdk-6 (6b17-0ubuntu1) lucid; urgency=low * Build from the IcedTea6-1.7 branch. * Don't build the plugin on sparc64. * Enable the NPPlugin. * Add support for SH4 (Nobuhiro Iwamatsu). * Fix crash in the ARM assembler interpreter (Edward Nevill). -- Matthias Klose Wed, 06 Jan 2010 15:52:50 +0100 openjdk-6 (6b17~pre3-1ubuntu2) lucid; urgency=low * Update IcedTea build infrastructure (20091224). * Explicitely build-depend on x11-xkb-utils (xkbcomp is needed by xvfb-run). -- Matthias Klose Thu, 24 Dec 2009 12:43:00 +0100 openjdk-6 (6b17~pre3-1ubuntu1) lucid; urgency=low * Upload to lucid. -- Matthias Klose Fri, 18 Dec 2009 10:40:05 +0100 openjdk-6 (6b17~pre3-1) unstable; urgency=low * Update IcedTea build infrastructure (20091218). * Install docs into the openjdk-6-jre-headless directory instead of openjdk-6-jre. -- Matthias Klose Fri, 18 Dec 2009 10:00:08 +0100 openjdk-6 (6b17~pre2-1ubuntu1) lucid; urgency=low * Update IcedTea build infrastructure (20091215). * Fix cacao build on armel with current optimization defaults. -- Matthias Klose Tue, 15 Dec 2009 16:41:12 +0100 openjdk-6 (6b17~pre2-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Mon, 09 Nov 2009 21:50:52 +0100 openjdk-6 (6b17~pre2-0ubuntu3) lucid; urgency=low * Security updates: - (CVE-2009-3728) ICC_Profile file existence detection information leak (6631533). - (CVE-2009-3885) BMP parsing DoS with UNC ICC links (6632445). - (CVE-2009-3881) resurrected classloaders can still have children (6636650). - (CVE-2009-3882) Numerous static security flaws in Swing (findbugs) (6657026). - (CVE-2009-3883) Mutable statics in Windows PL&F (findbugs) (6657138). - (CVE-2009-3880) UI logging information leakage (6664512). - (CVE-2009-3879) GraphicsConfiguration information leak (6822057). - (CVE-2009-3884) zoneinfo file existence information leak (6824265). - (CVE-2009-2409) deprecate MD2 in SSL cert validation (Kaminsky) (6861062). - (CVE-2009-3873) JPEG Image Writer quantization problem (6862968). - (CVE-2009-3875) MessageDigest.isEqual introduces timing attack vulnerabilities (6863503). - (CVE-2009-3876, CVE-2009-3877) OpenJDK ASN.1/DER input stream parser denial of service (6864911). - (CVE-2009-3869) JRE AWT setDifflCM stack overflow (6872357). - (CVE-2009-3874) ImageI/O JPEG heap overflow (6874643. - (CVE-2009-3871) JRE AWT setBytePixels heap overflow (6872358). * Update IcedTea build infrastructure (20091109). * Use hs16 on armel. -- Matthias Klose Mon, 09 Nov 2009 17:48:43 +0100 openjdk-6 (6b17~pre2-0ubuntu2) lucid; urgency=low * Don't use hs16 on armel and sparc. -- Matthias Klose Mon, 02 Nov 2009 15:33:00 +0100 openjdk-6 (6b17~pre2-0ubuntu1) lucid; urgency=low * New code drop (b17). * Bump hotspot to hs16. * Update IcedTea build infrastructure (20091031). * Set priority of default -jre and -jdk packages to optional. * Fix binary-all to binary-any dependencies. Closes: #550680. -- Matthias Klose Sat, 31 Oct 2009 19:30:54 +0100 openjdk-6 (6b16-1.6.1-2) unstable; urgency=medium * Build-depend on xulrunner-dev (>= 1.9.1.3-3). -- Matthias Klose Sun, 11 Oct 2009 21:34:48 +0200 openjdk-6 (6b16-1.6.1-1ubuntu3) karmic; urgency=low [Matthias Klose] * On armel and powerpc, build an additional VM using shark in the openjdk-6-jre-zero package (java -shark ). Requires llvm-2.6. * Hide the desktop menu entry for WebStart. LP: #222180. * Don't provide java-virtual-machine anymore. [Edward Nevill] * Avoid stack overflows in the arm interpreter. -- Matthias Klose Thu, 08 Oct 2009 12:41:46 +0200 openjdk-6 (6b16-1.6.1-1ubuntu2) karmic; urgency=low * Support PKCS11 cryptography via NSS, now allowing import of all certificates from ca-certificates. * Remove Michael Koch from uploaders, request by himself. * Add the doc dir symlink for openjdk-6-jre-zero when the package is built with shark support. -- Matthias Klose Mon, 28 Sep 2009 21:55:08 +0200 openjdk-6 (6b16-1.6.1-1ubuntu1) karmic; urgency=low * Fix dependency on the java bridge packages. * debian/rules: Conditionalize stuff so that the recent release is never mentioned. * Remove obsolete patches in debian/patches. * Rebuild on armel to fix up libffi for the soft float abi. * For jaunty builds, fix IcedTeaPlugin failure to start with xulrunner 1.9.1 (LP: #359407). - debian/patches/icedtea-plugin-use-runtime-nsIProcess-IID.diff: Add. - debian/rules: Apply it for jaunty builds. * Use pulseaudio as default serviceprovider for javax.sound.midi.MidiSystem and javax.sound.sampled.AudioSystem. LP: #407299. -- Matthias Klose Sat, 26 Sep 2009 16:01:48 +0200 openjdk-6 (6b16-1.6.1-1) unstable; urgency=low * Upload to Debian unstable. -- Matthias Klose Tue, 15 Sep 2009 02:17:03 +0200 openjdk-6 (6b16-1.6.1-0ubuntu1) karmic; urgency=low * Update IcedTea6 to the 1.6.1 release. * Work around GCC PR target/41327, build the JDK on s390 with -O2. -- Matthias Klose Thu, 10 Sep 2009 01:55:08 +0200 openjdk-6 (6b16-1.6-1) unstable; urgency=low * Update IcedTea6 to the 1.6 release. * Fix GCC build dependencies. -- Matthias Klose Wed, 09 Sep 2009 22:18:38 +0200 openjdk-6 (6b16-1.6~pre2-1) unstable; urgency=low * Upload to unstable. -- Matthias Klose Fri, 28 Aug 2009 19:04:31 +0200 openjdk-6 (6b16-1.6~pre2-0ubuntu1) karmic; urgency=low * Update IcedTea from the 1.6 release branch: - Fix buffer overflow in debugger's socket handler (Kees Cook). https://bugs.openjdk.java.net/show_bug.cgi?id=100103. LP: #409736. - plugin fixes. * Move the pulseaudio recommendation to a suggestion, don't build-depend on pulseaudio. Closes: #539394. LP: #361408. * Build for armv6 (on armel). [ Kees Cook ] * debian/rules: Re-enable fortification and stack protector (LP: #330713). * Adding stack markings to the x86 assembly for not using executable stack. LP: #419018. -- Matthias Klose Fri, 28 Aug 2009 18:51:34 +0200 openjdk-6 (6b16-1.6~pre1-0ubuntu1) karmic; urgency=low * Test build (icedtea6-1.6 release branch). -- Matthias Klose Fri, 21 Aug 2009 19:44:42 +0200 openjdk-6 (6b16~pre5-0ubuntu2) karmic; urgency=low * Add explicit build dependency on libgtk2.0-dev. -- Matthias Klose Thu, 06 Aug 2009 11:39:14 +0200 openjdk-6 (6b16~pre5-0ubuntu1) karmic; urgency=low * Bump hotspot to hs14b16. * Update IcedTea build infrastructure (20090805). * patches/java-access-bridge-security.patch: Update. * Build-depend on xulrunner-dev instead of xulrunner-1.9-dev on karmic. * Don't recommend the jck fonts anymore, just suggest them; the appropriate fonts are installed as dependencies of the