Package: openjdk-7-jre; Maintainer for openjdk-7-jre is OpenJDK Team <openjdk@lists.launchpad.net>; Source for openjdk-7-jre is src:openjdk-7 (PTS, buildd, popcon).
Reported by: rpnpif <rpnpif@free.fr>
Date: Wed, 9 Nov 2016 15:30:02 UTC
Severity: normal
Found in version openjdk-7/7u111-2.6.7-2~deb8u1
Reply or subscribe to this bug.
View this report as an mbox folder, status mbox, maintainer mbox
Report forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Wed, 09 Nov 2016 15:30:04 GMT) (full text, mbox, link).
Acknowledgement sent
to rpnpif <rpnpif@free.fr>:
New Bug report received and forwarded. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Wed, 09 Nov 2016 15:30:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: openjdk-7-jre Version: 7u111-2.6.7-2~deb8u1 Severity: normal Dear Maintainer, After the last security update, now java is unusable in Firefox with icedtea-7-plugin on all applets. On https://www.java.com/en/download/installed.jsp, an exception occurs : IcedTea-Web Plugin version: 1.5.3 (1.5.3-1) Wed Nov 09 16:16:49 CET 2016 net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize applet. For more information click "more information button". at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:739) at net.sourceforge.jnlp.Launcher.getApplet(Launcher.java:668) at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:901) Caused by: net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Unknown Main-Class. Could not determine the main class for this application. at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:681) at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:277) at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:351) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:418) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:394) at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:704) ... 2 more Caused by: java.lang.ClassNotFoundException: Could not find class JavaDetection at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2484) at net.sourceforge.jnlp.runtime.JNLPClassLoader.findClass(JNLPClassLoader.java:1654) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClass(JNLPClassLoader.java:2497) at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:678) ... 7 more Caused by: java.security.PrivilegedActionException: java.lang.ClassNotFoundException: JavaDetection at java.security.AccessController.doPrivileged(Native Method) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2474) ... 10 more Caused by: java.lang.ClassNotFoundException: JavaDetection at java.net.URLClassLoader$1.run(URLClassLoader.java:366) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.access$2001(JNLPClassLoader.java:2446) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2477) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2475) ... 12 more Chain: 1) at Wed Nov 09 16:16:05 CET 2016 net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Unknown Main-Class. Could not determine the main class for this application. at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:681) at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:277) at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:351) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:418) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:394) at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:704) at net.sourceforge.jnlp.Launcher.getApplet(Launcher.java:668) at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:901) Caused by: java.lang.ClassNotFoundException: Could not find class JavaDetection at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2484) at net.sourceforge.jnlp.runtime.JNLPClassLoader.findClass(JNLPClassLoader.java:1654) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClass(JNLPClassLoader.java:2497) at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:678) ... 7 more Caused by: java.security.PrivilegedActionException: java.lang.ClassNotFoundException: JavaDetection at java.security.AccessController.doPrivileged(Native Method) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2474) ... 10 more Caused by: java.lang.ClassNotFoundException: JavaDetection at java.net.URLClassLoader$1.run(URLClassLoader.java:366) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.access$2001(JNLPClassLoader.java:2446) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2477) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2475) ... 