Mon, 22 Jun 2009 07:23:20 -0700 6830335: Java JAR Pack200 Decompression Integer Overflow Vulnerability
ksrini [Mon, 22 Jun 2009 07:23:20 -0700] rev 3463
6830335: Java JAR Pack200 Decompression Integer Overflow Vulnerability Summary: Fixes a potential vulnerability in the unpack200 logic, by adding extra checks, a back-port. Reviewed-by: asaha
Tue, 23 Jun 2009 13:54:36 -0400 6824440: XML Signature HMAC issue
mullan [Tue, 23 Jun 2009 13:54:36 -0400] rev 3462
6824440: XML Signature HMAC issue Reviewed-by: asaha
Mon, 22 Jun 2009 13:36:37 -0700 6656610: AccessibleResourceBundle.getContents exposes mutable static (findbugs)
asaha [Mon, 22 Jun 2009 13:36:37 -0700] rev 3461
6656610: AccessibleResourceBundle.getContents exposes mutable static (findbugs) Reviewed-by: hawtin
Thu, 18 Jun 2009 22:53:54 -0700 Merge
asaha [Thu, 18 Jun 2009 22:53:54 -0700] rev 3460
Merge
Thu, 18 Jun 2009 22:45:16 -0700 Merge
asaha [Thu, 18 Jun 2009 22:45:16 -0700] rev 3459
Merge
Wed, 17 Jun 2009 13:12:42 -0700 Merge
asaha [Wed, 17 Jun 2009 13:12:42 -0700] rev 3458
Merge
Thu, 18 Jun 2009 14:08:07 +0400 6660049: Synth Region.uiToRegionMap/lowerCaseNameMap are mutable statics
malenkov [Thu, 18 Jun 2009 14:08:07 +0400] rev 3457
6660049: Synth Region.uiToRegionMap/lowerCaseNameMap are mutable statics Reviewed-by: hawtin
Fri, 12 Jun 2009 12:26:20 -0700 Merge
asaha [Fri, 12 Jun 2009 12:26:20 -0700] rev 3456
Merge
Fri, 12 Jun 2009 10:54:48 -0700 Merge
asaha [Fri, 12 Jun 2009 10:54:48 -0700] rev 3455
Merge
Thu, 07 May 2009 13:18:12 -0700 Merge
asaha [Thu, 07 May 2009 13:18:12 -0700] rev 3454
Merge
Wed, 13 May 2009 14:32:33 +0400 6777448: JDK13Services.getProviders creates instances with full privileges [hawtin, alexp]
amenkov [Wed, 13 May 2009 14:32:33 +0400] rev 3453
6777448: JDK13Services.getProviders creates instances with full privileges [hawtin, alexp] Reviewed-by: hawtin, alexp
Wed, 13 May 2009 14:32:14 +0400 6738524: JDK13Services allows read access to system properties from untrusted code
amenkov [Wed, 13 May 2009 14:32:14 +0400] rev 3452
6738524: JDK13Services allows read access to system properties from untrusted code Reviewed-by: hawtin
Wed, 13 May 2009 13:52:52 +0400 6657625: RmfFileReader/StandardMidiFileWriter.types are public mutable statics (findbugs)
amenkov [Wed, 13 May 2009 13:52:52 +0400] rev 3451
6657625: RmfFileReader/StandardMidiFileWriter.types are public mutable statics (findbugs) Reviewed-by: hawtin
Tue, 12 May 2009 16:32:34 +0100 6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar [Tue, 12 May 2009 16:32:34 +0100] rev 3450
6801071: Remote sites can compromise user privacy and possibly hijack web sessions Reviewed-by: jccollet, hawtin
Fri, 08 May 2009 16:15:15 +0400 6823373: [ZDI-CAN-460] Java Web Start JPEG header parsing needs more scruity
bae [Fri, 08 May 2009 16:15:15 +0400] rev 3449
6823373: [ZDI-CAN-460] Java Web Start JPEG header parsing needs more scruity Reviewed-by: igor
Fri, 08 May 2009 15:57:33 +0400 6657133: Mutable statics in imageio plugins (findbugs)
bae [Fri, 08 May 2009 15:57:33 +0400] rev 3448
6657133: Mutable statics in imageio plugins (findbugs) Reviewed-by: prr
Fri, 08 May 2009 15:38:21 +0400 6656625: ImageReaderSpi.STANDARD_INPUT_TYPE/ImageWriterSpi.STANDARD_OUTPUT_TYPE are mutable static (findbugs)
bae [Fri, 08 May 2009 15:38:21 +0400] rev 3447
6656625: ImageReaderSpi.STANDARD_INPUT_TYPE/ImageWriterSpi.STANDARD_OUTPUT_TYPE are mutable static (findbugs) Reviewed-by: prr
Thu, 07 May 2009 10:44:45 +0200 6736293: OpenType checks can be bypassed through finalizer resurrection
emcmanus [Thu, 07 May 2009 10:44:45 +0200] rev 3446
6736293: OpenType checks can be bypassed through finalizer resurrection Reviewed-by: hawtin
Wed, 06 May 2009 15:17:22 +0400 6656586: Cursor.predefined is protected static mutable (findbugs)
art [Wed, 06 May 2009 15:17:22 +0400] rev 3445
6656586: Cursor.predefined is protected static mutable (findbugs) Reviewed-by: hawtin, igor
Tue, 05 May 2009 17:56:31 +0400 6818787: It is possible to reposition the security icon too far from the border of the window on X11
anthony [Tue, 05 May 2009 17:56:31 +0400] rev 3444
6818787: It is possible to reposition the security icon too far from the border of the window on X11 Summary: The constraints for the position of the icon are moved to the shared code Reviewed-by: art, dcherepanov
Tue, 05 May 2009 17:47:04 +0400 6805231: Security Warning Icon is missing in Windows 2000 Prof from Jdk build 6u12
anthony [Tue, 05 May 2009 17:47:04 +0400] rev 3443
6805231: Security Warning Icon is missing in Windows 2000 Prof from Jdk build 6u12 Summary: The icon becomes layered only when the fading-out effect is being performed. Reviewed-by: art, dcherepanov
Tue, 05 May 2009 11:02:51 +0200 6801497: Proxy is assumed to be immutable but is non-final
jccollet [Tue, 05 May 2009 11:02:51 +0200] rev 3442
6801497: Proxy is assumed to be immutable but is non-final Summary: Cloned the proxy instance when necessary Reviewed-by: chegar
Tue, 05 May 2009 12:07:37 +0400 6837293: Reapply fix for 6588003 to JDK7
peterz [Tue, 05 May 2009 12:07:37 +0400] rev 3441
6837293: Reapply fix for 6588003 to JDK7 Reviewed-by: alexp
Wed, 29 Apr 2009 11:43:19 -0700 Merge
asaha [Wed, 29 Apr 2009 11:43:19 -0700] rev 3440
Merge
(0) -3000 -1000 -300 -100 -50 -24 +24 +50 +100 +300 +1000 +3000 +10000 +30000 tip