asaha [Fri, 23 Oct 2009 12:58:10 -0700] rev 4217
Merge
asaha [Thu, 22 Oct 2009 16:28:01 -0700] rev 4216
Merge
asaha [Wed, 21 Oct 2009 11:34:19 -0700] rev 4215
Merge
asaha [Wed, 21 Oct 2009 11:28:46 -0700] rev 4214
Merge
asaha [Fri, 16 Oct 2009 11:20:38 -0700] rev 4213
Merge
asaha [Thu, 15 Oct 2009 14:41:51 -0700] rev 4212
Merge
asaha [Wed, 14 Oct 2009 14:21:25 -0700] rev 4211
Merge
asaha [Wed, 07 Oct 2009 08:38:43 -0700] rev 4210
Merge
asaha [Tue, 06 Oct 2009 21:40:55 -0700] rev 4209
Merge
vinnie [Thu, 24 Sep 2009 22:50:41 +0100] rev 4208
6863503: SECURITY: MessageDigest.isEqual introduces timing attack vulnerabilities
Reviewed-by: mullan, wetmore
bae [Mon, 14 Sep 2009 11:46:16 +0400] rev 4207
6872358: JRE AWT setBytePixels vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 14:15:47 +0400] rev 4206
6631533: ICC_Profile allows detecting if some files exist
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 14:04:38 +0400] rev 4205
6632445: DoS from parsing BMPs with UNC ICC links
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 13:52:27 +0400] rev 4204
6822057: X11 and Win32GraphicsDevice don't clone arrays returned from getConfigurations()
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 13:35:28 +0400] rev 4203
6862968: JPEG Image Writer quantization problem
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 12:50:09 +0400] rev 4202
6872357: JRE AWT setDifflCM vulnerable to Stack Overflow
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 12:26:34 +0400] rev 4201
6874643: ImageI/O JPEG is vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
asaha [Sat, 05 Sep 2009 07:55:05 -0700] rev 4200
Merge
malenkov [Thu, 03 Sep 2009 19:42:27 +0400] rev 4199
6657026: Numerous static security flaws in Swing (findbugs)
Reviewed-by: hawtin, peterz
asaha [Tue, 01 Sep 2009 08:15:00 -0700] rev 4198
Merge
asaha [Mon, 31 Aug 2009 08:54:39 -0700] rev 4197
Merge
asaha [Thu, 27 Aug 2009 15:08:10 -0700] rev 4196
Merge
asaha [Wed, 26 Aug 2009 08:38:57 -0700] rev 4195
Merge
okutsu [Wed, 26 Aug 2009 17:05:15 +0900] rev 4194
6824265: (tz) TimeZone.getTimeZone allows probing local filesystem
Reviewed-by: peytoia
valeriep [Thu, 20 Aug 2009 17:16:13 -0700] rev 4193
6874407: Missing regression test for 6636650
Summary: Prevent classloader from resurrection
Reviewed-by: hawtin
valeriep [Thu, 20 Aug 2009 14:49:31 -0700] rev 4192
6636650: (cl) Resurrected ClassLoaders can still have children
Summary: Prevent classloader from resurrection
Reviewed-by: hawtin
dcherepanov [Thu, 20 Aug 2009 12:46:43 +0400] rev 4191
6664512: Component and [Default]KeyboardFocusManager pass security sensitive objects to loggers
Summary: toString is called on security sensitive objects
Reviewed-by: art, hawtin
xuelei [Tue, 18 Aug 2009 20:47:13 -0700] rev 4190
6861062: Disable MD2 support
Reviewed-by: mullan, weijun