language packs. -- Matthias Klose Thu, 06 Aug 2009 10:27:09 +0200 openjdk-6 (6b16~pre4-0ubuntu7) karmic; urgency=low * Build using GCC-4.4 on sparc as well, require 4.4.1. -- Matthias Klose Thu, 23 Jul 2009 18:23:14 +0200 openjdk-6 (6b16~pre4-0ubuntu6) karmic; urgency=low * Fix build failure building the zero VM. -- Matthias Klose Thu, 16 Jul 2009 09:49:36 -0400 openjdk-6 (6b16~pre4-0ubuntu5) karmic; urgency=low [Matthias Klose] * Update IcedTea build infrastructure (20090715). * Tighten build dependency on llvm-dev. [Edward Nevill] * Add armv4 compatibility. -- Matthias Klose Wed, 15 Jul 2009 15:40:44 -0400 openjdk-6 (6b16~pre4-0ubuntu4) karmic; urgency=low [Edward Nevill] * Added Bytecode Interpreter Generator. * Added ARM templates for above. * Removed old optimised ARM assebler. * Added -g0 because of problems with ld linking -g. * Changed alignment to 64 now that as bug is fixed. [Matthias Klose] * Update IcedTea build infrastructure (20090710). * Let the -jre package depend on the access-bridge package, not the -jre-headless package. LP: #395074. * Suggested by Ed Nevill: - Pass -timeout:3 when running the jtreg testsuite on zero architectures. - Pass -Xmx256M -vmoption:-Xmx256M on armel for the jtreg testsuite run. * Tighten build dependency on llvm-dev. -- Matthias Klose Fri, 03 Jul 2009 18:32:50 +0200 openjdk-6 (6b16~pre4-0ubuntu3) karmic; urgency=low * Update zero-port-opt patch on armel. -- Matthias Klose Wed, 24 Jun 2009 10:48:48 +0200 openjdk-6 (6b16~pre4-0ubuntu2) karmic; urgency=low * Update IcedTea build infrastructure (20090623). * Reapply the zero-port-opt patch on armel. * Do not use the IPA Mona font family by default. Closes: #521233. * Build cacao with -fno-strict-aliasing. -- Matthias Klose Tue, 23 Jun 2009 16:23:38 +0200 openjdk-6 (6b16-4) unstable; urgency=medium * Build the zero binary package when building with shark. * Build-depend on cpio. Closes: #532963. -- Matthias Klose Tue, 16 Jun 2009 07:52:19 +0200 openjdk-6 (6b16-3) unstable; urgency=low * Update IcedTea build infrastructure (20090612). * Install the libaccess-bridge-java* symlinks again. * Build zero on ix86 architectures with JIT support (shark). To use the zero build without shark, use the `-Xint' option to operate in interpreted-only mode. -- Matthias Klose Fri, 12 Jun 2009 17:31:34 +0200 openjdk-6 (6b16-2) unstable; urgency=low * Don't install libaccess-bridge-java* symlinks until libaccess-bridge-java-jni is available on all architectures. * Add missing build dependency on cacao-source. -- Matthias Klose Mon, 18 May 2009 14:02:59 +0200 openjdk-6 (6b16-1) unstable; urgency=low * Upload to unstable, based in 6b16 and IcedTea 1.5. -- Matthias Klose Sun, 17 May 2009 23:02:46 +0200 openjdk-6 (6b16~pre3-0ubuntu1) karmic; urgency=low * Update to hotspot hs14b15. * Provide symlink for libjava-access-bridge-jni.so. LP: #375347. -- Matthias Klose Fri, 15 May 2009 00:41:24 +0200 openjdk-6 (6b16~pre2-0ubuntu3) karmic; urgency=low * Update IcedTea build infrastructure (20090513). * Fix build failure when xvfb-run doesn't work, trying to access a non-existing directory. -- Matthias Klose Wed, 13 May 2009 23:01:23 +0200 openjdk-6 (6b16~pre2-0ubuntu2) karmic; urgency=low * Add libffi-dev as architecture independent build dependency. -- Matthias Klose Mon, 11 May 2009 08:41:42 +0200 openjdk-6 (6b16~pre2-0ubuntu1) karmic; urgency=low * Update to re-tagged code drop (b16). * Update IcedTea build infrastructure (20090510). * Remove patches integrated in IcedTea. * Remove GCJ Web Plugin support. * Remove build infrastructure to build additional VM's, integrated in IcedTea. * Stop building the openjdk-6-source-files package. * README.Debian: Document using the different VM's. * Use GCC-4.3 on sparc, ICE with GCC-4.4. * Fix problem with the ARM assembler interpreter, when executing a 'new' bytecode with a double on the top of the stack (Edward Nevill). * Run the testsuite for the zero build on ix86 architectures. -- Matthias Klose Sun, 10 May 2009 23:37:42 +0200 openjdk-6 (6b16~pre1-0ubuntu1) karmic; urgency=low * New code drop (b16). * Update IcedTea build infrastructure (20090429). * Merge changes from 6b14-1.4.1. * Fix section names (using the java section). * Remove all UTF-8 sequence definitions from the font configuration. -- Matthias Klose Wed, 29 Apr 2009 11:33:07 +0200 openjdk-6 (6b14-1.4.1-0ubuntu9) jaunty; urgency=low * Reenable the testsuite (revert the change in last upload). * Apply fix for the ARM bytecode interpreter (Edward Nevill). -- Matthias Klose Sat, 18 Apr 2009 11:24:27 +0200 openjdk-6 (6b14-1.4.1-0ubuntu7) jaunty; urgency=low * Don't use some indian fonts with diverging font metrics for the latin-1.UTF-8 encoding. LP: #289784. * Disable running the testsuite for this build (no code changes compared to the previous upload). -- Matthias Klose Tue, 14 Apr 2009 11:46:25 +0200 openjdk-6 (6b14-1.4.1-0ubuntu6) jaunty; urgency=low * Fix native2ascii jdk test case, which let the jdk testsuite fail. -- Matthias Klose Fri, 10 Apr 2009 11:58:44 +0200 openjdk-6 (6b14-1.4.1-0ubuntu5) jaunty; urgency=low [Matthias Klose] * Update to the final CACAO 0.99.4 release. * Security Vulnerability Fixes for OpenJDK: - 6522586: Enforce limits on Font creation. - 6536193: flaw in UTF8XmlOutput. - 6610888: Potential use of cleared of incorrect acc in JMX Monitor. - 6610896: JMX Monitor handles thread groups incorrectly. - 6630639: lightweight HttpServer leaks file descriptors on no-data connections. - 6632886: Font.createFont can be persuaded to leak temporary files. - 6636360: compiler/6595044/Main.java test fails with 64bit java on solaris-sparcv9 with SIGSEGV. - 6652463: MediaSize constructors allow to redefine the mapping of standard MediaSizeName values. - 6652929: Font.createFont(int,File) trusts File.getPath. - 6656633: getNotificationInfo methods static mutable (findbugs). - 6658158: Mutable statics in SAAJ (findbugs). - 6658163: txw2.DatatypeWriter.BUILDIN is a mutable static (findbugs). - 6691246: Thread context class loader can be set using JMX remote ClientNotifForwarded. - 6717680: LdapCtx does not close the connection if initialization fails. - 6721651: Security problem with out-of-the-box management. - 6737315: LDAP serialized data vulnerability. - 6792554: Java JAR Pack200 header checks are insufficent. - 6804996: JWS PNG Decoding Integer Overflow [V-flrhat2ln8]. - 6804997: JWS GIF Decoding Heap Corruption [V-r687oxuocp]. - 6804998: JRE