From the changelog of ibm-jdk-bin 1.5.0.6: asdev-20070928 125917 IZ05366 c N/A Sun security fixes 6608640 and 6609269 asdev-20070921 125434 IZ04780 c N/A Sun Security fix 6605149 asdev-20070915 124940 - c N/A X509Factory does not use SecurityManager audev-20070914 125019 IZ04776 c N/A Sun Security WebRev Bundles Announcement September 08, 2007 asdev-20070914 125019 IZ04776 c N/A Sun Security WebRev Bundles Announcement September 08, 2007 You can get the full changelog by going to the download page from here (unfortunately requires registration) http://www-128.ibm.com/developerworks/java/jdk/linux/download.html Didn't find any IBM security advisories, but maybe they exist too.
Arches, please stabilize: dev-java/ibm-jdk-bin-1.5.0.6 dev-java/ibm-jre-bin-1.5.0.6 The distfiles are as usual available via scp from d.g.o/~caster/tmp/
x86 stable
ppc64 stable
stable on amd64
ppc stable
So I found the security alerts url today, and know that 1.4.2.9 is also affected, and the fixed 1.4.2.10 is not yet available so we have to wait.
Hm looks like 1.4.2.10 was finally released month ago, so bumped. Arches, please stabilize: dev-java/ibm-jdk-bin-1.4.2.10 dev-java/ibm-jre-bin-1.4.2.10 The distfiles will be as usual available via scp from d.g.o/~caster/tmp/ Pretty sure this does not affect release...
Adding release just to make sure.
IBMJava2-SDK-1.4.2-10.0.tgz is missing, Vlastimil. /me will never ever touch the IBM interface again.
Back to ebuild to get this fixed.
(In reply to comment #10) > Back to ebuild to get this fixed. Not needed, really...masochistic people could get the tarball themselves (and ppc, amd64, ppc64 are complete, by the way).
Ahh ok. Thx.
Sorry, my upload rate sucks, had to interrupt it and forgot to resume. It's all there now.
Pretty sure this is good for ppc64 now, heh, ping if not...stuck in releng work
1.4.2.10 stable for ppc
amd64 stable
And now I've done ibm-jre-bin too!
Fixed in release snapshot.
Yeah, sure, glsa with other ibm bugs :-)
GLSA 200806-11