According to the changelog of the version of sun-java6 in Natty:
* https://launchpad.net/ubuntu/+source/sun-java6/6.24-1build0.10.10.1
This bug should be fix-released for Natty. Updating accordingly.
** Changed in: sun-java6 (Ubuntu Natty)
Status: Triaged = Fix Released
--
You
** Changed in: sun-java6 (Ubuntu Natty)
Milestone: ubuntu-11.04-beta-1 = ubuntu-11.04-beta-2
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/716689
Title:
Security Alert For CVE-2010-4476
** Changed in: openjdk-6 (Ubuntu Hardy)
Status: In Progress = Triaged
** Changed in: openjdk-6 (Ubuntu Natty)
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
For openjdk-6, USN 1079-1 was published:
http://www.ubuntu.com/usn/usn-1079-1
** Changed in: openjdk-6 (Ubuntu Karmic)
Status: In Progress = Fix Released
** Changed in: openjdk-6 (Ubuntu Lucid)
Status: In Progress = Fix Released
** Changed in: openjdk-6 (Ubuntu Maverick)
This bug was fixed in the package sun-java6 - 6.24-1build0.9.10.1
---
sun-java6 (6.24-1build0.9.10.1) karmic-security; urgency=low
* Fake sync from Debian (LP: #716689)
* Removed debian/source dir reverting back to 1.0 packaging format as
3.0 (quilt) isn't available prior to
This bug was fixed in the package sun-java6 - 6.24-1build0.8.04.1
---
sun-java6 (6.24-1build0.8.04.1) hardy-security; urgency=low
* Fake sync from Debian (LP: #716689)
* Removed debian/source dir reverting back to 1.0 packaging format as
3.0 (quilt) isn't available prior to
Lucid and Maverick now have packages in partner.
** Changed in: sun-java6 (Ubuntu Lucid)
Status: In Progress = Fix Released
** Changed in: sun-java6 (Ubuntu Maverick)
Status: In Progress = Fix Released
** Changed in: sun-java6 (Ubuntu Hardy)
Status: In Progress = Fix
Brian, will you be providing an update for natty in partner?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/716689
Title:
Security Alert For CVE-2010-4476 Released
--
ubuntu-bugs mailing list
Hardy and Karmic updates are building in the security PPA.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/716689
Title:
Security Alert For CVE-2010-4476 Released
--
ubuntu-bugs mailing list
Partner for Natty is empty now, (we don't do migrations there until Beta 1)
but yes, I'll make sure the newer version is copied over at that time.
On Wed, Feb 23, 2011 at 1:35 PM, Jamie Strandboge ja...@ubuntu.com wrote:
Brian, will you be providing an update for natty in partner?
--
You
** Changed in: sun-java6 (Ubuntu Natty)
Importance: Undecided = Medium
** Changed in: sun-java6 (Ubuntu Natty)
Status: Confirmed = Triaged
** Changed in: sun-java6 (Ubuntu Natty)
Milestone: None = ubuntu-11.04-beta-1
--
You received this bug notification because you are a member
** Also affects: openjdk-6 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: sun-java6 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: openjdk-6 (Ubuntu Karmic)
Importance: Undecided
Status: New
** Also affects: sun-java6 (Ubuntu
Brian, the hardy and karmic packages need to be backported to a non-
source format v3 package as this was only first supported in Lucid:
https://bugs.launchpad.net/launchpad/+bug/293106/comments/9
** Changed in: sun-java6 (Ubuntu Hardy)
Status: Fix Committed = In Progress
** Changed in:
The official Java 6 binaries update 24 are available from Oracle. Oracle claims
that CVE-2010-4476 is fixed in it.
I guess it is time for Ubuntu to create packages from it ASAP.
http://www.oracle.com/technetwork/java/javase/downloads/index-
jsp-138363.html
--
You received this bug notification
Sorry for the bad assigned. I uploaded in Natty (I did that in Debian
yesterday). I don't know if you want to upload in maverick or not ?!
** Changed in: sun-java6 (Ubuntu)
Assignee: Brian Thomason (brian-thomason) = Sylvestre Ledru (sylvestre)
** Changed in: sun-java6 (Ubuntu)
Well it is needed for Maverick and Lucid as well.
Affects Karmic, Hardy and even Dapper which are supported but not from partner
repository.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/716689
CVE-2010-4476 is about a bug whereby inputting 2.2250738585072014e-308
or variations of it [1] to the java.lang.Double.parseDouble(String)
method causes it to enter an infinite loop; control is not returned to
the calling thread.
This bug can be used to cause remote unauthenticated denial of
Gr, I am bored by the bloody permissions (I wished Ubuntu implemented
dynamic per package upload for DD...)
The signer of this package has no upload rights to this distribution's primary
archive. Did you mean to upload to a PPA?
Using sun-java6_6.24-1.dsc from:
@Sylvestre Ledru
sun-java6 is in the partner repository since Lucid, so only a few individuals
can actually upload it.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/716689
Title:
Security Alert
Thanks Sylvestre, I'll see about getting you upload rights for sun-java6
in Partner; I'm just not sure we have such fine grained control there or
not. In the meantime, I will grab your package and test it on Lucid+
tomorrow and push it to Jamie S. for review. The work is much
appreciated!
--
** Changed in: openjdk-6 (Ubuntu)
Status: New = In Progress
** Changed in: openjdk-6 (Ubuntu)
Importance: Undecided = Medium
** Changed in: openjdk-6 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of
** Changed in: sun-java6 (Ubuntu)
Status: New = Confirmed
** Changed in: sun-java6 (Ubuntu)
Assignee: (unassigned) = Brian Thomason (brian-thomason)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
22 matches
Mail list logo