GIF Decoding Heap Corruption [V-y6g5jlm8e1]. * Add security patch for the lcms library. * Add accessibility patches java-access-bridge-security.patch and accessible-toolkit.patch. * Merge fixes for testsuite failures from the IcedTea6 branch. * Merge the proxy support for the plugin from the IcedTea6 branch. * Merge http://icedtea.classpath.org/hg/release/icedtea6-1.4.1/rev/546ef0cdee06 (TJ). LP: #344705. * Add a Xb-Npp-Description for the IcedTea plugin. LP: #272010. [Edward Nevill] * Put VFP back in - selects VFP / novfp autmatically * More assembler optimisations -- Matthias Klose Thu, 09 Apr 2009 14:14:12 +0200 openjdk-6 (6b14-1.4.1-0ubuntu4) jaunty; urgency=low * Disable the additional zero JVM on sparc. * patches/hotspot/default/icedtea-includedb.patch: Add missing include in openjdk/hotspot/src/share/vm/includeDB_core. * Fix build failure of the zero VM on lpia with a fixed GCC. -- Matthias Klose Fri, 13 Mar 2009 16:39:27 +0100 openjdk-6 (6b14-1.4.1-0ubuntu3) jaunty; urgency=low * Build the Zero/Shark VM as an additional JVM (call as `java -zero'). -- Matthias Klose Sat, 07 Mar 2009 20:54:28 +0100 openjdk-6 (6b14-1.4.1-0ubuntu2) jaunty; urgency=low * Fix zero-port-opt patching (build failure on armel). -- Matthias Klose Thu, 05 Mar 2009 18:19:18 +0100 openjdk-6 (6b14-1.4.1-0ubuntu1) jaunty; urgency=low * Update IcedTea to the 1.4.1 release. * Build the Cacao VM as an additional JVM (call as `java -cacao'). * Build in separate build directory. -- Matthias Klose Thu, 05 Mar 2009 15:16:02 +0100 openjdk-6 (6b14-1.5~pre1-5) unstable; urgency=low * Fix build failure on armel. * Require the final cacao-0.99.4 release. * Add /usr/lib/jni to the library path. Closes: #517338. -- Matthias Klose Tue, 17 Mar 2009 09:37:20 +0100 openjdk-6 (6b14-1.5~pre1-4) unstable; urgency=low * Disable the additional zero JVM on sparc. * Fix casts in hotspot on s390. Closes: #518823. * Add special flags for javac on s390 to work around a VM problem with bad code generation during inlining. * Run the testsuites for the default VM on all architectures. * Update IcedTea (20090314). -- Matthias Klose Sat, 14 Mar 2009 18:29:49 +0100 openjdk-6 (6b14-1.5~pre1-3) unstable; urgency=low * Don't configure the additional zero JVM with --enable-shark, currently fails to build. * Don't build the JDK when building the additional zero JVM. -- Matthias Klose Sat, 07 Mar 2009 21:11:16 +0100 openjdk-6 (6b14-1.5~pre1-2) experimental; urgency=low * Build the Zero/Shark VM as an additional JVM (call as `java -zero'). -- Matthias Klose Fri, 06 Mar 2009 11:16:07 +0100 openjdk-6 (6b14-1.5~pre1-0ubuntu1) jaunty; urgency=low * Update hotspot to 14.0-b10. * Update IcedTea (20090305). * Build the Cacao VM as an additional JVM (call as `java -cacao'). * Build in separate build directory. -- Matthias Klose Thu, 05 Mar 2009 15:16:02 +0100 openjdk-6 (6b14-0ubuntu17) jaunty; urgency=low [ Edward Nevill ] * Remove VFP from asm loop * Disble the mauve testsuite for armel. [Matthias Klose] * Update IcedTea (20090302). -- Matthias Klose Mon, 02 Mar 2009 16:18:01 +0100 openjdk-6 (6b14-0ubuntu16) jaunty; urgency=low * Regenerate auto files. -- Matthias Klose Wed, 18 Feb 2009 15:20:10 +0100 openjdk-6 (6b14-0ubuntu15) jaunty; urgency=low [ Edward Nevill ] * Added ARM assembler interpreter loop * mauve and jtreg removed again for alpha release [Matthias Klose] * Update IcedTea (20090218). -- Matthias Klose Wed, 18 Feb 2009 13:35:02 +0100 openjdk-6 (6b14-0ubuntu14) jaunty; urgency=low * Configure with --disable-nio2 on armel as well. -- Matthias Klose Fri, 13 Feb 2009 10:13:55 +0100 openjdk-6 (6b14-0ubuntu13) jaunty; urgency=low * Really configure with --disable-nio2. -- Matthias Klose Thu, 12 Feb 2009 17:26:43 +0100 openjdk-6 (6b14-0ubuntu12) jaunty; urgency=low * Configure with --disable-nio2. * Run mauve and jtreg testsuites on armel. -- Matthias Klose Wed, 11 Feb 2009 13:00:15 +0100 openjdk-6 (6b14-0ubuntu11) jaunty; urgency=low [Edward Nevill] * Performance improvements for the zero build (currently applied on armel only). [Matthias Klose] * Update IcedTea (20090210). -- Matthias Klose Tue, 10 Feb 2009 15:29:22 +0100 openjdk-6 (6b14-0ubuntu10) jaunty; urgency=low * Explicitely remove PulseAudioMuteControl.java. -- Matthias Klose Mon, 26 Jan 2009 22:09:21 +0100 openjdk-6 (6b14-0ubuntu9.1) jaunty; urgency=low * Test build. -- Matthias Klose Sun, 25 Jan 2009 17:03:51 +0100 openjdk-6 (6b14-0ubuntu9) jaunty; urgency=low * Update IcedTea build infrastructure (20090125). * Run the jtreg testsuite for cacao builds, save all test logs. -- Matthias Klose Sun, 25 Jan 2009 15:40:52 +0100 openjdk-6 (6b14-0ubuntu8) jaunty; urgency=low * Fix merge error, don't apply patches twice. -- Matthias Klose Mon, 19 Jan 2009 01:15:19 +0100 openjdk-6 (6b14-0ubuntu7) jaunty; urgency=low * debian/rules: Call dh_desktop. LP: #309999. * Add dependency on libjpeg62 for the -headless package. LP: #318383. * Test some jtreg tests which fail in samevm mode in a separate VM. * Build all with -fno-stack-protector -U_FORTIFY_SOURCE. * Include jtr files of failed tests in the -jdk package. -- Matthias Klose Mon, 19 Jan 2009 00:23:22 +0100 openjdk-6 (6b14-0ubuntu6) jaunty; urgency=low * The -source package now contains all source files. Closes: #504568. * The 6b14 build fixes the following security related issues (sun bug number, CVE, description): - 6588160, CVE-2008-5348: jaas krb5 client leaks OS-level UDP sockets. - 6497740, CVE-2009-5349: Limit the size of RSA public keys. - 6484091, CVE-2008-5350: FileSystemView leaks directory info. - 4486841, CVE-2008-5351: UTF-8 decoder needed adhere to Unicode 3.0.1 fixes. - 6755943, CVE-2008-5352: JAR decompression should enforce stricter header checks. - 6734167, CVE-2008-5353: Calendar.readObject allows elevation of privileges. - 6733959, CVE-2008-5354: Insufficient checks for "Main-Class" manifest entry in JAR files - 6751322, CVE-2008-5356: Sun Java JRE TrueType Font Parsing Heap Overflow. - 6733336, CVE-2008-5357: Crash on malformed font. - 6766136, CVE-2008-5358: corrupted gif image may cause crash in java splashscreen library. - 6726779, CVE-2008-5359: ConvolveOp on USHORT raster can cause the JVM crash. - 6721753, CVE-2008-5360: File.createTempFile produces guessable file names. - 6592792: Add com.sun.xml.internal to the "package.access" property in $JAVA_HOME/lib/security/java.security. * Regenerate the control file. -- Matthias Klose Tue, 13 Jan 2009 15:04:36 +0100 openjdk-6 (6b14-0ubuntu2~ppa1) intrepid; urgency=low * Upload to the OpenJDK PPA for intrepid. -- Matthias Klose Tue, 13 Jan 2009 13:28:38 +0100 openjdk-6 (6b14-0ubuntu5) jaunty; urgency=low * Update IcedTea build infrastructure (20090113). * Rebuild with updated nss/nspr packages. * Update debug patches. * debian/patches/nonreparenting-wm.diff: If the _JAVA_AWT_WM_NONREPARENTING environment variable is set, disable all workarounds causing blank windows in non-reparentizing window managers (Bernhard R. Link). Closes: #508650. * Fix location of plugin for Debian. Closes: #505726. * Let the -jdk package provide java-compiler. Closes: #507641. -- Matthias Klose Tue, 13 Jan 2009 10:18:44 +0100 openjdk-6 (6b14-0ubuntu4) jaunty; urgency=low * Use a default jvm.cfg not only for java, but for all jdk tools. LP: #288616. * Update IcedTea build infrastructure (20081223). -- Matthias Klose Tue, 23 Dec 2008 09:24:23 +0100 openjdk-6 (6b14-0ubuntu3) jaunty; urgency=low * Update IcedTea build infrastructure (20081217). * Add support for PARISC. * Use a default jvm.cfg if the jvm.cfg doesn't yet exist after unpacking the runtime package. LP: #288616. -- Matthias Klose Wed, 17 Dec 2008 09:58:26 +0100 openjdk-6 (6b14~pre1-0ubuntu2) jaunty; urgency=low * Install hotspot tarball in -source-files package. * Fix build failure on sparc. -- Matthias Klose Fri, 05 Dec 2008 09:43:51 +0100 openjdk-6 (6b14~pre1-0ubuntu1) jaunty; urgency=low * New code drop (b14). * Update IcedTea build infrastructure (20081204). -- Matthias Klose Thu, 04 Dec 2008 11:40:56 +0100 openjdk-6 (6b13~pre2-0ubuntu2) jaunty; urgency=low * Update IcedTea build infrastructure (20081203). - Fix build failures on zero based architectures. * Add build dependency on libxrender-dev. * Don't use fastjar on ia64, working around a build failure. -- Matthias Klose Wed, 03 Dec 2008 18:43:23 +0100 openjdk-6 (6b13~pre2-0ubuntu1) jaunty; urgency=low * Update IcedTea build infrastructure (20081202). - Add Dec 3 OpenJDK security patches * Build with --with-hotspot-build, update patches for this config. -- Matthias Klose Wed, 03 Dec 2008 01:05:54 +0100 openjdk-6 (6b13~pre1-0ubuntu4) jaunty; urgency=low * Update IcedTea build infrastructure (20081122). - Fixes for the IcedTeaPlugin. LP: #300254. -- Matthias Klose Sat, 22 Nov 2008 10:42:10 +0100 openjdk-6 (6b13~pre1-0ubuntu3) jaunty; urgency=low * Fix versioned conflict on icedtea-gcjwebplugin. LP: #284299. * Update IcedTea build infrastructure (20081121). - Fixes for the IcedTeaPlugin. * Configure with pulseaudio in jaunty. -- Matthias Klose Fri, 21 Nov 2008 07:46:10 +0100 openjdk-6 (6b13~pre1-0ubuntu2) jaunty; urgency=low * Update IcedTea build infrastructure (20081117). * Use openjdk-6 as stage1 compiler on armel for a faster build. -- Matthias Klose Mon, 17 Nov 2008 18:43:17 +0100 openjdk-6 (6b13~pre1-0ubuntu1) jaunty; urgency=low * New code drop (b13). - In the langtools area, besides a few miscellaneous bug fixes (6760834, 6725036, 6657499), all the langtools regression tests now pass out of the box (6728697, 6707027) and if using the most recent version of jtreg, the langtools regression tests can be run in the much faster "same vm" mode of jtreg, enabled with the -s option (6749967, 6748541, 6748546, 6748601, 6759775, 6759795, 6759796, 6759996, 6760805, 6760930). - Gervill update, including applying a patch from IcedTea (6758986, 6748247, 6748251). - Publishing a few dozen additional existing regression tests as open source (6601457, 6759433, 6740185). - JMX and monitoring fixes (6651382, 6616825, 6756202, 6754672). - Man page updates (6757036, 6392810, 6504867, 6326773). - Assorted other fixes (6746055, 6621697, 6756569, 6356642, 6761678). * Update IcedTea build infrastructure (20081111). - Fix freeze in midi app, LP: #275672. - Fixes in the IcedTeaPlugin: LP: #282570, LP: #282570, LP: #285729, LP: #291377, LP: #37330, LP: #239533. - Fix vertical text metrics with freetype scaler. LP: #289784. * Build-depend on ecj-gcj instead of ecj on architectures using gij/gcj as the bootstrap system. * Fixed in 6b12: Stack overflow running Kea. LP: #244731. -- Matthias Klose Tue, 11 Nov 2008 12:39:16 +0100 openjdk-6 (6b12-1~exp1) experimental; urgency=low * Update IcedTea build infrastructure (20081025). -- Matthias Klose Sat, 25 Oct 2008 23:35:14 +0200 openjdk-6 (6b12-0ubuntu6) intrepid; urgency=low * Make the dependency on ca-certificates-java unversioned. * Merge from IcedTea: - plugin/icedtea/netscape/javascript/JSObject.java: Make long constructor public. -- Matthias Klose Fri, 24 Oct 2008 23:06:32 +0200 openjdk-6 (6b12-0ubuntu5) intrepid; urgency=low * Update IcedTea build infrastructure (20081024). - Add --pkgversion= configure option. - IcedTeaPlugin fixes. - Fix xjc regressions. * openjdk-jre-headless: Depend on ca-certificates-java. * Configure with --pkgversion= to encode the package version in the -version output and in vm dumps. * cacao: Handle VM options Xverify:all and Xverify:none. -- Matthias Klose Fri, 24 Oct 2008 13:39:29 +0200 openjdk-6 (6b12-0) experimental; urgency=low * Upload to experimental. * Pretend the availability of at least 384MB RAM; better swap on the buildds than failing the build. -- Matthias Klose Sun, 19 Oct 2008 11:15:28 +0200 openjdk-6 (6b12-0ubuntu4) intrepid; urgency=low * Update IcedTea build infrastructure (20081019). - plugin fix (Make applet size factors doubles instead of ints). * Don't fail the build when the jtreg summary is missing. * openjdk-6-source-files: Fix priority and section of the binary package. * Fix section of the plugin package. -- Matthias Klose Sun, 19 Oct 2008 09:29:03 +0200 openjdk-6 (6b12-0ubuntu3) intrepid; urgency=low * Update IcedTea build infrastructure (20081018). - Fix LiveConnect issues in the web plugin. LP: #282762. - Fail the build, if patches don't apply. * Show xvfb and xauth failures in the build log, when running the testsuites. * Kill processes which still hang after running the testsuite. Closes: #493339. * Run the testsuite in parallel, reducing build time. * openjdk-headless: Depend instead of recommending tzdata-java. -- Matthias Klose Sat, 18 Oct 2008 17:15:14 +0200 openjdk-6 (6b12-0ubuntu2) intrepid; urgency=low * icedtea6-plugin: Versioned conflict with icedtea-gcjwebplugin. LP: #184299. * Don't configure --with-alt-jar=/usr/bin/fastjar on hotspot archs and cacao builds. Working around a problem generating rt.jar. Manually add the netscape/javascript