Your message dated Thu, 20 Oct 2011 21:06:42 +0000
with message-id <[email protected]>
and subject line Bug#641240: fixed in openjdk-7 7~b147-2.0-1
has caused the Debian Bug report #641240,
regarding Incomplete changelog if version is ahead of openjdk-6-jre-headless
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
641240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641240
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: openjdk-6-jre-lib
Version: 6b23~pre9-1
Severity: serious
Justification: wheezy RC policy: "The package changelog must be included."
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
The /usr/share/doc/openjdk-6-jre-lib directory is a symbolic link
to /usr/share/doc/openjdk-6-jre-headless even though the dependency
allows for the two packages to have different versions. This is not
merely theoretical or of minor importance.
Due to the unsatisfiable version conflict mentioned in #640736 and
#641075, aptitude on my system has not yet upgraded
openjdk-6-jre-headless to 6b23~pre9-1, even though it has upgraded
openjdk-6-jre-lib to 6b23~pre9-1. I do make use of icedtea-netx, so I
have not simply uninstalled it to complete the upgrade, and I am
hesitant to do so.
This became an issue when I was trying to prepare the Eclipse 3.7
packaging for entry into sid, which I am currently working on in
collaboration with Niels Thykier. An error arose which I suspect is
related in some way to my recent partial OpenJDK upgrade, but I do not
have the ~pre9-1 changelog anywhere on my system due to the use of the
symlink shortcut, so this has been difficult to debug.
Although I found the changelog online, I do not only work on Debian
when I have Internet access, and the DFSG-freeness part of the wheezy RC
policy rightly insists on the inclusion of the package changelog. The
version included in the current OpenJDK packaging does not always
correspond to what is installed, which is the reason I have used an RC
severity.
Thanks in advance,
- - Jimmy Kaplowitz
[email protected]
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openjdk-6-jre-lib depends on:
ii openjdk-6-jre-headless 6b23~pre8-1
openjdk-6-jre-lib recommends no packages.
openjdk-6-jre-lib suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJObVTCAAoJEGT+wHBUdj6bBbUQAIDdNOUvqkP1vPCJzJj2zmnH
PDvvMj3nl5Wb5QuEWOHO4UCmHjHDu/OonWeO/DGbd1MdmuulPG+Vu7F1hXDpDsgf
YdcCotsCDUAW/Wsc1H5Bsg11ikxFJIOUNfTeNtqfhhJHECREI76X0WCy0S3dgom3
QqkXjDQ+xH3o9kttJHdkEsqqb9VK45QZCEj45MG+9rqjv8TBKu/vWQh70LNcylw/
J8LcpS5qUecmeSm/3WqaVDfdyhGV2Ddfw8TZIkDETS5mMx1oabTgN6LjzkwNKbhJ
fAlQCMKvZ/PGOlSjAG5S6rc7Pb8AOxG2a51uADsIshvcv4IbPFu3dG1TKy8CAZcX
tOqP0XJHfm7u+zSTSjGbUTu5zn9jW4oIFdf73i+ttVYnSObQjL85HEqzeloKlGEy
G53hmf9PW4GOiLAUgDtRIa9Qytzmln+rsTq8iSWu2/ZshpjCAWVcQwaMqIAeZKfO
eHy2rwV/YOdg1tC/djzA06+0ELn623vCMkdKsw52DWPvJHsEcDk2g6NN9HcONv1+
1qAhCny89MvAPG403zXH3wb26qK8PIfIX40E9wI7v4pVaRglMI5e0Fbdut/CTN/I
qA2WvmFzUE5ytMsUQYYGZG8+5YvNO8f8mk7B/F6l7GG0xOC/Ghk+iLg+1+Af9fe9
SwFR8AaqrxTScVRK/oJq
=Q2gw
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: openjdk-7
Source-Version: 7~b147-2.0-1
We believe that the bug you reported is fixed in the latest version of
openjdk-7, which is due to be installed in the Debian FTP archive:
icedtea-7-jre-jamvm_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/icedtea-7-jre-jamvm_7~b147-2.0-1_amd64.deb
openjdk-7-dbg_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-dbg_7~b147-2.0-1_amd64.deb
openjdk-7-demo_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-demo_7~b147-2.0-1_amd64.deb
openjdk-7-doc_7~b147-2.0-1_all.deb
to main/o/openjdk-7/openjdk-7-doc_7~b147-2.0-1_all.deb
openjdk-7-jdk_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-jdk_7~b147-2.0-1_amd64.deb
openjdk-7-jre-headless_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-jre-headless_7~b147-2.0-1_amd64.deb
openjdk-7-jre-lib_7~b147-2.0-1_all.deb
to main/o/openjdk-7/openjdk-7-jre-lib_7~b147-2.0-1_all.deb
openjdk-7-jre-zero_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-jre-zero_7~b147-2.0-1_amd64.deb
openjdk-7-jre_7~b147-2.0-1_amd64.deb
to main/o/openjdk-7/openjdk-7-jre_7~b147-2.0-1_amd64.deb
openjdk-7-source_7~b147-2.0-1_all.deb
to main/o/openjdk-7/openjdk-7-source_7~b147-2.0-1_all.deb
openjdk-7_7~b147-2.0-1.diff.gz
to main/o/openjdk-7/openjdk-7_7~b147-2.0-1.diff.gz
openjdk-7_7~b147-2.0-1.dsc
to main/o/openjdk-7/openjdk-7_7~b147-2.0-1.dsc
openjdk-7_7~b147-2.0.orig.tar.gz
to main/o/openjdk-7/openjdk-7_7~b147-2.0.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damien Raude-Morvan <[email protected]> (supplier of updated openjdk-7 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 01 Oct 2011 10:53:15 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib
openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm
openjdk-7-jre-zero
Architecture: source amd64 all
Version: 7~b147-2.0-1
Distribution: unstable
Urgency: low
Maintainer: OpenJDK Team <[email protected]>
Changed-By: Damien Raude-Morvan <[email protected]>
Description:
icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
openjdk-7-jdk - OpenJDK Development Kit (JDK)
openjdk-7-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-7-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-7-source - OpenJDK Development Kit (JDK) source files
Closes: 641240
Changes:
openjdk-7 (7~b147-2.0-1) unstable; urgency=low
.