12 more 2) at Wed Nov 09 16:16:05 CET 2016 net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize applet. For more information click "more information button". at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:739) at net.sourceforge.jnlp.Launcher.getApplet(Launcher.java:668) at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:901) Caused by: net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Unknown Main-Class. Could not determine the main class for this application. at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:681) at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:277) at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:351) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:418) at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:394) at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:704) ... 2 more Caused by: java.lang.ClassNotFoundException: Could not find class JavaDetection at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2484) at net.sourceforge.jnlp.runtime.JNLPClassLoader.findClass(JNLPClassLoader.java:1654) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClass(JNLPClassLoader.java:2497) at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:678) ... 7 more Caused by: java.security.PrivilegedActionException: java.lang.ClassNotFoundException: JavaDetection at java.security.AccessController.doPrivileged(Native Method) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.findClassNonRecursive(JNLPClassLoader.java:2474) ... 10 more Caused by: java.lang.ClassNotFoundException: JavaDetection at java.net.URLClassLoader$1.run(URLClassLoader.java:366) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader.access$2001(JNLPClassLoader.java:2446) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2477) at net.sourceforge.jnlp.runtime.JNLPClassLoader$CodeBaseClassLoader$1.run(JNLPClassLoader.java:2475) ... 12 more -- System Information: Debian Release: 8.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.7.0-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openjdk-7-jre depends on: ii libasound2 1.0.28-1 ii libatk-wrapper-java-jni 0.30.5-1 ii libatk1.0-0 2.14.0-1 ii libc6 2.19-18+deb8u6 ii libcairo2 1.14.0-2.1+deb8u1 ii libfontconfig1 2.11.0-6.3+deb8u1 ii libfreetype6 2.5.2-3+deb8u1 ii libgdk-pixbuf2.0-0 2.31.1-2+deb8u5 ii libgif4 4.1.6-11+deb8u1 ii libgl1-mesa-glx [libgl1] 12.0.3-1~bpo8+1 ii libglib2.0-0 2.48.0-1~bpo8+1 ii libgtk2.0-0 2.24.25-3+deb8u1 ii libjpeg62-turbo 1:1.3.1-12 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpangoft2-1.0-0 1.36.8-3 ii libpng12-0 1.2.50-2+deb8u2 ii libx11-6 2:1.6.2-3 ii libxcomposite1 1:0.4.4-1 ii libxext6 2:1.3.3-1 ii libxi6 2:1.7.4-1+b2 ii libxinerama1 2:1.1.3-1+b1 ii libxrandr2 2:1.4.2-1+b1 ii libxrender1 1:0.9.8-1+b1 ii libxtst6 2:1.2.2-1+b1 ii openjdk-7-jre-headless 7u111-2.6.7-2~deb8u1 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages openjdk-7-jre recommends: ii fonts-dejavu-extra 2.34-1 ii libgconf2-4 3.2.6-3 ii libgnome2-0 2.32.1-5 ii libgnomevfs2-0 1:2.24.4-6+b1 Versions of packages openjdk-7-jre suggests: ii icedtea-7-plugin 1.5.3-1 -- no debconf information
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Wed, 09 Nov 2016 17:51:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Tiago Daitx <tiago.daitx@canonical.com>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Wed, 09 Nov 2016 17:51:09 GMT) (full text, mbox, link).
Message #10 received at 843784@bugs.debian.org (full text, mbox, reply):
On Wed, Nov 9, 2016 at 1:26 PM, rpnpif <rpnpif@free.fr> wrote: > Package: openjdk-7-jre > Version: 7u111-2.6.7-2~deb8u1 > Severity: normal > > Dear Maintainer, > > After the last security update, now java is unusable in Firefox with > icedtea-7-plugin on all applets. I was unable to reproduce this. > On https://www.java.com/en/download/installed.jsp, an exception occurs : > > IcedTea-Web Plugin version: 1.5.3 (1.5.3-1) > Wed Nov 09 16:16:49 CET 2016 Yes, this particular test fails, but the actual error is: [tdaitx][ITW-APPLET][ERROR_ALL][Wed Nov 09 17:32:09 UTC 2016][net.sourceforge.jnlp.runtime.JNLPClassLoader.checkForMain(JNLPClassLoader.java:835)] NETX Thread# 673fcb2c, name Applet: JAR https://www.java.com/en/download/JavaDetection.jar not found. Continuing. or from the terminal console: java.io.FileNotFoundException: https://www.java.com/en/download/JavaDetection.jar And indeed that jar file is not available at that location, so no wonder that applet won't work. I could get other applets to work on Jessie with IceWeasel, eg: https://www.w3.org/People/mimasa/test/object/java/clock -thanks
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Wed, 09 Nov 2016 18:33:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Alain Rpnpif <rpnpif@free.fr>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Wed, 09 Nov 2016 18:33:06 GMT) (full text, mbox, link).
