Comment 1 Tim Sammut (RETIRED) 2011-02-02 14:34:06 UTC

Thanks for the new ebuilds, caster. Is it ok if we stabilize =dev-java/icedtea6-bin-1.9.5?

Comment 2 Vlastimil Babka (Caster) (RETIRED) 2011-02-02 14:57:41 UTC

(In reply to comment #1)
> Thanks for the new ebuilds, caster. Is it ok if we stabilize
> =dev-java/icedtea6-bin-1.9.5?
 
Yes please, I was going to ask for it :)

amd64 stable


emerge --info
Portage 2.1.9.25 (default/linux/amd64/10.0, gcc-4.4.4, glibc-2.11.2-r3, 2.6.36-gentoo-r5 x86_64)
=================================================================
System uname: Linux-2.6.36-gentoo-r5-x86_64-AMD_Phenom-tm-_9650_Quad-Core_Processor-with-gentoo-1.12.14
Timestamp of tree: Wed, 02 Feb 2011 13:30:22 +0000
app-shells/bash:     4.1_p9
dev-java/java-config: 2.1.11-r3
dev-lang/python:     2.6.6-r1, 3.1.2-r4
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 1.12.14-r1
sys-apps/sandbox:    2.4
sys-devel/autoconf:  2.13, 2.65-r1
sys-devel/automake:  1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.4-r2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.30-r1 (sys-kernel/linux-headers)
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs collision-protect distlocks fixlafiles fixpackages multilib-strict news parallel-fetch protect-owned sandbox sfperms split-log strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="rsync://mirrors.rit.edu/gentoo/"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X acl amd64 berkdb bzip2 cairo cli cracklib crypt cups cxx dbus device-mapper dri extras fortran gdbm gdu gpm gt3support gtk iconv ipv6 kde mmx mng modules mudflap multilib mysql ncurses nls nptl nptlonly opengl openmp pam pcre perl png policykit pppd python qt3support qt4 readline session sql sqlite sse sse2 ssl svg sysfs tcpd threads unicode webkit xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia vesa fbdev" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, MAKEOPTS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

Comment 4 Agostino Sarubbo 2011-02-04 16:56:07 UTC

(In reply to comment #3)
> amd64 stable

+1

Comment 5 Christian Faulhammer (RETIRED) 2011-02-04 23:21:25 UTC

x86 stable

I can confirm that icedtea 6.1.9.5 bootstrapped just fine via gcj-jdk et. al. on SPARC :)

Comment 7 Vlastimil Babka (Caster) (RETIRED) 2011-02-10 00:28:32 UTC

Stabilization superseeded by bug 354231

Comment 8 Tim Sammut (RETIRED) 2011-02-12 18:54:02 UTC

Stabilization completed in 354231. Rating this B4, which requires a vote.

GLSA Vote: no.

Comment 9 Stefan Behte (RETIRED) 2011-02-23 22:23:51 UTC

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6541476  "PNG imageio plugin incorrectly handles iTXt chunk" might be worth a glsa? 

Comment 10 GLSAMaker/CVETool Bot 2011-06-24 00:33:58 UTC

CVE-2011-0025 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025):
  IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not
  properly verify signatures for JAR files that (1) are "partially signed" or
  (2) signed by multiple entities, which allows remote attackers to trick
  users into executing code that appears to come from a trusted source.

Comment 11 Stefan Behte (RETIRED) 2011-10-08 22:39:53 UTC

Vote: YES. Added to pending GLSA request.

Comment 12 GLSAMaker/CVETool Bot 2014-06-29 15:28:43 UTC

This issue was resolved and addressed in
 GLSA 201406-32 at http://security.gentoo.org/glsa/glsa-201406-32.xml
by GLSA coordinator Mikle Kolyada (Zlogene).