files in zero builds. * Update IcedTea build infrastructure (20081017). - configury updates. - IcedTeaPlugin update. * openjdk-6-jdk: Suggest visualvm. * Remove cacao patches found in cacao 0.99.4~20081012. -- Matthias Klose Fri, 17 Oct 2008 13:25:45 +0200 openjdk-6 (6b12-0ubuntu1) intrepid; urgency=low * Update IcedTea to the 1.3.0 release. * Apply upstream patch to fix upstream issue 6758986. -- Matthias Klose Wed, 15 Oct 2008 19:49:05 +0000 openjdk-6 (6b12~pre2-1) experimental; urgency=low * Upload to experimental. -- Matthias Klose Sun, 12 Oct 2008 11:16:03 +0000 openjdk-6 (6b12~pre2-0ubuntu3) intrepid; urgency=low * Update IcedTea build infrastructure (20081015). * Add netscape/javascript class files to rt.jar. LP: #282762. * Be more verbose in the icedtea6-plugin package description. * Fix some lintian warnings. -- Matthias Klose Wed, 15 Oct 2008 12:45:59 +0200 openjdk-6 (6b12~pre2-0ubuntu2) intrepid; urgency=low * Update IcedTea build infrastructure (20081012). * When building as cacao, build a cacao-oj6-plugin package. * When building as cacao, run the testsuite on amd64, i386, sparc. * Add finnish translations to the desktop files (Timo Jyrinki). Closes: #494354. * Fix font paths (Rob Gom). Closes: #495988. * Reenable running the testsuite. * Fix pulse-java build failure on amd64. -- Matthias Klose Sun, 12 Oct 2008 13:05:49 +0200 openjdk-6 (6b12~pre2-0ubuntu1) intrepid; urgency=low * Update IcedTea build infrastructure (20081011). * debian/copyright: Add copyright notice for pulseaudio sound files. * Add support to build with pulseaudio support. -- Matthias Klose Sat, 11 Oct 2008 15:44:50 +0200 openjdk-6 (6b12~pre1-0ubuntu5) intrepid; urgency=low * Move the plugin from the -jre package into the -plugin package. -- Matthias Klose Fri, 10 Oct 2008 06:55:34 +0000 openjdk-6 (6b12~pre1-0ubuntu4) intrepid; urgency=low * Update IcedTea build infrastructure (20081009). * Configure with --enable-liveconnect, build an icedtea6-plugin package. Thanks to Deepak Bhole. LP: #207064, #195783, #199680, #202762, #220241, #242263, #242496, #242496, #250292, #269885, #274356, #274360, #259313. * Build an icedtea6-plugin package. * Merge changes from 6b11-9 packaging. * Build a openjdk-6-source-files packages (used as a build dependency of cacao-oj6). * Build depend on cacao-source for cacao-oj6 builds. -- Matthias Klose Thu, 09 Oct 2008 15:04:27 +0200 openjdk-6 (6b12~pre1-0ubuntu3) intrepid; urgency=low * Update IcedTea build infrastructure (20080915). * Reapply: openjdk-6-jre-headless: Make libnss-mdns a suggestion instead of a recommendation. LP: #261847. * Build-depend against fixed fastjar. LP: #267177. -- Matthias Klose Mon, 15 Sep 2008 20:16:51 +0200 openjdk-6 (6b12~pre1-0ubuntu2) intrepid; urgency=low * Update the icedtea-hotspot patch to b12, fixing build failures on zero archs (ia64, powerpc). -- Matthias Klose Sat, 13 Sep 2008 11:48:44 +0200 openjdk-6 (6b12~pre1-0ubuntu1) intrepid; urgency=low * New code drop (b12). * Update IcedTea build infrastructure (20080912). -- Matthias Klose Sat, 13 Sep 2008 00:41:42 +0200 openjdk-6 (6b11-6) unstable; urgency=low * Set minimum heap size independent of available memory for cacao builds. * Link the wrapper tools with -rdynamic for cacao builds. * Update cacao based builds: - Update cacao to 0.99.3, remove patches applied upstream. - Fix build failures on mipsel-linux. * Allow setting of the bootstrap compiler per architecture. * Configure --with-alt-jar set to fastjar to speed up builds. * Update IcedTea build infrastructure (20080815), remove local patches integrated in IcedTea. - Make use of unsigned/signed types explicit. - Fix PR icedtea/184, adding support for returning floats and doubles for zero builds. - Fix Fix PR icedtea/181, class type checks. -- Matthias Klose Fri, 15 Aug 2008 16:59:48 +0000 openjdk-6 (6b11-5) unstable; urgency=low * debian/rules (stamps/mauve-build): Configure with --host and --build. * openjdk-6-jdk: Recommend libxt-dev (jawt_md.h header includes). * Fix build issues on s390 (size_t is unsigned long). -- Matthias Klose Sun, 03 Aug 2008 20:05:44 +0200 openjdk-6 (6b11-4) unstable; urgency=low * Update IcedTea build infrastructure (20080801). - Fix typo, causing build failure on mipsel. -- Matthias Klose Fri, 01 Aug 2008 01:25:51 +0200 openjdk-6 (6b11-3) unstable; urgency=low * Include the name of the VM used in the package description. * Update IcedTea build infrastructure (20080731). * Build for alpha, arm, mips and mipsel. * Switch from libcupsys2(-dev) to libcups2(-dev) for newer releases. (Closes: #492384) * Add symlinks for header files found in JAVA_HOME/include/linux in JAVA_HOME/include. * openjdk-6-jre: Don' recommend lesstif2 anymore. -- Matthias Klose Thu, 31 Jul 2008 17:16:59 +0200 openjdk-6 (6b11-2ubuntu1) intrepid; urgency=low * xvfb seems to be broken when running with intrepid and an intrepid kernel. Nevertheless, run xvfb-run -s "-extension GLX" on the buildds (hardy kernels). * Stop the buildwatch process after the testsuite finishes. -- Matthias Klose Fri, 25 Jul 2008 12:33:44 +0200 openjdk-6 (6b11-2) unstable; urgency=low * Update IcedTea build infrastructure (20080724). * debian/buildwatch.sh: Track long building files with no visible output. * Fix build failure when not running the mauve testsuite. * Disable running the testsuite for cacao builds (leaving processes around). * Don't set a soversion for the cacao libjvm. * Configure with --host and --build. * Call xvfb-run with -s "-extension GLX". -- Matthias Klose Thu, 24 Jul 2008 22:25:30 +0200 openjdk-6 (6b11-1ubuntu2) intrepid; urgency=low * Update IcedTea build infrastructure (20080724). * debian/buildwatch.sh: Track long building files with no visible output. * Fix build failure when not running the mauve testsuite. * Disable running the testsuite for cacao builds (leaving processes around). * Don't set a soversion for the cacao libjvm. * Configure with --host and --build. -- Matthias Klose Thu, 24 Jul 2008 17:58:53 +0200 openjdk-6 (6b11-1ubuntu1) intrepid; urgency=low * Regenerate the control file. -- Matthias Klose Wed, 23 Jul 2008 00:42:16 +0200 openjdk-6 (6b11-1) unstable; urgency=low * New code drop (b11). * Update IcedTea build infrastructure (20080721). * debian/generate-dfsg.sh: Update for b11. * debian/patches/const_strings.patch, debian/patches/issue-6659207.diff: Remove, applied upstream. * debian/generate-debian-orig.sh: Fix /proc check. * debian/control.in: Loosen