NOTICE: This package has been removed from pkgsrc

./lang/sun-jre15, Suns Java(tm) 2 Standard Edition, JRE 5.0 Update 22

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]


Branch: CURRENT, Version: 5.0.22, Package name: sun-jre15-5.0.22, Maintainer: pkgsrc-users

This is the Linux port of the Sun Java(tm) Runtime Environment (J2SE 5.0).

DEINSTALL [+/-]
DEINSTALL.tmpl [+/-]
MESSAGE.NetBSD [+/-]

Required to run:
[emulators/suse100_locale] [emulators/suse100_x11] [emulators/suse100_compat]

SHA1: 9371ed7545d993667fb4297081e6659493a60889
RMD160: 37e139b6ba9b8f0f0d6c0b5a06ad2c10114811fb
Filesize: 16451.248 KB

Version history: (Expand)


CVS history: (Expand)


   2010-02-10 18:42:33 by Joerg Sonnenberger | Files touched by this commit (54) | Package removed
Log message:
Retire jdk, jdk-openjit, sun-jdk14, sun-jdk15, sun-jre14, sun-jre15.
   2009-11-22 20:46:11 by David Brownlee | Files touched by this commit (2) | Package updated
Log message:
Updated lang/sun-jre15 to 5.0.22

Changes in 1.5.0_22

The full internal version number for this update release is 1.5.0_22-b03 (where \ 
"b" means "build"). The external version number is 5.0u22.
OlsonData 2009m

This release contains Olson time zone data version 2009m. For more information, \ 
refer to Timezone Data Versions in the JRE Software .

Security Baseline

This update release specifies the following security baseline:
JRE Family Version 	Java SE
Security Baseline 	Java SE for Business
Security Baseline 1.4.2 	1.4.2_19 	1.4.2_24

In December, 2008, Java SE 1.4.2 reached its end of service life with the \ 
release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) \ 
include the Access Only option and are available to Java SE for Business \ 
subscribers.

For more information about the security baseline, see Deploying Java Applets \ 
With Family JRE Versions in Java Plug-in for Internet Explorer .

Root Certificates

Root Certificates are included in this release.

    * Added one new root certificate for SECOM. (Refer to 6872579.)
    * Added one new root certificate for GlobalSign. (Refer to 6860447.)

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more \ 
information, please see Sun Alerts 269868, 270474, 270475, and 270476.

Bug fixes for vulnerabilities are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6631533 	java 	classes_2d \ 
	ICC_Profile allows detecting if some files exist
6815780 	java 	classes_2d 	TrueType font parsing crash when stressing Sun Bug \ 
6751322 test case
6822057 	java 	classes_2d 	X11 and Win32GraphicsDevice don't clone arrays \ 
returned from getConfigurations()
6862969 	java 	classes_2d 	JPEG JFIF Decoder issue
6862970 	java 	classes_2d 	Image Color Profile parsing issue
6872357 	java 	classes_2d 	JRE AWT setDifflCM vulnerable to Stack Overflow
6872358 	java 	classes_2d 	JRE AWT setBytePixels vulnerable to Heap Overflow
6664512 	java 	classes_awt 	Component and [Default]KeyboardFocusManager pass \ 
security sensitive objects to loggers
6636650 	java 	classes_lang 	(cl) Resurrected ClassLoaders can still have children
6861062 	java 	classes_security 	Disable MD2 in certificate chain validation
6863503 	java 	classes_security 	SECURITY: MessageDigest.isEqual introduces \ 
timing attack vulnerabilities
6864911 	java 	classes_security 	ASN.1/DER input stream parser needs more work
6854303 	java 	classes_sound 	Sun Java HsbParser.getSoundBank Stack Buffer \ 
Overflow Vulnerability
6657026 	java 	classes_swing 	Numerous static security flaws in Swing (findbugs)
6657138 	java 	classes_swing 	Mutable statics in Windows PL&F (findbugs)
6824265 	java 	classes_util_i18n 	(tz) TimeZone.getTimeZone allows probing local \ 
filesystem
6632445 	java 	imageio 	DoS from parsing BMPs with UNC ICC links
6862968 	java 	imageio 	JPEG Image Writer quantization problem
6874643 	java 	imageio 	ImageI/O JPEG is vulnerable to Heap Overflow
6869694 	java 	install 	java update malfunctioning

