asaha [Wed, 07 Oct 2009 08:38:43 -0700] rev 4210
Merge
asaha [Tue, 06 Oct 2009 21:40:55 -0700] rev 4209
Merge
vinnie [Thu, 24 Sep 2009 22:50:41 +0100] rev 4208
6863503: SECURITY: MessageDigest.isEqual introduces timing attack vulnerabilities
Reviewed-by: mullan, wetmore
bae [Mon, 14 Sep 2009 11:46:16 +0400] rev 4207
6872358: JRE AWT setBytePixels vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 14:15:47 +0400] rev 4206
6631533: ICC_Profile allows detecting if some files exist
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 14:04:38 +0400] rev 4205
6632445: DoS from parsing BMPs with UNC ICC links
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 13:52:27 +0400] rev 4204
6822057: X11 and Win32GraphicsDevice don't clone arrays returned from getConfigurations()
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 13:35:28 +0400] rev 4203
6862968: JPEG Image Writer quantization problem
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 12:50:09 +0400] rev 4202
6872357: JRE AWT setDifflCM vulnerable to Stack Overflow
Reviewed-by: prr, hawtin
bae [Thu, 10 Sep 2009 12:26:34 +0400] rev 4201
6874643: ImageI/O JPEG is vulnerable to Heap Overflow
Reviewed-by: prr, hawtin
asaha [Sat, 05 Sep 2009 07:55:05 -0700] rev 4200
Merge
malenkov [Thu, 03 Sep 2009 19:42:27 +0400] rev 4199
6657026: Numerous static security flaws in Swing (findbugs)
Reviewed-by: hawtin, peterz
asaha [Tue, 01 Sep 2009 08:15:00 -0700] rev 4198
Merge
asaha [Mon, 31 Aug 2009 08:54:39 -0700] rev 4197
Merge
asaha [Thu, 27 Aug 2009 15:08:10 -0700] rev 4196
Merge
asaha [Wed, 26 Aug 2009 08:38:57 -0700] rev 4195
Merge
okutsu [Wed, 26 Aug 2009 17:05:15 +0900] rev 4194
6824265: (tz) TimeZone.getTimeZone allows probing local filesystem
Reviewed-by: peytoia
valeriep [Thu, 20 Aug 2009 17:16:13 -0700] rev 4193
6874407: Missing regression test for 6636650
Summary: Prevent classloader from resurrection
Reviewed-by: hawtin
valeriep [Thu, 20 Aug 2009 14:49:31 -0700] rev 4192
6636650: (cl) Resurrected ClassLoaders can still have children
Summary: Prevent classloader from resurrection
Reviewed-by: hawtin
dcherepanov [Thu, 20 Aug 2009 12:46:43 +0400] rev 4191
6664512: Component and [Default]KeyboardFocusManager pass security sensitive objects to loggers
Summary: toString is called on security sensitive objects
Reviewed-by: art, hawtin
xuelei [Tue, 18 Aug 2009 20:47:13 -0700] rev 4190
6861062: Disable MD2 support
Reviewed-by: mullan, weijun
asaha [Tue, 18 Aug 2009 16:53:23 -0700] rev 4189
Merge
weijun [Tue, 18 Aug 2009 12:10:12 +0800] rev 4188
6864911: ASN.1/DER input stream parser needs more work
Reviewed-by: mullan, xuelei
ohair [Sun, 08 Nov 2009 15:11:10 -0800] rev 4187
6888927: Fix jdk jtreg tests to indicate which ones need othervm, allow for use of samevm option
Reviewed-by: tbell, jjg, alanb
tbell [Fri, 06 Nov 2009 17:27:41 -0800] rev 4186
Merge
martin [Thu, 05 Nov 2009 16:12:45 -0800] rev 4185
6898220: Optimize Formatter.parse (including String.printf)
Summary: Create fewer objects when parsing
Reviewed-by: sherman
Contributed-by: Daniel Martin <dtm@google.com>
martin [Thu, 05 Nov 2009 16:12:45 -0800] rev 4184
6897553: LinkedList performance improvements
Summary: LinkedList of size N creates N+1 instead of N+2 objects. Comparing against null is faster than comparing against sentinel node
Reviewed-by: dl, jjb, forax
martin [Wed, 04 Nov 2009 15:22:30 -0800] rev 4183
6897993: (se) Close or cancel performance issue when number of pending updates is high (lnx)
Summary: Use O(1) Iterator instead of O(N) operations on LinkedList updateList
Reviewed-by: alanb
Contributed-by: Igor Chernyshev <igorc@google.com>