dependency of -jre-lib on -jre. * Support `nodocs' in DEB_BUILD_OPTIONS. * Remove build-dependency on lesstif2-dev. * Bootstrap using gcj on all archs; the 6b10dfsg-2 packages are broken. * Run the jtreg harness in a virtual X environment. * Install javazic.jar in the jre-lib package. * Don't run the testsuite on arm; the build already takes days; only run the testsuite on hotspot archs and powerpc. -- Matthias Klose Wed, 23 Jul 2008 00:28:12 +0200 openjdk-6 (6b10dfsg-2) unstable; urgency=low * Update IcedTea build infrastructure (20080714). * On arm configure cacao builds with --enable-softfloat. * Don't run the mauve testsuite for cacao builds (hangs the test runner process). * Don't configure cacao builds with --enable/-disable-zero. * Don't remove alternatives on upgrade. * debian/copyright: Add license for NanoXML. * Do recommends ttf-indic-fonts instead of ttf-indic-fonts-core for lenny and sid. Closes: #490619. * Ignore errors when registering the jar binfmt. The alternative may already be registered by another JVM. Closes: #490594. * openjdk-6-jre-headless: Depend on ttf-dejavu-core instead of ttf-dejavu. * On amd64, i386 and sparc, bootstrap using openjdk. -- Matthias Klose Mon, 14 Jul 2008 19:41:19 +0200 openjdk-6 (6b10dfsg-1ubuntu2) intrepid; urgency=low * Update IcedTea build infrastructure (20080702). - Do not configure --with-shark by default. - Update license headers from jdk7. * Start debian/buildwatch.sh for armel and sparc builds as well. * Allow configuration with --with-cacao. -- Matthias Klose Mon, 30 Jun 2008 13:30:06 +0200 openjdk-6 (6b10dfsg-1ubuntu1) intrepid; urgency=low * The rebuilt upstream tarball now has GPL-compatible free software licenses and documented copyrights and licenses. LP: #238569. * Fixed name of the xulrunner-1.9-javaplugin.so in the .jinfo file. LP: #226911. * Ignore errors during activation of class data sharing. Closes: #490617, #490672. -- Matthias Klose Mon, 30 Jun 2008 13:30:06 +0200 openjdk-6 (6b10dfsg-1) unstable; urgency=low * Rebuild the upstream tar ball: - Remove the jscheme jar files. - Apply the patch from Iris Clark (Sun) for the copyright headers (http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=141#c4). - Remove jdk/src/share/classes/java/lang/instrument/package.html. - Upload to main. * Update IcedTea build infrastructure (20080628). * Build an openjdk-6-dbg package. * patches/gcc-mtune-generic.diff: Fix typo. * openjdk-6-jre: Depend on ttf-dejavu. * debian/copyright: Add two more copyright holders, not directly mentioned in the third party readme. Replace Apache 2.0 license with pointer to common-licenses. * Fix more lintian warnings. * debian/sun_java_app.xpm: Downsize icon to 32x32 pixels. * Build-depend/depend on rhino. -- Matthias Klose Sun, 29 Jun 2008 17:42:51 +0200 openjdk-6 (6b10-1) unstable; urgency=low * New code drop (b10). - Still some non-compliant license headers found in openjdk/corba/src/share/classes/com/sun/tools/corba/se/idl. - Upload to non-free. * Update IcedTea build infrastructure (20080603). * In fontconfig.properties, fix Korean font names and add paths to the Luxi fonts for Motif. Add fonts for Indic languages. * Install compilefontconfig.jar in openjdk-6-jre-lib package. * Run the testsuites of hotspot, langtools and jdk. * Include the jscheme-5.0 sources in the tarball, mention the jscheme licenses in debian/copyright. * Use the certificates provided by the ca-certificates-java package. * More fontconfig updates (Arne Goetje). * Fix some lintian warnings. * Correct build-dependency for openjdk based bootstraps. -- Matthias Klose Wed, 04 Jun 2008 01:46:52 +0200 openjdk-6 (6b09-1~pre1) unstable; urgency=low [ Matthias Klose ] * New code drop (b09). * Update IcedTea build infrastructure (20080528). - Add missing color profiles. LP: #225174. - Moved system properties defined in hotspot to TrustManagerFactoryImpl. LP: #224455. * 6636469_v4.diff: Remove, committed in IcedTea. * debian/control: Update Vcs-* attributes. * debian/JB-jre-headless.p*.in: Fix update-binfmts calls. * Compress the man pages, fixing the slave symlinks of the alternatives. * javaws.desktop: Add `%u' to the Exec key, remove -viewer option. * openjdk-6-jre-headless: Recommends libnss-mdns. * openjdk-6-jre-headless: Warn about unmounted /proc file system. * debian/JB-jre.mime.in: Remove the -viewer option from command (Tan Rui Boon). * Add a `docs' symlink pointing to /usr/share/doc/openjdk-6. LP: #218405. * Set maintainer to the team list. * Add copyright notices for patches and generated files. * Add helper scripts to modify upstream tarball and generate the debian tarball. * Fix names for browser alternatives in jinfo file, set browser_plugin_dirs unconditionally. * Recommend the ttf-wqy-zenhei font instead of ttf-arphic-uming, if the latter is available in Truetype Collection (TTC) format only, add the fontconfig changes as a patch. * Make the cjk font packages configurable in the control file. * Use GCC-4.3 on all platforms where available. * Install a config file swing.properties, allowing a user to change the default look and feel. LP: #229112. * When trying to determine the executable name reading /proc/self/exe, discard known prefixes used for unionfs mounts. LP: #224110. * Explicitely configure with --disable-zero on hotspot architectures. * Add fix for issue 6659207, access violation in CompilerThread0. Addresses #478560. Needs checking: LP: #229207. * Disable building the docs on ia64, powerpc and sparc, we don't build architecture independent packages on these architectures. * Explicitely configure --with-parallel-jobs, needed by the updated IcedTea. * Backport the linux-sparc patches, enable building on sparc. LP: #154080. * Don't use an absolute path calling the compiler. * Replace the OpenJDK version in desktop and menu files. * Install menu files. * Install openjdk-6-java.desktop in -jre, instead of -jre-headless. -- Matthias Klose Wed, 14 May 2008 08:49:54 +0200 openjdk-6 (6b08-1) unstable; urgency=low [ Torsten Werner ] * first upload to Debian (Closes: #452750) * Regenerate debian/control. * Switch to bzip2 package compression in Debian but leave lzma compression in Ubuntu. * Temporarily downgrade Depends: tzdata-java to Recommends until the package becomes available in Debian. * Add myself to Uploaders. * Do not install extras license file in openjdk-6-jre-lib. * Add patch shebang.diff to fix a lintian warning. * Install