-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 15 Oct 2010 10:05:39 +0200 Source: sun-java6 Binary: sun-java6-jre sun-java6-bin sun-java6-plugin ia32-sun-java6-bin ia32-sun-java6-plugin sun-java6-fonts sun-java6-jdk sun-java6-demo sun-java6-source sun-java6-javadb Architecture: source i386 all Version: 6.22-1 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Sylvestre Ledru <sylvestre@debian.org> Description: ia32-sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (32-bit) ia32-sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 (32-bit) sun-java6-bin - Sun Java(TM) Runtime Environment (JRE) 6 (architecture dependent sun-java6-demo - Sun Java(TM) Development Kit (JDK) 6 demos and examples sun-java6-fonts - Lucida TrueType fonts (from the Sun JRE) sun-java6-javadb - Java(TM) DB, Sun Microsystems' distribution of Apache Derby sun-java6-jdk - Sun Java(TM) Development Kit (JDK) 6 sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independen sun-java6-plugin - The Java(TM) Plug-in, Java SE 6 sun-java6-source - Sun Java(TM) Development Kit (JDK) 6 source files Closes: 480570 539288 597313 600259 Changes: sun-java6 (6.22-1) unstable; urgency=high . [ Torsten Werner ] * Add file /etc/java-6-sun/swing.properties. (Closes: #480570) * Install the desktop file for jvisualvm and remove the one for jconsole. (Closes: #539288) . [ Sylvestre Ledru ] * New upstream release (Closes: #600259) * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2010-3556): JDK unspecified vulnerability in 2D component - (CVE-2010-3562): JDK IndexColorModel double-free - (CVE-2010-3565): JDK JPEG writeImage remote code execution - (CVE-2010-3566): JDK ICC Profile remote code execution - (CVE-2010-3567): Crash in ICU Opentype layout engine due to mismatch in character counts - (CVE-2010-3571): JDK unspecified vulnerability in 2D component - (CVE-2010-3554): JDK corba reflection vulnerabilities - (CVE-2010-3563): JDK unspecified vulnerability in Deployment component - (CVE-2010-3568): JDK Deserialization Race condition - (CVE-2010-3569): JDK Serialization inconsistencies - (CVE-2010-3558): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3552): JDK unspecified vulnerability in New Java Plugin component - (CVE-2010-3559): JDK unspecified vulnerability in Sound component - (CVE-2010-3572): JDK unspecified vulnerability in Sound component - (CVE-2010-3553): UIDefault.ProxyLazyValue has unsafe reflection usage - (CVE-2010-3555): JDK unspecified vulnerability in Deployment component - (CVE-2010-3550): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3570): JDK unspecified vulnerability in Deployment Toolkit - (CVE-2010-3561): Privileged ServerSocket.accept allows receiving connections from any host - (CVE-2009-3555): TLS: MITM attacks via session renegotiation - (CVE-2010-1321): krb5: null pointer dereference in GSS-API library leads to DoS - (CVE-2010-3549): HttpURLConnection chunked encoding issue (Http request splitting) - (CVE-2010-3557): JDK Swing mutable static - (CVE-2010-3541): limit setting of some request headers in HttpURLConnection - (CVE-2010-3573): limit HTTP request cookie headers in HttpURLConnection - (CVE-2010-3574): limit use of TRACE method in HttpURLConnection - (CVE-2010-3548): JDK DNS server IP address information leak - (CVE-2010-3551): NetworkInterface reveals local network address to untrusted code - (CVE-2010-3560): JDK unspecified vulnerability in Networking component * Update of the italian po. Thanks to Vincenzo Campanella (Closes: #597313) Checksums-Sha1: 98b9ad0d0330f855810fd4d9b201cfdd246538ef 1662 sun-java6_6.22-1.dsc d6f0032323ed0bd7fc00d86776920a48bebe84ba 165194956 sun-java6_6.22.orig.tar.gz 4313e4b5104b8ecd4d4f2b4d4ca0b5896d061fae 89430 sun-java6_6.22-1.debian.tar.gz d6cf1688aa7edc2cb07df6f4482593a71a6b8ac4 29696156 sun-java6-bin_6.22-1_i386.deb