Wed, 17 Feb 2010 13:10:26 +0300 6914823: Java AWT Library Invalid Index Vulnerability
bae [Wed, 17 Feb 2010 13:10:26 +0300] rev 5188
6914823: Java AWT Library Invalid Index Vulnerability Reviewed-by: flar, hawtin
Wed, 17 Feb 2010 12:49:41 +0300 6914866: Sun JRE ImagingLib arbitrary code execution vulnerability
bae [Wed, 17 Feb 2010 12:49:41 +0300] rev 5187
6914866: Sun JRE ImagingLib arbitrary code execution vulnerability Reviewed-by: prr, hawtin
Tue, 12 Jan 2010 12:13:48 +0000 6910590: Application can modify command array, in ProcessBuilder
michaelm [Tue, 12 Jan 2010 12:13:48 +0000] rev 5186
6910590: Application can modify command array, in ProcessBuilder Summary: clone array returned by List.toArray() Reviewed-by: chegar, alanb
Tue, 22 Dec 2009 17:56:58 +0300 6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability
malenkov [Tue, 22 Dec 2009 17:56:58 +0300] rev 5185
6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability Reviewed-by: hawtin, peterz
Fri, 18 Dec 2009 09:09:12 -0500 6904162: Add new VeriSign root CA certificates to JRE and remove some old/unused ones
mullan [Fri, 18 Dec 2009 09:09:12 -0500] rev 5184
6904162: Add new VeriSign root CA certificates to JRE and remove some old/unused ones Reviewed-by: asaha
Tue, 08 Dec 2009 15:58:49 -0500 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
mullan [Tue, 08 Dec 2009 15:58:49 -0500] rev 5183
6633872: Policy/PolicyFile leak dynamic ProtectionDomains. Reviewed-by: hawtin
Mon, 07 Dec 2009 21:16:41 -0800 6898739: TLS renegotiation issue
xuelei [Mon, 07 Dec 2009 21:16:41 -0800] rev 5182
6898739: TLS renegotiation issue Summary: the interim fix disables TLS/SSL renegotiation Reviewed-by: mullan, chegar, wetmore
Fri, 04 Dec 2009 10:23:07 -0800 Merge
asaha [Fri, 04 Dec 2009 10:23:07 -0800] rev 5181
Merge
Wed, 02 Dec 2009 12:17:42 +0000 6893954: Subclasses of InetAddress may incorrectly interpret network addresses
michaelm [Wed, 02 Dec 2009 12:17:42 +0000] rev 5180
6893954: Subclasses of InetAddress may incorrectly interpret network addresses Summary: runtime type checks and deserialization check Reviewed-by: chegar, alanb, jccollet
Tue, 01 Dec 2009 08:55:15 -0800 Merge
asaha [Tue, 01 Dec 2009 08:55:15 -0800] rev 5179
Merge
Thu, 26 Nov 2009 07:17:08 -0800 Merge
asaha [Thu, 26 Nov 2009 07:17:08 -0800] rev 5178
Merge
Wed, 25 Nov 2009 16:02:08 -0800 Merge
mchung [Wed, 25 Nov 2009 16:02:08 -0800] rev 5177
Merge
Wed, 25 Nov 2009 11:19:32 -0800 Merge
mchung [Wed, 25 Nov 2009 11:19:32 -0800] rev 5176
Merge
Wed, 25 Nov 2009 09:09:04 -0800 6893947: Deserialization of RMIConnectionImpl objects should enforce stricter checks [ZDI-CAN-588]
mchung [Wed, 25 Nov 2009 09:09:04 -0800] rev 5175
6893947: Deserialization of RMIConnectionImpl objects should enforce stricter checks [ZDI-CAN-588] Summary: narrow the doPrivileged block to only set context ClassLoader Reviewed-by: hawtin, emcmanus
Wed, 25 Nov 2009 12:51:00 -0800 6904925: Changeset for 6745393 for jdk7 ssr forest was incomplete
sherman [Wed, 25 Nov 2009 12:51:00 -0800] rev 5174
6904925: Changeset for 6745393 for jdk7 ssr forest was incomplete Summary: To add, commit and push back the ZStreamRef.java Reviewed-by: alanb
(0) -3000 -1000 -300 -100 -15 +15 +100 +300 +1000 +3000 +10000 +30000 tip