[pkg-java] r12255 - trunk/sun-java6/debian

Torsten Werner twerner at alioth.debian.org
Sun May 2 10:54:31 UTC 2010 

Author: twerner
Date: 2010-05-02 10:54:20 +0000 (Sun, 02 May 2010)
New Revision: 12255

Modified:
   trunk/sun-java6/debian/changelog
Log:
* Add missing changelog entry for CVE-2010-0087 to version 6.19-0ubuntu1.
* Add missing changelog entry for CVE-2010-1423 to version 6.20-1.
  - (CVE-2010-1423): Vulnerability in desktop Java
  - (CVE-2010-0087): Unspecified vulnerability in the Java Web Start, Java
    Plug-in component allows remote attackers to affect confidentiality,
    integrity, and availability via unknown vectors.

Modified: trunk/sun-java6/debian/changelog
===================================================================
--- trunk/sun-java6/debian/changelog	2010-05-02 10:15:23 UTC (rev 12254)
+++ trunk/sun-java6/debian/changelog	2010-05-02 10:54:20 UTC (rev 12255)
@@ -6,6 +6,8 @@
   * Add a some information to README.Debian that explains how to enable the
     plugin in Iceweasel. (Closes: #541154)
   * Add myself to Uploaders.
+  * Add missing changelog entry for CVE-2010-0087 to version 6.19-0ubuntu1.
+  * Add missing changelog entry for CVE-2010-1423 to version 6.20-1.
 
  -- Torsten Werner <twerner at debian.org>  Sun, 02 May 2010 12:07:16 +0200
 
@@ -37,6 +39,7 @@
   * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
     - (CVE-2010-0886): Vulnerability in desktop Java
     - (CVE-2010-0887): Vulnerability in desktop Java
+    - (CVE-2010-1423): Vulnerability in desktop Java
 
  -- Sylvestre Ledru <sylvestre at debian.org>  Fri, 16 Apr 2010 16:54:12 +0200
 
@@ -73,6 +76,9 @@
     - (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret
       network addresses (6893954) [ZDI-CAN-603].
     - (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390).
+    - (CVE-2010-0087): Unspecified vulnerability in the Java Web Start, Java
+      Plug-in component allows remote attackers to affect confidentiality,
+      integrity, and availability via unknown vectors.
     - (CVE-2010-0091): Unsigned applet can retrieve the dragged information
       before drop action occurs (6887703).
     - (CVE-2010-0088): Inflater/Deflater clone issues (6745393).

More information about the pkg-java-commits mailing list