Message #15 received at 843784@bugs.debian.org (full text, mbox, reply):
Thanks for your answer. Yes the applet on https://www.w3.org/People/mimasa/test/object/java/clock work fine but with a lot of popup dialog to accept. I have also always errors when I used my Lexmark network printer scanner. I can control remotely the scanner but it claims that it was disconnected when it should upload the picture file to the client. So it is unusable with this openjdk. Before that openjdk was updated, all work fine. Is it a new permission problem ? On the local computer, here are the errors from syslog with the scanner : IcedTea-Web java error - for more info see itweb-settings debug options or console. See http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs for help. IcedTea-Web java error manual log: java.io.IOException: Server returned HTTP response code: 501 for URL: http://192.168.1.201/cgi-bin/dynamic/printer/applets/applets.jar at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:526) at sun.net.www.protocol.http.HttpURLConnection$7.run(HttpURLConnection.java:1719) at sun.net.www.protocol.http.HttpURLConnection$7.run(HttpURLConnection.java:1717) at java.security.AccessController.doPrivileged(Native Method) at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1715) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1285) at net.sourceforge.jnlp.util.HttpUtils.consumeAndCloseConnection(HttpUtils.java:66) at net.sourceforge.jnlp.util.HttpUtils.consumeAndCloseConnectionSilently(HttpUtils.java:52) at net.sourceforge.jnlp.cache.ResourceTracker.getUrlResponseCodeWithRedirectonResult(ResourceTracker.java:907) at net.sourceforge.jnlp.cache.ResourceTracker.findBestUrl(ResourceTracker.java:955) at net.sourceforge.jnlp.cache.ResourceTracker.initializeResource(ResourceTracker.java:787) at net.sourceforge.jnlp.cache.ResourceTracker.processResource(ResourceTracker.java:614) at net.sourceforge.jnlp.cache.ResourceTracker.access$600(ResourceTracker.java:81) at net.sourceforge.jnlp.cache.ResourceTracker$Downloader$1.run(ResourceTracker.java:1235) at net.sourceforge.jnlp.cache.ResourceTracker$Downloader$1.run(ResourceTracker.java:1233) at java.security.AccessController.doPrivileged(Native Method) at net.sourceforge.jnlp.cache.ResourceTracker$Downloader.run(ResourceTracker.java:1233) at java.lang.Thread.run(Thread.java:745) Caused by: java.io.IOException: Server returned HTTP response code: 501 for URL: http://192.168.1.201/cgi-bin/dynamic/printer/applets/applets.jar at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1670) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) at net.sourceforge.jnlp.cache.ResourceTracker.getUrlResponseCodeWithRedirectonResult(ResourceTracker.java:903) ... 9 more IcedTea-Web java error - for more info see itweb-settings debug options or console. See http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs for help. IcedTea-Web java error manual log: This application does not specify a Codebase in its manifest. Please verify with the applet's vendor. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. Regards. -- Alain Rpnpif
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Wed, 09 Nov 2016 20:30:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Tiago Daitx <tiago.daitx@canonical.com>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Wed, 09 Nov 2016 20:30:08 GMT) (full text, mbox, link).
Message #20 received at 843784@bugs.debian.org (full text, mbox, reply):
On Wed, Nov 9, 2016 at 4:30 PM, Alain Rpnpif <rpnpif@free.fr> wrote:
> Thanks for your answer.
> Yes the applet on
> https://www.w3.org/People/mimasa/test/object/java/clock work fine but
> with a lot of popup dialog to accept.
>
> I have also always errors when I used my Lexmark network printer
> scanner.