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6876061 	java 	classes_awt 	Following \ 
JCK5 test not working as exp-d on linux: awt-interactive-ComponentTests
6860447 	java 	classes_security 	Add GlobalSign R3 Root certificate to the JDK
6872579 	java 	classes_security 	Add SECOM Root CA 2 to JDK
6880110 	java 	classes_util_i18n 	(tz) Support tzdata2009m

Changes in 1.5.0_21

The full internal version number for this update release is 1.5.0_21-b01 (where \ 
"b" means "build"). The external version number is 5.0u21.
OlsonData 2009l

This release contains Olson time zone data version 2009l. For more information, \ 
refer to Timezone Data Versions in the JRE Software .

Security Baseline

This update release specifies the following security baseline:
	JRE Family Version 	Java SE
Security Baseline 	Java SE for Business
Security Baseline 1.4.2 	1.4.2_19 	1.4.2_22

On October 30, 2008, Java SE 1.4.2 reached its end of service life with the \ 
release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) \ 
include the Access Only option and are available to Java SE for Business \ 
subscribers.

For more information about the security baseline, see Deploying Java Applets \ 
With Family JRE Versions in Java Plug-in for Internet Explorer .

Additional Supported System Configurations

As of this update, support has been added for the following system configurations:

    * Windows Vista SP2
    * Windows Server 2008 SP2

Refer to the Supported System Configurations page.
Bug Fixes

Bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6422099 	hotspot 	compiler2 	C2 \ 
assert("live value must not be garbage")
6445745 	hotspot 	compiler2 	TransformerManagementThreadAddTests.java fails an \ 
assertion
6772683 	hotspot 	compiler2 	Thread.isInterrupted() fails to return true on \ 
multiprocessor PC
6842999 	hotspot 	runtime_system 	Update hotspot windows os_win32 for windows 2008 R2
6845161 	jaas 	login 	Bottleneck in Configuration.getConfiguration synchronized call
6860491 	java 	classes_awt 	WRAP_TIME_MILLIS incorrectly set
6843003 	java 	classes_lang 	Windows Server 2008 R2 system recognition
6808046 	java 	classes_swing 	Having image problems on Asian Languages display
6645292 	java 	classes_text 	[Fmt-Da] Timezone Western Summer Time (Australia) \ 
is parsed incorrectly
6665028 	java 	classes_text 	native code of method j*.text.Bidi.nativeBidiChars \ 
is using the contents of a primitive array direct
6872467 	java 	classes_util_i18n 	(tz) Support tzdata2009l
6814140 	java 	classes_util_logging 	deadlock due to synchronized demandLogger() \ 
code that locks ServerLogManager
6817482 	java_plugin 	iexplorer 	On IE, modal JDialog from an Applet in html \ 
frame is not modal
6432317 	java_plugin 	misc 	Vista: Java Plugin won't be able to launch extension \ 
installers.
6818278 	javawebstart 	jnlp_file 	sunmc console when started with javaws does \ 
not communicate with the firewall port range
6748156 	jndi 	ldap 	add an new JNDI property to control the boolean flag \ 
WaitForReply (JDK5)
6750362 	jndi 	ldap 	Very large LDAP requests throw a OOM on LDAP servers which \ 
aren't aware of Paged Results Controls
   2009-08-20 10:46:40 by OBATA Akio | Files touched by this commit (4) | Package updated
Log message:
Update sun-{jre,jdk}15 to 1.5.0.20.

Changes in 1.5.0_20

The full internal version number for this update release is 1.5.0_20-b02 (where
"b" means "build"). The external version number is 5.0u20.
OlsonData 2009i

This release contains Olson time zone data version 2009i. For more information,
refer to Timezone Data Versions in the JRE Software .

Security Baseline

This update release specifies the following security baseline:
JRE Family Version 	Java SE
Security Baseline 	Java SE for Business
Security Baseline 1.4.2 	1.4.2_19 	1.4.2_22

In December, 2008, Java SE 1.4.2 reached its end of service life with the
release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above)
include the Access Only option and are available to Java SE for Business
subscribers.

