Subject: openjdk-6: wrong version in `changelog.Debian.gz` Package: openjdk-6 Version: 6b18-1.8.7-1 Severity: minor
Dear Debian folks, in `changelog.Debian.gz` it says openjdk-6 (6b18-1.8.7-1) unstable; urgency=medium * IcedTea6 1.9.7 release. - S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption. - S6907662, CVE-2010-4465: Swing timer-based security manager bypass. - S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation. - S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets. - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries. - S6985453, CVE-2010-4471: Java2D font-related system property leak. - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation. - CVE-2011-0706: Multiple signers privilege escalation. * IcedTea6 1.9.6 release. […] but I guess this has to be 1.8.{6,7} each time. I wanted to submit a patch, but I could not find these lines in the directory created by `debcheckout openjdk-6`. Thanks, Paul -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
signature.asc
Description: This is a digitally signed message part