* New upstream IcedTea7 release.
- S7000600, CVE-2011-3547: InputStream skip() information leak.
- S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
- S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
- S7032417, CVE-2011-3552: excessive default UDP socket limit under
SecurityManager.
- S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
- S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
engine.
- S7055902, CVE-2011-3521: IIOP deserialization code execution.
- S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error
checks.
- S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
against SSL/TLS (BEAST).
- S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer.
- S7077466, CVE-2011-3556: RMI DGC server remote code execution.
- S7083012, CVE-2011-3557: RMI registry privileged code execution.
- S7096936, CVE-2011-3560: missing checkSetFactory calls in
HttpsURLConnection.
.
[ Matthias Klose ]
* Merge debian packaging r501 from openjdk-6:
- Tighten inter-package dependencies for Debian builds. Closes: #641240.
* Build-depend on wdiff.
Checksums-Sha1:
c0b74ca611a4142e4e183b2c4b999fb1af6e6c56 3573 openjdk-7_7~b147-2.0-1.dsc
5bfa912635b91472aa97227829c4f99ef2884915 61793429
openjdk-7_7~b147-2.0.orig.tar.gz
2f92c3f4394d48c566a000065573b7a0f90e9e79 174331 openjdk-7_7~b147-2.0-1.diff.gz
c2fc761e85f1dedaf1f5b66c998a6284d4f5f2c0 11470550
openjdk-7-jdk_7~b147-2.0-1_amd64.deb
9688175db6283f8791381c2a6f450ed23a6275d9 27957394
openjdk-7-jre-headless_7~b147-2.0-1_amd64.deb
05d72fb96fbc152d058cc8107ed2f5a3cf24139a 226084
openjdk-7-jre_7~b147-2.0-1_amd64.deb
a60eecc0692f7829e47cb7a8454689e13a909155 2395346
openjdk-7-demo_7~b147-2.0-1_amd64.deb
b17b247d75f19b9e8c5f318ccd49b90e6c3b318e 146957768
openjdk-7-dbg_7~b147-2.0-1_amd64.deb
aebafa12dc2d1c7a0e3510c1bbe3fc35020d0fae 526614
icedtea-7-jre-jamvm_7~b147-2.0-1_amd64.deb
42b3f6609c822d5bf21d138c5990d830924ad442 2437146
openjdk-7-jre-zero_7~b147-2.0-1_amd64.deb
fffcbffe7004e593011e5fdfa3c7cc411311b539 5222320
openjdk-7-jre-lib_7~b147-2.0-1_all.deb
f6db677bee5be46ee15b559c91659a8ec33af9d2 41323314
openjdk-7-source_7~b147-2.0-1_all.deb
24f7129ff7175d095a5782c70e22c784b9d42815 22096812
openjdk-7-doc_7~b147-2.0-1_all.deb
Checksums-Sha256:
61904ca083570cd19517a600a8b3971d4fc6823be45026ac7a4488bffd52558b 3573
openjdk-7_7~b147-2.0-1.dsc
2f4a6a87d573f517829477406bfa2985bdde9ef5dc1d99900526c0c7bde92424 61793429
openjdk-7_7~b147-2.0.orig.tar.gz
c48b6de77c9e9b439e870c5498583dbad2eae764c6ac55f133ab19958b31781b 174331
openjdk-7_7~b147-2.0-1.diff.gz
6ecff1bfe9b95f49685d1e62e043cc06b33a47044e4904d065cc70d39de00333 11470550
openjdk-7-jdk_7~b147-2.0-1_amd64.deb
409c53c5c487b1999c0e4c85cd4c4ec1aaecde516416c8f275cd94832e736771 27957394
openjdk-7-jre-headless_7~b147-2.0-1_amd64.deb
d550b0a6b8ffa967459135c5d7ceb6cc693690a295ca3374a7784bad6b0931a8 226084