For more information about the security baseline, see Deploying Java Applets
With Family JRE Versions in Java Plug-in for Internet Explorer .

Root Certificates

Root Certificates are included in this release.

    * Added one new root certificate and removed 3 root certificates from \ 
Entrust. (Refer to 6805338.)
    * Added three new root certificates from Keynectis. (Refer to 6845457.)
    * Added three new root certificates from Quovadis. (Refer to 6846473.)

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more
information, please see Sun Alerts 263408 , 263409 , 263488 , 263489 , and 264648.

Bug fixes for vulnerabilities are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6656610 	java 	accessibility \ 
	AccessibleResourceBundle.getContents exposes mutable static (findbugs)
6656586 	java 	classes_awt 	Cursor.predefined is protected static mutable (findbugs)
6660539 	java 	classes_beans 	Introspector cache mutable static
6446522 	java 	classes_lang 	3Y Race condition in reflection checks
6801071 	java 	classes_net 	Remote sites can compromise user privacy and \ 
possibly hijack web session
6801497 	java 	classes_net 	Proxy is assumed to be immutable but is non-final
6406003 	java 	classes_security 	Security issues in the Provider class
6429594 	java 	classes_security 	Fix for 6406003 can be circumvented
6444262 	java 	classes_security 	Provider deserialization still has problems
6657695 	java 	classes_security 	AbstractSaslImpl.logger is a static mutable \ 
(findbugs)
6657625 	java 	classes_sound 	RmfFileReader/StandardMidiFileWriter.types are \ 
public mutable statics (findbugs)
6738524 	java 	classes_sound 	JDK13Services allows read access to system \ 
properties from untrusted code
6777448 	java 	classes_sound 	JDK13Services.getProviders creates instances with \ 
full privileges
6588003 	java 	classes_swing 	LayoutQueue mutable statics
6660049 	java 	classes_swing 	Synth Region.uiToRegionMap/lowerCaseNameMap are \ 
mutable statics
6656625 	java 	imageio \ 
	ImageReaderSpi.STANDARD_INPUT_TYPE/ImageWriterSpi.STANDARD_OUTPUT_TYPE are \ 
mutable static (findbugs)
6657133 	java 	imageio 	Mutable statics in imageio plugins (findbugs)
6830335 	java 	jar 	Java JAR Pack200 Decompression Integer Overflow Vulnerability
6862844 	javawebstart 	other 	java web start ActiveX control security problem \ 
caused by ATL PROP_ENTRY macro
6845701 	jaxp 	parse 	Xerces2 Java XML library infinite loop with malformed XML input
6657619 	jndi 	dns 	DnsContext.debug is public static mutable (findbugs)

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6851379 	java 	classes_2d 	font files \ 
not deleted upon exit
6805338 	java 	classes_security 	Add 1 new Entrust root CA cert and remove 3 \ 
others with 1024 bit keys
6845457 	java 	classes_security 	Add root certs for Keynectis CA
6846473 	java 	classes_security 	Add QuoVadis root CA certs to the JRE
6848984 	java 	classes_util_i18n 	(tz) Support tzdata2009i
6851214 	java 	classes_util_i18n 	(tz) New Jordan rule creates a failure for \ 
SimpleTimeZone parsing post tzdata2009h
   2009-08-20 10:40:30 by OBATA Akio | Files touched by this commit (2)
Log message:
Fixes PLIST entries as noticed by PR 41892.
   2009-08-04 10:13:56 by David Brownlee | Files touched by this commit (1)
Log message:
remove ${WRKSRC}/lib/servicetag/registration.xml before install
   2009-07-24 02:12:17 by OBATA Akio | Files touched by this commit (1)
Log message:
Fixes jce optional entries.
   2009-07-23 19:14:40 by David Brownlee | Files touched by this commit (5) | Package updated
Log message:
Updated lang/sun-jre15 to 5.0.19

Changes in 1.5.0_19

The full internal version number for this update release is 1.5.0_19-b02 (where \ 
"b" means "build"). The external version number is 5.0u19.
OlsonData 2009g

This release contains Olson time zone data version 2009g. For more information, \ 
refer to Timezone Data Versions in the JRE Software .