> I can control remotely the scanner but it claims that it was
> disconnected when it should upload the picture file to the client. So it
> is unusable with this openjdk.
>
> Before that openjdk was updated, all work fine.
>
> Is it a new permission problem ?
>
> On the local computer, here are the errors from syslog with the
> scanner :
>
> IcedTea-Web java error - for more info see itweb-settings debug options
> or console. See
> http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs for help.
> IcedTea-Web java error manual log: java.io.IOException: Server returned
> HTTP response code: 501 for URL:
> http://192.168.1.201/cgi-bin/dynamic/printer/applets/applets.jar at
This indicates that the HTTP request failed on the server side, but
there's not enough information to understand why and I am unable to
reproduce it as I have no such scanner.
I need something that I can reproduce locally, could you please test a
publicly available applet that was known to work on the older openjdk
version and is now failing on the new one?
Also, I took another look at the default java applet test at
https://www.java.com/en/download/installed.jsp because it worked fine
from a newer distro running OpenJDK 8. The actual error was a
NullPointerException at
SecurityDialogs.showMatchingALACAttributePanel, as shown bellow:
[tdaitx][ITW-JAVAWS][ERROR_DEBUG][Wed Nov 09 17:11:40 BRST
2016][net.sourceforge.jnlp.AbstractLaunchHandler.printMessage(AbstractLaunchHandler.java:67)]
NETX Thread# 55b76aab, name Java Detection
net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error:
Could not initialize applet. For more information click "more
information button".
at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:739)
at net.sourceforge.jnlp.Launcher.launchApplet(Launcher.java:640)
at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:907)
Caused by: java.lang.NullPointerException
at net.sourceforge.jnlp.security.SecurityDialogs.showMatchingALACAttributePanel(SecurityDialogs.java:299)
at net.sourceforge.jnlp.runtime.ManifestAttributesChecker.checkApplicationLibraryAllowableCodebaseAttribute(ManifestAttributesChecker.java:341)
at net.sourceforge.jnlp.runtime.ManifestAttributesChecker.checkAll(ManifestAttributesChecker.java:83)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:288)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:351)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:418)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:394)
at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:704)
... 2 more
I found a similar bug report at
https://bugzilla.redhat.com/show_bug.cgi?id=1299976 (it's for a
different function), but the solution was to upgrade icedtea-web. I
built icedtea-web 1.6.2 for jessie and was able to get it working. Let
me know if you are willing to try it locally and see if it also fixes
your lexmark scanner client - I can then provide you with the deb
files for testing.
thanks
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Thu, 10 Nov 2016 10:33:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Alain Rpnpif <rpnpif@free.fr>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Thu, 10 Nov 2016 10:33:05 GMT) (full text, mbox, link).
Message #25 received at 843784@bugs.debian.org (full text, mbox, reply):
Le 9 novembre 2016, Tiago Daitx a écrit : > I found a similar bug report at > https://bugzilla.redhat.com/show_bug.cgi?id=1299976 (it's for a > different function), but the solution was to upgrade icedtea-web. I > built icedtea-web 1.6.2 for jessie and was able to get it working. Let > me know if you are willing to try it locally and see if it also fixes > your lexmark scanner client - I can then provide you with the deb > files for testing. Yes I could try the 1.6.2 release backported to Jessie, hoping that it fixes this issues. Thank you for your help. -- Alain Rpnpif
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Thu, 10 Nov 2016 22:15:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Tiago Daitx <tiago.daitx@canonical.com>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Thu, 10 Nov 2016 22:15:02 GMT) (full text, mbox, link).