openjdk-6-java.desktop into the correct binary package. * Improve some package descriptions. * Remove some empty directories from binary packages. * Install README.Debian in every binary package and give it some useful content. * Install java-rmi.cgi in package openjdk-6-jre-headless and mention it in README.Debian. * Install /usr/bin/jexec via update-alternatives. * Downgrade Depends: java-common (>= 0.28). * Add patch jexec.diff to make the jexec binary executable without specifying an absolute path. * Add Build-Depends: xauth and xfonts-base for mauve. * Update and install the lintian override files. * Replace all occurences of binary:Version and source:Version by Source-Version to be compatible with Ubuntu release 6.06. * Remove Conflicts: gcjwebplugin. [ Michael Koch ] * Fixed Vcs-Bzr and Vcs-Browser fields. * Removed Encoding entry from all debian/*.desktop.in files. [ Matthias Klose ] * Make Java Full Screen Exclusive Mode work again with Xorg Server 1.3 and above (Dan Munckton). LP: #154613 (Java bug 6636469). * Configure with --enable-zero on all archs except amd64, i386, lpia. * Update IcedTea build infrastructure. * Handle binary files in updates of the build infrastructure. * Enable bootstrap/normal builds per architecture. * javaws-wrapper.sh: Use readlink --canonicalize. LP: #211515. * binfmt-support: Handle /usr/share/binfmts/jar as a slave symlink of the jexec alternative, install the binfmt file in the jre libdir. Use the jexec alternative in the binfmt file. * JB-jre-headless.postinst.in: Remove sun-java6 specific chunks. * Differentiate between the openjdk version required as dependency and as build dependency. -- Torsten Werner Wed, 09 Apr 2008 10:12:55 +0200 openjdk-6 (6b08-0ubuntu1) hardy; urgency=low * New code drop (b08). * Update IcedTea build infrastructure. * Move binfmt-support references from -jre to -jre-headless package. * Don't fail on purge, if /var/lib/binfmts/openjdk-6 is missing. LP: #206721. * Only use the basename for icons in desktop files. LP: #207413. * Install javaws(1). LP: #191297. * Install a wrapper script for javaws, which calls `javaws -viewer' if no arguments are given (or else starting javaws from the desktop menu would not do anything). * debian/JB-web-start.applications.in: Remove the -viewer option from command. -- Matthias Klose Fri, 28 Mar 2008 16:10:32 +0000 openjdk-6 (6b07-0ubuntu1) hardy; urgency=low * New code drop (b07). * Update IcedTea build infrastructure. * debian/copyright: Update to OpenJDK Trademark Notice v1.1. -- Matthias Klose Sat, 22 Mar 2008 22:41:42 +0100 openjdk-6 (6b06-0ubuntu12) hardy; urgency=low * Update icon locations in menu files. * openjdk-6-jre-headless: Provide java-virtual-machine. LP: #189953. * openjdk-6-jre-headless: Add a conflict to gcjwebplugin; for openjdk use the icetea-gcjwebplugin, for gij the java-gcj-compat-plugin. -- Matthias Klose Sat, 22 Mar 2008 20:12:41 +0100 openjdk-6 (6b06-0ubuntu11) hardy; urgency=low * Update IcedTea to 20080319. * Move rt.jar into the openjdk-6-jre-headless package; sun/awt/X11 class files differ between amd64 and i386. * Install all desktop files in /usr/share/applications. -- Matthias Klose Wed, 19 Mar 2008 23:53:36 +0100 openjdk-6 (6b06-0ubuntu10) hardy; urgency=low * Remove print-lsb-release.patch, forwarded to IcedTea. * Fix IcedTea configure to detect libffi without pkg-config. -- Matthias Klose Wed, 12 Mar 2008 20:28:55 +0100 openjdk-6 (6b06-0ubuntu9) hardy; urgency=low * Build-depend on libffi4-dev on architectures other than amd64, i386, lpia. * Install icons in /usr/share/pixmaps, not /usr/share/icons. * debian/rules: Call dh_icons. -- Matthias Klose Wed, 12 Mar 2008 11:34:44 +0100 openjdk-6 (6b06-0ubuntu8) hardy; urgency=low * Tighten dependency on java-common. * debian/copyright: Include trademark notice. * debian/control: Mention IcedTea in the package descriptions. * Update IcedTea to 20080311. -- Matthias Klose Tue, 11 Mar 2008 21:39:27 +0100 openjdk-6 (6b06-0ubuntu7) hardy; urgency=low * Build-depend on unzip. -- Matthias Klose Fri, 07 Mar 2008 16:47:43 +0100 openjdk-6 (6b06-0ubuntu6) hardy; urgency=low * Build-depend on zip. -- Matthias Klose Fri, 07 Mar 2008 16:16:52 +0100 openjdk-6 (6b06-0ubuntu5) hardy; urgency=low * debian/mauve_tests: javax.swing.text.html.HTML.ElementTagAttributeTest, removed, tries to access the network. * debian/README.alternatives.in: Update for --jre-headless. * debian/rules: Fix paths for OpenJDK based bootstrap. * Compress packages using lzma. * Drop build dependency on zip, unzip. * Fix build infrastructure to bootstrap with OpenJDK instead of ecj. * Do not build the gcjwebplugin from the OpenJDK source. -- Matthias Klose Fri, 07 Mar 2008 13:53:15 +0100 openjdk-6 (6b06-0ubuntu4) hardy; urgency=low * Don't register a java-rmi.cgi alternative in /usr/bin. -- Matthias Klose Thu, 06 Mar 2008 17:59:35 +0100 openjdk-6 (6b06-0ubuntu3) hardy; urgency=low * Split out a openjdk-6-jre-headless package, depend on java-common, supporting update-java-alternatives --jre-headless. * Make openjdk-6-jre-headless and openjdk-6-jre architecture any. * New package openjdk-6-jre-lib (arch all). * Remove openjdk-6-bin package. * debian/patches/openjdk-ubuntu-branding.patch: New patch. * Install images/cursors/cursors.properties as a config file. * Do not compress demos and examples in the -demo package. * openjdk-6-jre: Add dependency on libxinerama1. * Update IcedTea to 20080305. * Don't generate cacerts ourself, but depend on ca-certificates, fix location of javax.net.ssl.trustStore property. * Build-depend on mauve and xvfb; run some mauve tests (the list of tests taken from the Fedora package). * Keep a backup of the `generated' directory; some files are regenerated differently, increasing the size of the diff. -- Matthias Klose Thu, 06 Mar 2008 10:05:39 +0100 openjdk-6 (6b06-0ubuntu2) hardy; urgency=low * Re-add gawk and pkg-config as build dependencies. -- Matthias Klose Tue, 04 Mar 2008 12:20:21 +0100 openjdk-6 (6b06-0ubuntu1) hardy; urgency=low * New code drop (b06). * Remove java-access-bridge tarball, use an externally built package. * Update IcedTea to 20080304. * Don't use any compiler flags from the environment. -- Matthias Klose Tue, 04 Mar 2008 09:16:59 +0100 openjdk-6 (6b05-0ubuntu1) hardy; urgency=low * First public OpenJDK upstream code drop (b05). * Depend on tzdata-java. -- Matthias Klose Fri, 29 Feb 2008 19:05:42 +0100 icedtea-java7 (7~b24-1.5+20080118-2) UNRELEASED; urgency=low * Fix removal of alternatives. -- Matthias Klose Sat, 26 Jan 2008 18:41:40 +0100 icedtea-java7 (7~b24-1.5+20080118-1) hardy; urgency=low * Fix installation of the plugin for firefox-3.0. -- Matthias Klose Sat, 19 Jan 2008 15:10:18 +0100 icedtea-java7 (7~b24-1.5+20080118-1~ppa1) hardy; urgency=low * Update IcedTea to 20080118. * Fix another build failure when gcc version != gcj version. * Use the versioned compiler to build the corba parts. * Register plugin for firefox-3.0. * Build using GCC-4.3. -- Matthias Klose Fri, 18 Jan 2008 21:15:08 +0100 icedtea-java7 (7~b24-1.5-2) UNRELEASED; urgency=low * First upload to Debian. Closes: #452750. * debian/control.in: - Moved package from universe/devel section to devel. - Put icedtea-java7-doc into doc section. - Added Homepage field and removed Homepage pseudo field from descriptions. - Updated Standards-Version to 3.7.3. * debian/rules: - Check if Makefile exists before called clean in clean target. * debian/copyright: Converted to UTF-8. -- Michael Koch Sat, 05 Jan 2008 13:34:46 -0100 icedtea-java7 (7~b24-1.5-1) hardy; urgency=low * Update to IcedTea-1.5. * debian/patches/ssp-interpreter.diff: Use bash to call the ssp script, backslash handling differs betweend dash and bash. -- Matthias Klose Fri, 04 Jan 2008 09:58:27 +0100 icedtea-java7 (7~b24-1.5~20071214-1) hardy; urgency=low * New upstream snapshot (b24). * Update java-access-bridge to 1.21.1. * On powerpc keep the build alive using buildwatch script. * Do not install menu entries for javaws, ControlPanel. LP: #155553, #156673. * README.alternatives: Fix example. LP: #157063. -- Matthias Klose Fri, 14 Dec 2007 11:09:22 +0100 icedtea-java7 (7~b23-1.5~20071124-4) hardy; urgency=low * Allow libungif4-dev as alternative build dependency. * On powerpc keep the build alive using buildwatch script. * Always build the plugin using libxul-dev. -- Matthias Klose Mon, 10 Dec 2007 15:20:16 +0100 icedtea-java7 (7~b23-1.5~20071124-3) hardy; urgency=low * Lower optimization to -O2 for building the jdk on amd64. * Reenable parallel build. * Link using -Bsymbolic-functions. * debian/patches/arguments.patch, debian/patches/const_strings.patch: New patches (Arnaud Vandyck). -- Matthias Klose Thu, 29 Nov 2007 18:50:41 +0100 icedtea-java7 (7~b23-1.5~20071124-2) hardy; urgency=low * Bootstrap using ecj/gcj. * Build using g++-4.1 on i386, lpia, powerpc. -- Matthias Klose Wed, 28 Nov 2007 14:46:48 +0000 icedtea-java7 (7~b23-1.5~20071124-1) hardy; urgency=low * New upstream snapshot (b23). -- Matthias Klose Tue, 27 Nov 2007 15:48:08 +0100 icedtea-java7 (7~b22-1.5~20071018-0ubuntu3) hardy; urgency=low * Revert the previous change, require 7~b22 versions again. -- Matthias Klose Sat, 20 Oct 2007 14:33:26 +0000 icedtea-java7 (7~b22-1.5~20071018-0ubuntu2) hardy; urgency=low * Loosen dependencies to 7~b21, until package is built on all archs. -- Matthias Klose Sat, 20 Oct 2007 07:48:36 +0000 icedtea-java7 (7~b22-1.5~20071018-0ubuntu1) hardy; urgency=low * New upstream snapshot (b22). * Don't use parallel builds to make the build log better comparable. -- Matthias Klose Fri, 19 Oct 2007 19:49:51 +0200 icedtea-java7 (7~b21-1.4+20071007-0ubuntu5) gutsy; urgency=low * Update icedtea to vcs 20071012 (1.4 release), checked that the plugin works on amd64. * debian/copyright: Update "License Headers" section. -- Matthias Klose Sun, 14 Oct 2007 19:55:12 +0200 icedtea-java7 (7~b21-1.4+20071007-0ubuntu4) gutsy; urgency=low * Bootstrapping trigger upload for final step of bootstrapping i386, amd64, lpia. -- LaMont Jones Wed, 10 Oct 2007 22:04:25 -0600 icedtea-java7 (7~b21-1.4+20071007-0ubuntu3) gutsy; urgency=low * Add build dependency on bzip2. -- Matthias Klose Wed, 10 Oct 2007 09:00:40 +0000 icedtea-java7 (7~b21-1.4+20071007-0ubuntu2) gutsy; urgency=low * Add build dependency on ant. -- Matthias Klose Wed, 10 Oct 2007 06:33:14 +0000 icedtea-java7 (7~b21-1.4+20071007-0ubuntu1) gutsy; urgency=low * Update icedtea to vcs 20071007. * Update java-access-bridge to 1.20.0. * Add build-dependency on libxinerama-dev. * Add Xb-Npp-xxx tags for the -plugin package. * Name the plugin "GCJ Web Browser Plugin (using IcedTea)", GCJ now "Great Cool Java" (according to Michael Koch). * Compress binary-indep packages using bzip2. -- Matthias Klose Sun, 7 Oct 2007 23:43:28 +0200 icedtea-java7 (7~b21-1.4+20071002-0ubuntu2) gutsy; urgency=low * Rebuild using icedtea 7~b21. -- Matthias Klose Tue, 02 Oct 2007 19:45:21 +0200 icedtea-java7 (7~b21-1.4+20071002-0ubuntu1) gutsy; urgency=low * New upstream snapshot (b21). * Correctly unregister the executable binary format in the -bin package. * Assemble the debian/copyright file. -- Matthias Klose Tue, 2 Oct 2007 09:59:37 +0200 icedtea-java7 (7~b19-1.3+20070905-0ubuntu1) gutsy; urgency=low * New upstream snapshot (b19). * Build using g++-4.2 on amd64, using g++-4.1 on i386 and lpia. * Build without -Werror, upstream source is not yet warning clean. * Support DEB_BUILD_OPTIONS=parallel=. * Add build dependency on wget. * Add font suggestions. * Changed font configuration to fix CJK font support (Arne Goetje). * Fix location of the plugin, when registering the plugin alternatives. -- Matthias Klose Thu, 6 Sep 2007 00:46:40 +0200 icedtea-java7 (7~b18-1.2+20070822-0ubuntu2) gutsy; urgency=low * Create browser plugin directories. * Build-depend on liblcms1-dev. * Recommend packages with dlopened libraries: liblcms1, lesstif2, libcupsys2, libgtk2.0-0, libgnome2-0, libgnomevfs2-0, libgconf2-4, libxrandr2, libgl1-mesa-glx. -- Matthias Klose Tue, 21 Aug 2007 17:21:00 +0200 icedtea-java7 (7~b18-1.2+20070822-0ubuntu1) gutsy; urgency=low * New upstream version. * Include java-access-bridge. * Build -doc, -plugin packages. * Register alternatives, priority 1060. -- Matthias Klose Tue, 21 Aug 2007 17:21:00 +0200 icedtea-java7 (7~b17-1.2+20070808-1) gutsy; urgency=low * Initial release, discard the initial packaging based on cdbs. * Base the packaging on the sun-javaX packages. -- Matthias Klose Wed, 08 Aug 2007 15:55:39 +0200 icedtea (7~b16-20070724-1) UNRELEASED; urgency=low * Update upstream tarball to 7~b16, update icedtea to 20070724. * debian/control: Build-depend on libfreetype6-dev. * debian/rules: Configure --with-jar=/usr/bin/fastjar. * Build using gcj-4.2. -- Matthias Klose Tue, 24 Jul 2007 11:24:55 +0200 icedtea (7~b14-20070704-1) unstable; urgency=low * Initial version. -- Michael Koch Wed, 04 Jul 2007 08:25:31 -0100