Security Baseline

This update release specifies the following security baseline:
JRE Family Version 	Java SE
Security Baseline 	Java SE for Business
Security Baseline 1.4.2 	1.4.2_19 	1.4.2_20

In December, 2008, Java SE 1.4.2 reached its end of service life with the \ 
release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) \ 
include the Access Only option and are available to Java SE for Business \ 
subscribers.

For more information about the security baseline, see Deploying Java Applets \ 
With Family JRE Versions in Java Plug-in for Internet Explorer .

Additional Supported System Configurations

As of this update, support has been added for the following system configurations:

    * Internet Explorer 8
    * Windows Server 2008
    * SLES 11

Refer to the Supported System Configurations page.
Service Tag Support

Service Tag support on Solaris, Linux, and Windows is add in this release. If \ 
Service Tag software has been installed on a system where JRE 1.5.0_19 is being \ 
installed, a unique service tag is automatically created for that particular JRE \ 
instance. There is no change in the JDK/JRE installation instruction, and there \ 
is no change in the Java runtime.

Service Tag software can be downloaded from Sun Inventory. JDK and JRE service \ 
tags allow installed instances of the JDK and JRE to be discovered and \ 
registered under a user's account on Sun Connection.
Known Issues

    IE 8 Hangs with OBJECT Tag

    When an OBJECT tag is used to specify an applet, and the browser does not \ 
receive any mouse button events or keyboard events before the browser gets to \ 
the point of interpreting (executing) the OBJECT> tag, then IE 8 hangs.

    This bug is seen when an html file containing OBJECT tag is specified as a \ 
command line parameter while launching IE. For example:

    iexplorer.exe  file.html

    In this case, there is no mouse button event between invocation of IE and \ 
OBJECT tag execution.

    A workaround is to force the user to use a mouse or keyboard before IE8 \ 
reaches the tag. For example, if applet.html contains an OBJECT tag, then the \ 
following command line invocation hangs the browser:

    iexplorer.exe applet.html

    However, if you specify applet.html in another html file, as follows, then \ 
the user is forced to use the keyboard or mouse button, and the hang does not \ 
occur:

    <HTML><BODY><A href="file:applet.html"> click \ 
</A> </BODY></HT
    ML>

    Refer to CR 6825659 for further information.

