IcedTea6 1.11.1 Released!

A new release of IcedTea6 1.11 branch is now available: 1.11.1

The update contains the following security fixes:

- S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
- S7088367, CVE-2011-3563: Fix issues in java sound
- S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
- S7110687, CVE-2012-0503: Issues with TimeZone class
- S7110700, CVE-2012-0505: Enhance exception throwing mechanism in
ObjectStreamClass
- S7110704, CVE-2012-0506: Issues with some method in corba
- S7112642, CVE-2012-0497: Incorrect checking for graphics rendering
object
- S7118283, CVE-2012-0501: Better input parameter checking in zip file
processing
- S7126960, CVE-2011-5035: (httpserver) Add property to limit number
of request headers to the HTTP Server

This release also contains the following additional fix:
- PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch

The tarball can be downloaded from:

http://icedtea.classpath.org/download/source/icedtea6-1.11.1.tar.gz

SHA256SUM:
bafb0e21e1edf5ee22871b13dbc0a8a0d3efd894551fb91d5f59783069b6912c

A signature (produced using my public key) is available at:

http://icedtea.classpath.org/download/source/icedtea6-1.11.1.tar.gz.sig

The following people helped with this release:

* Andrew Haley
* Andrew John Hughes
* Chris Phillips
* Danesh Dadachanji
* Deepak Bhole
* Jiri Vanek
* Omair Majid
* Roman Kennke

A huge thanks to everyone who helped test this release and reported bugs!

To get started:
$ tar xf icedtea6-1.11.1.tar.gz
$ cd icedtea6-1.11.1

Full build requirements and instructions are in INSTALL:
$ ./configure [--enable-zero --enable-pulse-java --enable-systemtap ...]
$ make

IcedTea6 1.11 Released!

After quite a bit of delay, IcedTea6 1.11 has finally been released!

Take a look at the release announcement, download icedtea6 1.11 and build it.

Onwards to IcedTea6 1.12!

IcedTea6 1.11 Branched

I have just branched IcedTea6 1.11. Please start subjecting this branch to the most vicious tests you have.

I am planning to release IcedTea6 1.11 on Wednesday 2012-01-18, unless major problems are discovered. As always, a list of new features in this release can be found in the NEWS file.

Only bugfixes are likely to be accepted for the branch. Please try to minimize changes and hold off any build-system related changes unless they are absolutely necessary.

Please note that all commits to this branch need to be posted for discussion and have to be approved for committing.

What IcedTea-Web 1.1 means for you

A number of changes occurred between IcedTea-Web 1.0 and IcedTea-Web 1.1. If you are a packager or a developer here are some things you need to know.

Are you a packager?
IcedTea-Web 1.1 can be installed into a regular prefix (/usr/ or /usr/local/ or anything else). Unlike IcedTea-Web 1.0, you do not need to install IcedTea-Web into a JDK or JRE directory. IcedTea-Web uses a JDK to build itself (specified using --with-jdk-home). IcedTea-Web will use the JDK it was compiled against to run. The launchers (javaws and itweb-settings) are now shell scripts and can be customized as needed.

Are you a developer using applets or java web start?
IcedTea-Web 1.1 provides netscape.javascript.* and javax.jnlp.* classes that applets and web start applications use. However, unlike icedtea-web < 1.1 (or older releases of icedtea6) the jars that provide these classes will not be automatically be picked up by the JDK. netscape.javascript.* classes are included in IcedTea-Web’s plugin.jar. javax.jnlp.* classes are included in IcedTea-Web’s netx.jar. Please add these classes to your classpath when building.