1.5.0.12 FP1 and 1.6.0.8 FP1 are now out

Comment 2 Vlastimil Babka (Caster) (RETIRED) 2010-09-16 21:30:28 UTC

Seems there are security reasons for the bumps:

1.6 slot: http://www.ibm.com/developerworks/java/jdk/alerts/ mentions     CVE-2010-0887
1.5 slot: http://www-01.ibm.com/support/docview.wss?uid=swg21420576 mentions some sun security bulletins (at least in .11 FP 2 which we don't have so .12 FP1 will work too)

Comment 3 Vlastimil Babka (Caster) (RETIRED) 2010-09-16 21:50:40 UTC

Please stabilize:
dev-java/ibm-jdk-bin-1.6.0.8_p1
dev-java/ibm-jdk-bin-1.5.0.12_p1
dev-java/ibm-jre-bin-1.6.0.8_p1
dev-java/ibm-jre-bin-1.5.0.12_p1

distfiles will be available as usual via ssh in d.g.o:~caster/tmp

Comment 4 Christian Faulhammer (RETIRED) 2010-09-17 06:12:44 UTC

(In reply to comment #3)
> Please stabilize:
> dev-java/ibm-jdk-bin-1.5.0.12_p1
> dev-java/ibm-jre-bin-1.5.0.12_p1
> 
> distfiles will be available as usual via ssh in d.g.o:~caster/tmp

 Those distfiles are not there.

Comment 5 Vlastimil Babka (Caster) (RETIRED) 2010-09-20 15:38:58 UTC

(In reply to comment #4)
>  Those distfiles are not there.
 
Fixed, sorry.

Comment 6 Markos Chandras (RETIRED) 2010-09-26 12:07:34 UTC

amd64 done

Comment 7 Brent Baude (RETIRED) 2010-09-28 22:27:11 UTC

ppc64 and ppc done

Comment 8 Markus Meier 2010-10-05 20:29:08 UTC

x86 stable, all arches done.

Comment 9 Stefan Behte (RETIRED) 2010-10-07 21:52:18 UTC

GLSA request filed.

Comment 10 Aaron Bauman (RETIRED) 2016-03-05 11:26:32 UTC

A quick search shows no results for a GLSA that was released per previous comments.

The issue was fixed in later releases from Sun and marked stable.  No vulnerable versions are in the tree as of a long time.  The package is also masked.

Comment 11 Aaron Bauman (RETIRED) 2016-03-05 11:40:53 UTC

Packages dropped 25 Mar 2011 per [0].


[0]: https://gitweb.gentoo.org/data/gentoo-changelogs.git/diff/dev-java/ibm-jre-bin/ChangeLog-2015?id=24fda3d26454a64df85305138f44cae40c7b9678