Bug Fixes

Bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6260293 	hotspot 	compiler2 	fix \ 
set_ctrl() inconsistencies in loopopts
6394438 	hotspot 	compiler2 	crash in C2 compiler in \ 
MachSpillCopyNode::implementation on 5.0_U4
6435614 	hotspot 	compiler2 	code fails with impossible ArrayIndexOutOfBounds \ 
Exception
6754146 	hotspot 	compiler2 	1.5.0_15 C2 compiler crashes in PhaseChaitin::Split()
6788347 	hotspot 	compiler2 	C2Compiler crash 6u7
6798785 	hotspot 	compiler2 	Crash in OopFlow::build_oop_map: incorrect \ 
comparison of 64bit pointers
5081701 	hotspot 	garbage_collector 	CMS: ATG crash with perm gen collection enabled
6415354 	hotspot 	garbage_collector 	CMS: \ 
assert(thisOop->is_oop_or_null(true),"expected an oop or NULL")
6722112 	hotspot 	garbage_collector 	CMS: Incorrect encoding of overflown object \ 
arrays during concurrent precleaning
6722113 	hotspot 	garbage_collector 	CMS: Incorrect overflow handling during \ 
precleaning of Reference lists
6739357 	hotspot 	garbage_collector 	CMS: Switch off CMSPrecleanRefLists1 until \ 
6722113 can be fixed
6786503 	hotspot 	garbage_collector 	Overflow list performance can be improved
6787254 	hotspot 	garbage_collector 	Work queue capacity can be increased \ 
substantially on some platforms
6751861 	hotspot 	jvmti 	Memory leak occurs in JVMTI(jdk5.0u16)
6447157 	hotspot 	other 	Crashdump (hs_err_pid*.log) does not contain the crash time
6320309 	hotspot 	runtime_system 	symbol resolution -- wait() vs interrupt -- \ 
can result in IE being thrown from unexpected locations
6680485 	hotspot 	runtime_system 	Wrong error-handling with Solaris-specific \ 
interruptible I/O (Solaris)
6821003 	hotspot 	runtime_system 	Update hotspot windows os_win32 for windows 7
6277781 	idl 	serialization 	Serialization of Enums over IIOP is broke.
6614558 	idl 	serialization 	jmx interop JDK5 - JDK6 issue when calling getMBeanInfo
6529796 	java 	char_encodings 	Support JIS X 0213:2004 in existing JDK versions, \ 
especially for Windows Vista
6710199 	java 	char_encodings 	SJIS_0213 does not handle "unmappable" \ 
encoding operation correctly
4744405 	java 	classes_2d 	RFE: lookupPrintServices() to refresh the printers \ 
list dynamically
6358622 	java 	classes_2d 	hotspot crash when printing to non-available network \ 
printer
6428762 	java 	classes_2d 	RHEL5: Sazanami Mincho Font rendering quality is poor
6574633 	java 	classes_2d 	native printDialog crashes when changing printer
6633656 	java 	classes_2d 	Cross platform print dialog doesn't check for \ 
orientation being unsupported.
6524352 	java 	classes_awt 	support for high-resolution mouse wheel
6668385 	java 	classes_awt 	Java applet crashes IE 6 in \ 
AwtComponent::ImmAssociateContext()
6675956 	java 	classes_awt 	REGRESSION : Different behavior of \ 
Container.findComponentAt in jdk5
6707023 	java 	classes_awt 	Chinese Characters in JTextPane Cause Pane to Hang
6219755 	java 	classes_io 	PipedOutputStream.write() remains blocked after \ 
PipedInputStream was closed
6242664 	java 	classes_lang 	String.offsetByCodePoints doesn't work for Strings \ 
returned by String.substring
6819886 	java 	classes_lang 	System.getProperty("os.name") reports \ 
Vista on Windows 7
6651382 	java 	classes_management 	The Java JVM SNMP provider reports incorrect \ 
stats when asked for multiple OIDs
6598160 	java 	classes_net 	Windows IPv6 Socket implementation doesn't set the \ 
handle to not inherit
6648001 	java 	classes_net 	Cancelling HTTP authentication causes subsequent \ 
deadlocks
6693244 	java 	classes_net 	Java Web Start app fails on 6u10 beta w/ \ 
AssertionError in AuthenticationInfo.requestCompleted
5100121 	java 	classes_nio 	(se) select not immune to EINTR
6497734 	java 	classes_nio 	(dc) assert "JNI handle should not be \ 
null" under Java_sun_nio_ch_FileDispatcher_preClose0()
6552236 	java 	classes_security 	PolicyFile not synchronized during refresh
6699856 	java 	classes_swing 	Creating text in a JTextPane using Chinese text \ 
causes undesired behavior
6735259 	java 	classes_swing 	NPE at \ 
WindowsComboBoxUI$XPComboBoxButton.getState(WindowsComboBoxUI.java:408)
4823811 	java 	classes_text 	[Fmt-Da] SimpleDateFormat patterns don't allow \ 
embedding of some literal punctuation
6576792 	java 	classes_util_concurrent 	ThreadPoolExecutor methods leak \ 
interrupts when run in pool threads
6409997 	java 	classes_util_i18n 	Default locale/encoding detection for Windows Vista
6834474 	java 	classes_util_i18n 	(tz) Support tzdata2009g
6740278 	java 	dragndrop 	An image(256 colors) in clipboard should be displayed \ 
correctly
6404011 	java 	imageio 	IllegalArgumentException: "Invalid ICC Profile \ 
Data" when reading certain JPEGs
6687968 	java 	imageio 	PNGImageReader leaks native memory through an Inflater.
6541870 	java 	serialization 	NullPointerException in ObjectInputStream with \ 
Externalizables
6608975 	java 	serviceability 	HeapDumpPath option is ignored for dumps written \ 
by HeapDumpOnCtrlBreak functionality
6745217 	java 	serviceability 	jmap throws \ 
sun.jvm.hotspot.utilities.AssertionFailure: BitMap index out of bounds \ 
(1.5.0_15-b04)
6754987 	java 	serviceability 	Crash triggering Heapdump via \ 
-XX:+HeapDumpOnCtrlBreak AND -XX:+UseParallelOldGC
6803304 	java 	sunservicetags 	Service Tag support for JRE for solaris/linux/windows
6680432 	java_deployment 	security 	Display only Digital Signature key usage \ 
certificate in client authentication dialog box.
6567254 	java_plugin 	ns6 	Stack stomp in CSecureJNIEnv
6603064 	java_plugin 	other 	Legacy_lifecycle:Exception getting thrown on while \ 
making LiveConnect calls once applet is refreshed
6595618 	java_plugin 	plugin 	Intermittent problems with signed applet \ 
certificate verification
6618901 	java_plugin 	plugin 	6.0 JRE applet running on Vista limits heap to 64 MB
6696175 	javawebstart 	jnlp_file 	javaws not recognizing properties which \ 
contains % character
6809409 	jaxp 	sax 	jaxp Issue 56 SAXException doesn't do the exception chaining \ 
properly
6809019 	jaxp 	xslt 	Performance degradation for fix to: 6537909 in 1.5.0_14
6796140 	jets 	other 	Further ORB changes after 6725987
6176036 	jndi 	ldap 	Require a way to specify read timeout for LDAP operations