openjdk-7-jre_7~b147-2.0-1_amd64.deb
9c2e15cb45612adbe65d38737e71ec0104da57a7e648445345173a9d1f39a4d4 2395346
openjdk-7-demo_7~b147-2.0-1_amd64.deb
0843d0dd9c43b9b85342d1b1cfac261f183b6a5b9c53e784dd94bfe44205cfa8 146957768
openjdk-7-dbg_7~b147-2.0-1_amd64.deb
7c2f169408a5a2d0c2d9247e31cd4ef54daa7ca2ab4c9f0a195478a29aa792d3 526614
icedtea-7-jre-jamvm_7~b147-2.0-1_amd64.deb
682128e609bc6121e6587deef60a840b550bab05b4d6206f3b057fa246c4437f 2437146
openjdk-7-jre-zero_7~b147-2.0-1_amd64.deb
06e7d6f596e099da2e10e719687b6ec664f5939a4205a11f77f2a1ed87b9e8d3 5222320
openjdk-7-jre-lib_7~b147-2.0-1_all.deb
fde17cbbd6bfde2350b30da18d673b89edc97a4205285e56098aa2764c660710 41323314
openjdk-7-source_7~b147-2.0-1_all.deb
19586979453d491ecffbfe08cb9b245cf870c34d63bcc29f26039902d2fa08b8 22096812
openjdk-7-doc_7~b147-2.0-1_all.deb
Files:
1859b13c8fef9724aea9ac82355ff066 3573 java optional openjdk-7_7~b147-2.0-1.dsc
ea8484583b5437b2811e43192f7e7d76 61793429 java optional
openjdk-7_7~b147-2.0.orig.tar.gz
ff6051053860bebd12738688bc94d0da 174331 java optional
openjdk-7_7~b147-2.0-1.diff.gz
423c2a3e9fe07f1c99d77c637233027f 11470550 java optional
openjdk-7-jdk_7~b147-2.0-1_amd64.deb
18ff82ad32920d3a68972afb944549cd 27957394 java optional
openjdk-7-jre-headless_7~b147-2.0-1_amd64.deb
591842b0627c78e5213251c09aeeccab 226084 java optional
openjdk-7-jre_7~b147-2.0-1_amd64.deb
132d648c97c0337b29103237c7a3a8e7 2395346 java extra
openjdk-7-demo_7~b147-2.0-1_amd64.deb
51c8a3e7d9e0782bf2544816f1016607 146957768 debug extra
openjdk-7-dbg_7~b147-2.0-1_amd64.deb
4f5c4d2082d9e935d2dcdd94cbe9436f 526614 java extra
icedtea-7-jre-jamvm_7~b147-2.0-1_amd64.deb
8cae336145cd08ff9ec952cb65ae149f 2437146 java extra
openjdk-7-jre-zero_7~b147-2.0-1_amd64.deb
df7464af071aef005ad57c82e7c38781 5222320 java optional
openjdk-7-jre-lib_7~b147-2.0-1_all.deb
00a074f39440f2d7c01b5f24c35406b7 41323314 java extra
openjdk-7-source_7~b147-2.0-1_all.deb
9b7424d4eba9bd46edce3b325d2d8c27 22096812 doc extra
openjdk-7-doc_7~b147-2.0-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJOoHCnAAoJEHXiDM0z50n8wpsQAM532SgyWOAkT+CEbBMOE81r
5o7ZGqISQ/6oA1iVvtIbkoApsBdMm586dL44k0ntL2IZiJAzNUh6Mjnh9jXE7GKt
7T+zehk4xk+uHi7NLr7UlcANAH/UKhXVOK9/AKpIjewpZXeqP7G1SGwy1dj1p9Iv
wtH/nRzVJmCQ9Qki+CE2H2LQ6UbVgyK8DrTENMaPwEGbMVCeqnOp9WOAWkLGWqLs
z7TVZFAdT5vHLQwgVJJNK1XStfG9CZCcK/7Iq+aaiOJ45yuop0tdINpkAUl4M9eG
ct0NEFpUIhCW+LXDNl1ZMHFG6Yn4w+zzVTIClMS8o1G1mfNijN+qgUxIaG+UCfeo
9KWhOwFvQgMBZKVaZ4tboGCsPo/EQqGl2GHdOoJzUWzvK7qtb6L3e3G1pzMak2P1
66YOs7aXKXLqNB7PhXxDKDX4CoAx/NU/EMfa88bD3HGHs2G0M7ZZoD85dqmhyUlH
4XTmQz96dT/m05JWcV0xf4XzIm1XfVkBg/tQe0ILiodQqF9+pJcIJLWqE0ZWOGV/
VVYp+reAxWppK8JxfLbO37HLsDwHcGMrUgHq/fuhHwsVnp/H1+A9Ud3HPMnB0Jt0
AT4EmaEpCom4JiVxFFZYNiB26Pm/fr6KMWN1PMRT6zqmWwErTi1jJNXpRrrNwsrL
XvDyUUVVvQn5kWH5nl5p
=2L2B
-----END PGP SIGNATURE-----
--- End Message ---
