bae [Fri, 20 Feb 2009 13:48:32 +0300] rev 2608
6804996: JWS PNG Decoding Integer Overflow [V-flrhat2ln8]
Reviewed-by: prr
ksrini [Wed, 18 Feb 2009 14:14:03 -0800] rev 2607
6792554: Java JAR Pack200 header checks are insufficent
Summary: Added several checks to ensure that the values read from the headers are consistent
Reviewed-by: jrose
prr [Mon, 05 Jan 2009 11:28:43 -0800] rev 2606
6632886: Font.createFont can be persuaded to leak temporary files
6522586: Enforce limits on Font creation
6652929: Font.createFont(int,File) trusts File.getPath
Reviewed-by: igor
weijun [Tue, 30 Dec 2008 10:42:45 +0800] rev 2605
6717680: LdapCtx does not close the connection if initialization fails
Reviewed-by: vinnie, xuelei
prr [Wed, 24 Dec 2008 15:48:59 -0800] rev 2604
6652463: MediaSize constructors allow to redefine the mapping of standard MediaSizeName values
Reviewed-by: igor, jgodinez
bae [Wed, 03 Dec 2008 13:34:50 +0300] rev 2603
6766136: corrupted gif image may cause crash in java splashscreen library.
Reviewed-by: prr, art
ksrini [Fri, 17 Oct 2008 09:43:30 -0700] rev 2602
6755943: Java JAR Pack200 Decompression should enforce stricter header checks
Summary: Fixes a core dump when fed with a faulty pack file and related malicious take over
Reviewed-by: jrose
alanb [Thu, 09 Oct 2008 21:12:56 +0100] rev 2601
6721753: File.createTempFile produces guessable file names
Reviewed-by: sherman
bae [Thu, 02 Oct 2008 20:37:43 +0400] rev 2600
6726779: ConvolveOp on USHORT raster can cause the JVM crash.
Reviewed-by: igor, prr
okutsu [Thu, 02 Oct 2008 16:49:33 +0900] rev 2599
6734167: Calendar.readObject allows elevation of privileges
Reviewed-by: peytoia