Changes in 1.5.0_18

The full internal version number for this update release is 1.5.0_18-b02 (where \ 
"b" means "build"). The external version number is 5.0u18.
Security Baseline

This update release specifies the following security baseline:
	JRE Family Version 	Security Baseline 1.4.2 	1.4.2_20

For more information about the security baseline, see Deploying Java Applets \ 
With Family JRE Versions in Java Plug-in for Internet Explorer .

OlsonData 2009a

This release contains Olson time zone data version 2009a. For more information, \ 
refer to Timezone Data Versions in the JRE Software .

Java Naming and Directory Interface (JNDI) API Change

The behavior of the JNDI feature to store and retrieve Java objects in an LDAP \ 
directory has been slightly modified.

When storing a Java object in an LDAP directory, the location of the object's \ 
class file (its codebase) may be specified. Later, when restoring the original \ 
object, its codebase along with additional object data is retrieved from the \ 
directory and used by the class loader.

An object's codebase is no longer implicitly trusted. Instead, a new system \ 
property called com.sun.jndi.ldap.object.trustURLCodebase must explicitly be set \ 
to the string value true in order for a codebase to be used. Otherwise, the \ 
codebase will be ignored by the class loader when restoring a Java object, and \ 
only those class files that appear on the classpath will be recognized.

Java Management Extensions(JMX) Change
In a JMX access property file, the readwrite access no longer allows the remote \ 
createMBean and unregisterMBean operations. These must now be provided \ 
explicitly via new clauses.

The default jmxremote.access file of the JRE \ 
($JRE_HOME/lib/management/jmxremote.access) shows what this looks like:

monitorRole  readonly
controlRole  readwrite \
            create javax.management.monitor.*,javax.management.timer.* \
            unregister

CORBA Memory Leak Fix - Special Note

This update release and revision 5.0u16-rev-b12 and subsequent updates and \ 
revisions contain a fix for 6725987. When using updates and revisions prior to \ 
these, an ORB may contain valid references (that is, a memory leak) even after \ 
calling its shutdown() and destroy() methods, and it may respond to some method \ 
calls.

With this fix, the ORB correctly cleans up and the Garbage Collector can free up \ 
the memory held by such references. Incorrect accesses to such references or \ 
methods are likely to result in a NullPointerException to the application.

Root Certificates Included

Root Certificates are included in this release. The following root certificates \ 
have been added:

    * VeriSign TSA Root Cert to the JDK (Refer to 6732157.)
    * Two additional T-systems root CA certs (Refer to 6803022.)
    * Two Unizeto root certs (Refer to 6803036.)

