Archive for March, 2008

Published by Adam Myatt on 04 Mar 2008

Sun Releases Java 6 Update 5 (JDK 1.6.0.05)

Bug Fixes

This release contains fixes for one or more security vulnerabilities.
For more information, please see Sun Alerts
233321,
233322,
233323,
233324,
233325,
233326, and
233327.

Other bug fixes are listed in the following table.

BugId Category Subcategory Description
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6651160 java classes_security Add AOL root CA certs to JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6637304 java install Obsolete XPIs and replace them with new jinstall.exe to cover Java Stat’s xpi and jxpi metrics.
6622366 java sunservicetags JDK Product Registration Support

Java

Published by Adam Myatt on 03 Mar 2008

Sun Release JDK 1.5 Update 15 (JDK 1.5.0.15)

Bug fixes are listed in the following table.

BugId Category Subcategory Description
6587132 hotspot compiler2 Code changes behavior when compiled
6317397 hotspot runtime_system Hard hangs in concurrent code on Solaris and Linux
6633265 java classes_2d KCMS crash due to heap buffer out-of-bounds write with para-type curves
6633278 java classes_2d KCMS crash due heap-based buffer overflow parsing curv-type curves
6660717 java classes_2d KCMS crash due to heap buffer out-of-bounds write with para-type curves
6629657 java classes_awt provide raw key code from underlying system without changing API.
6632169 java classes_net HttpClient and HttpsClient should not try to reverse lookup IP address of a proxy server
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6651160 java classes_security Add AOL root CA certs to JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6374379 java classes_util_jarzip ZipFile class cannot open zip files with long filenames
6423026 java classes_util_jarzip Java.util.zip doesn’t allow more than 2036 zip files to be concurrently open on Windows
6609756 java_deployment security Buffer Overflow in Java ActiveX component
6608712 java_plugin applet_spec Bypassing the same origin policy in Java with crafted names
6568419 java_plugin misc initial_focus flag not working when an applet is compiled with 1.4 and run with 1.5
6593309 java_plugin misc applet focus issue with button after minimizing an maximizing
6631506 java_plugin plugin REG : Unable to launch an applet on MZ using 6u4
6634129 java_plugin plugin jar protocol allows LiveConnect code to connect to any port on localhost
6623233 javawebstart general arbitary code execution using java web start
6605184 javawebstart jnlp_file [ZDI-CAN-234] Security Vulnerability in XML UTF8 character encoding in JNLP files
6660121 javawebstart jnlp_file Encoding values in JNLP files can cause buffer overflow
6588002 jaxp other XSLTProcessorApplet still allows reading from forbidden URLs
6616825 jmx classes JMX query returns no value in 1.0 compatibility mode - deserialization bug in readObject()

Java

Published by Adam Myatt on 02 Mar 2008

Apress to release Pro NetBeans IDE 6 Rich Client Platform Edition

February, 2008, Apress will release ”Pro NetBeans IDE 6 Rich Client Platform Edition” by Adam Myatt with Brian Leonard and Geertjan Wielenga.’, ‘The book is a follow on to ”Pro NetBeans IDE 5.5 Enterprise Edition”. It specifically targets the new features of NetBeans 6, what has changed since NetBeans 5.5, as well as some new features. Topics covered include :

  • New NetBeans 6 editor and refactoring
  • Debugger
  • Profiler
  • JUnit 4 support
  • Ant and Maven
  • Code quality tools (PMD, Checkstyle, SQE)
  • JRuby/Ruby support
  • Building Swing GUI Applications
  • Creating Rich Client Applications on the NetBeans Platform
  • …and more!

NetBeans

Published by Adam Myatt on 01 Mar 2008

Sun Releases JDK 1.4.2 Update 17 (JDK 1.4.2.17)

Bug fixes are listed in the following table.

BugId Category Subcategory Description
6587132 hotspot compiler2 Code changes behavior when compiled
6593303 hotspot compiler2 CHA sometimes returns wrong answers
6558100 hotspot garbage_collector CMS crash following parallel work queue overflow
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6604056 java_deployment security deploy/src/javaws/share/config/cacerts shouldn’t contain any CA certs in source releases
6609756 java_deployment security Buffer Overflow in Java ActiveX component
6608712 java_plugin applet_spec Bypassing the same origin policy in Java with crafted names
6631506 java_plugin plugin REG : Unable to launch an applet on MZ using 6u4
6634129 java_plugin plugin jar protocol allows LiveConnect code to connect to any port on localhost
6623233 javawebstart general arbitary code execution using java web start
6660121 javawebstart jnlp_file Encoding values in JNLP files can cause buffer overflow
6607234 javawebstart other Use jre/lib/security/cacerts by java webstart instead of jre/javaws/cacerts from deploy workspace
6588002 jaxp other XSLTProcessorApplet still allows reading from forbidden URLs

Java

« Prev