a39720bca8c4471566a55cd62be790cc07d6881a 1996 sun-java6-plugin_6.22-1_i386.deb 73cafd4a3f32aa21b667217810fa881f703ce17b 19718512 sun-java6-jdk_6.22-1_i386.deb b6d9057fc33c4e3ceb394ac5a3c25a05ebb60e23 12153492 sun-java6-demo_6.22-1_i386.deb 0b03a92754d92f69aa85400bc33a15077a1278b1 6428392 sun-java6-jre_6.22-1_all.deb d16fb65b3e0cfe106cb3c260f3b141d933b69673 1874 sun-java6-fonts_6.22-1_all.deb 6072801a6d3cfa17b091a53bb678f2559a621892 17904770 sun-java6-source_6.22-1_all.deb b444a316a2292cd9a2fcce7a074b458732a1b958 10393890 sun-java6-javadb_6.22-1_all.deb Checksums-Sha256: 100491794fae30dfea22754257acab14bb2d734011b9f6e43daf57f676b9cb26 1662 sun-java6_6.22-1.dsc 6c144a6524cb811ab4fa67ea857474d231c77222088166660b3957ed6dc1678c 165194956 sun-java6_6.22.orig.tar.gz a7fe04c264998555c1ebb1af936612606b98342ec718584b45bbb2bc48a2a705 89430 sun-java6_6.22-1.debian.tar.gz 6620be8508ad17ab575f3d67f0b0f48f4f975414ddf9d8045d54e54c8b0cb846 29696156 sun-java6-bin_6.22-1_i386.deb c8db2688d36e9e4ca4ea10c103a2d7ce3b2eb79e96df31804a507a021a5bccac 1996 sun-java6-plugin_6.22-1_i386.deb 80791b396dd1dfc041584776fa3590576fa554c565e8e7fbdc86927a8aaaf3dc 19718512 sun-java6-jdk_6.22-1_i386.deb c7a3123814d5502a8386405428919fc67ba54ce3301485febde1655d8a3e1d4d 12153492 sun-java6-demo_6.22-1_i386.deb 396aa3f20942e67429467632edcbbb576f8ad9e7a8629eac0054810e649af253 6428392 sun-java6-jre_6.22-1_all.deb 14ee22e37ba981e5d58b34d4ea5d3e2cbce333ec167a4ca4b2c597d9d0329fb1 1874 sun-java6-fonts_6.22-1_all.deb 0fc1946c9f1a3c6f9a3a436d60bd009047bf0d38a93d74657e2e87a7b659d501 17904770 sun-java6-source_6.22-1_all.deb 00c6231d1e91fb55c4ff031e3e24b577d278dde78acf22aabf43036aeb29748c 10393890 sun-java6-javadb_6.22-1_all.deb Files: fd0f60ca40e755706dd6d88c1f13bce8 1662 non-free/java optional sun-java6_6.22-1.dsc 981bd97edf98849f108df9d3d40352bb 165194956 non-free/java optional sun-java6_6.22.orig.tar.gz 3e0264f65655602023a7872328b065f9 89430 non-free/java optional sun-java6_6.22-1.debian.tar.gz 81b7aa50e92c41e5f521faf10cf7e6ca 29696156 non-free/java optional sun-java6-bin_6.22-1_i386.deb 69eb133cdcadd5a9957ace948c8b175e 1996 non-free/web optional sun-java6-plugin_6.22-1_i386.deb 7c93db3c265b42847d9e34c8c77027d5 19718512 non-free/java optional sun-java6-jdk_6.22-1_i386.deb 640dd0eb2315f7b4b7aa0ac5abb86c3e 12153492 non-free/java optional sun-java6-demo_6.22-1_i386.deb 6771b6c67c772691ee1f4706e4b66133 6428392 non-free/java optional sun-java6-jre_6.22-1_all.deb 16c8abfd4fb35310ec3a184f0f2f79de 1874 non-free/fonts optional sun-java6-fonts_6.22-1_all.deb bc5f3f27c2cca7422200faa7a92cf098 17904770 non-free/java optional sun-java6-source_6.22-1_all.deb 9425b39b20514157d551475a65c196ef 10393890 non-free/java optional sun-java6-javadb_6.22-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAky4Lw0ACgkQiOXXM92JlhAsVQCfZvvzOl4TtW6zquWcjY4zu60u PCoAoPLv0/fVAaITd+sulPNW6OCgemC7 =ybaW -----END PGP SIGNATURE----- Accepted: sun-java6-bin_6.22-1_i386.deb to non-free/s/sun-java6/sun-java6-bin_6.22-1_i386.deb sun-java6-demo_6.22-1_i386.deb to non-free/s/sun-java6/sun-java6-demo_6.22-1_i386.deb sun-java6-fonts_6.22-1_all.deb to non-free/s/sun-java6/sun-java6-fonts_6.22-1_all.deb sun-java6-javadb_6.22-1_all.deb to non-free/s/sun-java6/sun-java6-javadb_6.22-1_all.deb sun-java6-jdk_6.22-1_i386.deb to non-free/s/sun-java6/sun-java6-jdk_6.22-1_i386.deb sun-java6-jre_6.22-1_all.deb to non-free/s/sun-java6/sun-java6-jre_6.22-1_all.deb sun-java6-plugin_6.22-1_i386.deb to non-free/s/sun-java6/sun-java6-plugin_6.22-1_i386.deb sun-java6-source_6.22-1_all.deb to non-free/s/sun-java6/sun-java6-source_6.22-1_all.deb sun-java6_6.22-1.debian.tar.gz to non-free/s/sun-java6/sun-java6_6.22-1.debian.tar.gz sun-java6_6.22-1.dsc to non-free/s/sun-java6/sun-java6_6.22-1.dsc sun-java6_6.22.orig.tar.gz to non-free/s/sun-java6/sun-java6_6.22.orig.tar.gz