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more \ 
information, please see Sun Alerts 254569, 254570, 254571, 254608, and 254611.

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6676016 	hotspot 	garbage_collector \ 
	ParallelOldGC leaks memory
6461933 	java 	classes_awt 	To adjust system boot time in nowMillisUTC() frequently
6637607 	java 	classes_awt 	1st char. is discarded after a modal dialogue shows \ 
up and disappears
6677578 	java 	classes_awt 	Print dialog doesn't come up when brower window is \ 
maximized
6571589 	java 	classes_lang 	(thread) Thread.getStackTrace() returns null
6446855 	java 	classes_net 	https connections failing when connecting through a proxy
6687282 	java 	classes_net 	URLConnection for HTTPS connection through Proxy w/ \ 
Digest Authentication gives 400 Bad Request
6720866 	java 	classes_net 	Slow performance using HttpURLConnection for upload
6732157 	java 	classes_security 	Add VeriSign TSA Root Cert to the JDK
6803022 	java 	classes_security 	Add T-systems root CA certs to the JRE
6803036 	java 	classes_security 	Add Unizeto root certs to the JRE
6639183 	java 	classes_util_concurrent 	Scheduling large negative delay hangs \ 
entire ScheduledExecutor
6725789 	java 	classes_util_concurrent 	ScheduledExecutorService does not work \ 
as expected in jdk7/6/5
6598520 	java 	classes_util_i18n 	(tz) Windows time zone mapping table needs to \ 
be updated for KB933360
6650748 	java 	classes_util_i18n 	(tz) Java runtime doesn't detect VET time zone \ 
correctly on Windows
6743394 	java 	classes_util_i18n 	(tz) tzmappings must be updated for Windows
6783139 	java 	classes_util_i18n 	(tz) Windows time zone mapping table needs to \ 
be updated for KB955839
6796489 	java 	classes_util_i18n 	(tz) Support tzdata2009a
6487638 	java 	classes_util_logging 	Calling LogManager.addLogger() and \ 
Logger.getLogger() cause deadlock
6719011 	java_plugin 	ocx 	Applet isn't started when it's outside of the visible \ 
area of a browser window
6643769 	java_plugin 	other 	Applet main windows steals focus on Popup windows \ 
which is running Applet.
6784894 	java_plugin 	other 	Regression: applets loaded from local disk can not \ 
access co-located resources
6591117 	jce 	pkcs11_csp 	Poor preformance of PKCS#11 security provider compared \ 
to Sun default provider
6725987 	jets 	other 	ORB.destroy() does not cleanup correctly and ORB object \ 
instances are not garbage collected.

Changes in 1.5.0_17

The full internal version number for this update release is 1.5.0_17-b04 (where \ 
"b" means "build"). The external version number is 5.0u17.
Security Baseline

This update release specifies the following security baseline:
	JRE Family Version 	Security Baseline 1.4.2 	1.4.2_19

For more information about the security baseline, see Deploying Java Applets \ 
With Family JRE Versions in Java Plug-in for Internet Explorer .

OlsonData 2008i

This release contains Olson time zone data version 2008i. For more information, \ 
refer to Timezone Data Versions in the JRE Software .

Updated UTF-8 Charset Implementation

Due to security concerns, the UTF-8 charset implementation in the JRE has been \ 
updated to handle the non-shortest form of UTF-8 byte sequences, and this \ 
introduces an incompatibility from previous releases. For example, the byte \ 
sequence of 0xc0 0xaf for U+002f, which has the shortest form of 0x2f, is a \ 
malformed input to the decoding operation. More details regarding the \ 
Non-shortest form of UTF-8 can be found at:

    * UTF8-Shortest Form
    * UTF8 Specification

Root Certificates Included

Root Certificates are included in this release. The following root certificates \ 
have been added:

    * Camerfirma root certificates
    * T-systems root CA certificate (Deutsche Telekom Root CA 2)
    * SwissSign root certificates

Bug Fixes

This release contains fixes for one or more security vulnerabilities. For more \ 
information, please see Sun Alerts 244986, 244987, 244988, 244990, 244991, \ 
244992, 245246, 246266, 246286, 246346, 246386, and 246387.

