Published by Adam Myatt on 25 Jul 2008

Sun Releases Java 6 Update 7 (JDK 1.6.0.07)

BugId Category Subcategory Description
6511756 hotspot jvmpi forte_is_valid_method() should call CollectedHeap::is_in_reserved() rather than is_in()
6671051 java

 classes_lang (process) Runtime.exec() hangs if signalled during fork/exec
6652375 java classes_security Add replacement GlobalSign Root CA to JDK
6696605 java

classes_security

Add Secom root certificates to the JDK
6656050 java classes_security

 Add AOL Root CA #2 to JDK
6679340 java classes_util_i18n (tz) Support tzdata2008b
6685178 java monitoring

REGRESSION: NPE in ConnectorBootstrap when Agent.getManagementProperties() returns null.

6643315 java sunservicetags Product Registration Info button in the Windows JDK installer should use default browser
6656520 java_plugin misc Loading cacerts file from running JRE directory (JRE 1.4.2)
6567254 java_plugin ns6 Stack stomp in CSecureJNIEnv
6674757 java_plugin plugin Firefox hang upon first applet launch with Windows OEM builds of Java
6709297 javawebstart other Wonderland does not install via webstart with 6u10 b21 or later

6620632

jaxp stax DTD event is missing entity and notation information

Java

Published by Adam Myatt on 01 May 2008

Sun Releases Java 6 Update 6 (JDK 1.6.0.06)

Bug fixes in JDK 1.6.0.6.

BugId Category Subcategory Description
6532373 java classes_awt xcb_xlib.c:50: xcb_xlib_unlock: Assertion ‘c->xlib.lock’ failed.
6632169 java classes_net HttpClient and HttpsClient should not try to reverse lookup IP address of a proxy server
6648816 java classes_security REGRESSION: setting -Djava.security.debug=failure result in NPE in ACC
6650748 java classes_util_i18n (tz) Java runtime doesn’t detect VET time zone correctly on Windows
6673080 java classes_util_i18n (tz) Support tzdata2008a
6676491 java sunservicetags Incorrect locale specified in the URL embedded in the register[_<locale>].html
6641731 java_deployment general The Java control panel is not showing up in the Windows Vista control panel on a AMD 64 machine
6618901 java_plugin plugin 6.0 JRE applet running on Vista limits heap to 64 MB
6648381 java_plugin plugin FontConfiguration exception preventing applets from loading
6595845 javawebstart general Java 6 JavaWebstart increases footprint by factor 2
6648395 javawebstart install JWS can’t find cache file after network crash
6672868 jax-ws other Package javax.xml.ws.wsaddressing not included in make/docs/CORE_PKGS.gmk
6578538 jce classes_crypto com.sun.crypto.provider.SunJCE instance leak using KRB5 and LoginContext

Java

Published by Adam Myatt on 04 Mar 2008

Sun Releases Java 6 Update 5 (JDK 1.6.0.05)

Bug Fixes

This release contains fixes for one or more security vulnerabilities.
For more information, please see Sun Alerts
233321,
233322,
233323,
233324,
233325,
233326, and
233327.

Other bug fixes are listed in the following table.

BugId Category Subcategory Description
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6651160 java classes_security Add AOL root CA certs to JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6637304 java install Obsolete XPIs and replace them with new jinstall.exe to cover Java Stat’s xpi and jxpi metrics.
6622366 java sunservicetags JDK Product Registration Support

Java

Published by Adam Myatt on 03 Mar 2008

Sun Release JDK 1.5 Update 15 (JDK 1.5.0.15)

Bug fixes are listed in the following table.

BugId Category Subcategory Description
6587132 hotspot compiler2 Code changes behavior when compiled
6317397 hotspot runtime_system Hard hangs in concurrent code on Solaris and Linux
6633265 java classes_2d KCMS crash due to heap buffer out-of-bounds write with para-type curves
6633278 java classes_2d KCMS crash due heap-based buffer overflow parsing curv-type curves
6660717 java classes_2d KCMS crash due to heap buffer out-of-bounds write with para-type curves
6629657 java classes_awt provide raw key code from underlying system without changing API.
6632169 java classes_net HttpClient and HttpsClient should not try to reverse lookup IP address of a proxy server
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6651160 java classes_security Add AOL root CA certs to JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6374379 java classes_util_jarzip ZipFile class cannot open zip files with long filenames
6423026 java classes_util_jarzip Java.util.zip doesn’t allow more than 2036 zip files to be concurrently open on Windows
6609756 java_deployment security Buffer Overflow in Java ActiveX component
6608712 java_plugin applet_spec Bypassing the same origin policy in Java with crafted names
6568419 java_plugin misc initial_focus flag not working when an applet is compiled with 1.4 and run with 1.5
6593309 java_plugin misc applet focus issue with button after minimizing an maximizing
6631506 java_plugin plugin REG : Unable to launch an applet on MZ using 6u4
6634129 java_plugin plugin jar protocol allows LiveConnect code to connect to any port on localhost
6623233 javawebstart general arbitary code execution using java web start
6605184 javawebstart jnlp_file [ZDI-CAN-234] Security Vulnerability in XML UTF8 character encoding in JNLP files
6660121 javawebstart jnlp_file Encoding values in JNLP files can cause buffer overflow
6588002 jaxp other XSLTProcessorApplet still allows reading from forbidden URLs
6616825 jmx classes JMX query returns no value in 1.0 compatibility mode - deserialization bug in readObject()

Java

Published by Adam Myatt on 01 Mar 2008

Sun Releases JDK 1.4.2 Update 17 (JDK 1.4.2.17)

Bug fixes are listed in the following table.

BugId Category Subcategory Description
6587132 hotspot compiler2 Code changes behavior when compiled
6593303 hotspot compiler2 CHA sometimes returns wrong answers
6558100 hotspot garbage_collector CMS crash following parallel work queue overflow
6647251 java classes_security Add DigiCert root CA certs to JDK
6647254 java classes_security Add TrustCenter root CA certificates to the JDK
6624769 java classes_util_i18n (tz) Support tzdata2007i
6646197 java classes_util_i18n (tz) Support tzdata2007k
6604056 java_deployment security deploy/src/javaws/share/config/cacerts shouldn’t contain any CA certs in source releases
6609756 java_deployment security Buffer Overflow in Java ActiveX component
6608712 java_plugin applet_spec Bypassing the same origin policy in Java with crafted names
6631506 java_plugin plugin REG : Unable to launch an applet on MZ using 6u4
6634129 java_plugin plugin jar protocol allows LiveConnect code to connect to any port on localhost
6623233 javawebstart general arbitary code execution using java web start
6660121 javawebstart jnlp_file Encoding values in JNLP files can cause buffer overflow
6607234 javawebstart other Use jre/lib/security/cacerts by java webstart instead of jre/javaws/cacerts from deploy workspace
6588002 jaxp other XSLTProcessorApplet still allows reading from forbidden URLs

Java

Next »