Other bug fixes are listed in the following table.
	BugId 	Category 	Subcategory 	Description 6403625 	hotspot 	compiler2 	crash in \ 
compiled code when using profiler agent
6519515 	hotspot 	compiler2 	Loop-opts incorrectly removed a safepoint poll from \ 
a loop with an early exit
6606675 	hotspot 	compiler2 	Crash in CodeBuffer resize in 1.4.2_15
6676462 	hotspot 	compiler2 	JVM sometimes would suddenly consume significant \ 
amount of memory
6704367 	hotspot 	runtime_system 	Stack sizes error with 1.5.0_14
6372405 	idl 	orb 	Server thread hangs when fragments don't complete because of \ 
connection abort
5005426 	java 	char_encodings 	Buffered stream data is discarded by \ 
IllegalStateException in 1.4.2 and Tiger
6359722 	java 	classes_2d 	Uncatchable recursive NullPointerException at \ 
sun.font.TrueTypeFont.open()
6448405 	java 	classes_2d 	static HashMap cache in LineBreakMeasurer can grow \ 
wihout bounds
6525150 	java 	classes_2d 	Printer has "paper out" status and won't \ 
print due to a PrinterException
6638533 	java 	classes_2d 	Layout should not apply shaping to precomposed arabic \ 
presentation form glyphs.
6532373 	java 	classes_awt 	xcb_xlib.c:50: xcb_xlib_unlock: Assertion \ 
'c->xlib.lock' failed.
6678061 	java 	classes_awt 	undefined keycodes for certain keyboard layouts
6689088 	java 	classes_awt 	Focus traversal doesn't work in the reverse order / \ 
related to the SR 70175950 / CR 6684528
6446990 	java 	classes_net 	HttpURLConnection#available() reads more and more \ 
data into memory
6448457 	java 	classes_nio 	(ch) Channels.newOutputStream().write() does not \ 
write all data
6728890 	java 	classes_security 	Add SwissSign root certificates to the JDK
6754779 	java 	classes_security 	Add Camerfirma root certificates to the JDK
6768559 	java 	classes_security 	Add t-systems root CA certificate (Deutsche \ 
Telekom Root CA 2) to the JRE
6438246 	java 	classes_swing 	File name field is mislabeled when JFileChooser is \ 
used in DIRECTORIES_ONLY mode
6581899 	java 	classes_swing 	JTextField & JTextArea - Poor performance with \ 
JRE 1.5.0_08
6648714 	java 	classes_swing 	JScrollPane repaints incorrectly on larger monitor \ 
of dual monitor system (5.0)
6466476 	java 	classes_util_i18n 	(tz) Introduction of tzdata2005r can introduce \ 
incompatility issues with some JDK1.1 3-letter TZ Ids
6764308 	java 	classes_util_i18n 	(tz) Support tzdata2008i
6623981 	java 	compiler 	javac StackOverFlowError in 1.4.1/1.4.2
6709709 	java 	javadoctool 	javadoc does not get compilation errors after type \ 
erasure
6536107 	java_plugin 	iexplorer 	GDI leak detected by opening the Print Dialog \ 
repeatedly
6746185 	javawebstart 	other 	Malformed URL Exception: JWS regression introduced \ 
in 1.5.0_16
6578538 	jce 	classes_crypto 	com.sun.crypto.provider.SunJCE instance leak using \ 
KRB5 and LoginContext
6697180 	jmx 	classes 	JMX query results in java.io.IOException: Illegal state - \ 
also a deadlock can also be seen
6618387 	jsse 	runtime 	SSL client sessions do not close cleanly. A TCP reset \ 
occurs instead of a close_notify alert.
6668231 	jsse 	runtime 	Presence of a critical subjectAltName causes JSSE's \ 
SunX509 to fail trusted checks
   2009-06-14 22:34:16 by Joerg Sonnenberger | Files touched by this commit (29)
Log message:
Replace @exec/@unexec with @pkgdir or drop it.