Message #30 received at 843784@bugs.debian.org (full text, mbox, reply):
Hi Alain, Please try out the deb files @ https://keybase.pub/tdaitx/icedtea-web-1.6.2/ and let me know if they do solve the problem. If they don't, I would need you to point me to a public online applet that was known to work on the older openjdk version and is now failing on the new one, otherwise I'm stuck as I have no way to reproduce the issue. -thanks
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Wed, 16 Nov 2016 23:45:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Shaddy Baddah <beryllium-bugs@shaddybaddah.name>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Wed, 16 Nov 2016 23:45:02 GMT) (full text, mbox, link).
Message #35 received at 843784@bugs.debian.org (full text, mbox, reply):
Hi, I raised https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844478 describing the same problem as this bug. That one can probably be closed. On Thu, 10 Nov 2016 20:10:40 -0200 Tiago Daitx <tiago.daitx@canonical.com> wrote: > Hi Alain, > > Please try out the deb files @ > https://keybase.pub/tdaitx/icedtea-web-1.6.2/ and let me know if they > do solve the problem. > > If they don't, I would need you to point me to a public online applet > that was known to work on the older openjdk version and is now failing > on the new one, otherwise I'm stuck as I have no way to reproduce the > issue. If I have time, I'll try this too. See if it helps. -- Regards, Shaddy
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Thu, 17 Nov 2016 00:39:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Tiago Daitx <tiago.daitx@canonical.com>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Thu, 17 Nov 2016 00:39:07 GMT) (full text, mbox, link).
Message #40 received at 843784@bugs.debian.org (full text, mbox, reply):
While icedtea-web 1.6.2 does fixes a few bugs, this is not one of those.
Alain did reply to me in private saying that he was still seeing the
issue with the new icedtea-web and that downgrading to 7u111-2.6.7-1
got applets working again. So this is definitely a regression. Alain
also pointed me to a page with good applets to test this, the "Simple
upload" applet fails to run on the affected version:
http://demo.element-it.com/Examples/JavaPowUpload/index.htm
Meanwhile a new IcedTea release was out on experimental
(7u121-2.6.8-1), I tested it and I can confirm there is no regression
in it. It might take a while for a backport to show up, if you are
affected by this I recommend downgrading OpenJDK 7 as a workaround.
For future reference the actual error for the "Simple upload" applet is:
java.security.AccessControlException: access denied
("java.util.PropertyPermission" "java.net.preferIPv4Stack" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:685)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:292)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
at java.lang.System.getProperty(System.java:708)
at com.elementit.JavaPowUpload.Manager.init(Unknown Source)
at sun.applet.AppletPanel.run(AppletPanel.java:436)
at sun.applet.AppletViewerPanelAccess.run(AppletViewerPanelAccess.java:90)
at java.lang.Thread.run(Thread.java:745)
java.security.AccessControlException: access denied
("java.util.PropertyPermission" "java.net.preferIPv4Stack" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:685)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:292)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
at java.lang.System.getProperty(System.java:708)
at com.elementit.JavaPowUpload.Manager.init(Unknown Source)
at sun.applet.AppletPanel.run(AppletPanel.java:436)
at sun.applet.AppletViewerPanelAccess.run(AppletViewerPanelAccess.java:90)
at java.lang.Thread.run(Thread.java:745)
Information forwarded
to debian-bugs-dist@lists.debian.org, unknown-package@qa.debian.org:
Bug#843784; Package openjdk-7-jre.
(Thu, 01 Dec 2016 21:27:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Tiago Daitx <tiago.daitx@canonical.com>:
Extra info received and forwarded to list. Copy sent to unknown-package@qa.debian.org.
(Thu, 01 Dec 2016 21:27:08 GMT) (full text, mbox, link).
Message #45 received at 843784@bugs.debian.org (full text, mbox, reply):
It turns out that applets are failing because the security update in S8155973 restricted MD5-based signatures in JAR files. It was eventually backed out by S8166381 but that one didn't make to the update. One easy way to fix is to edit /etc/java-7-openjdk/security/java.security and remove MD5 from the list of "jdk.jar.disabledAlgorithms". By default this is a new setting and should be the last line, just make sure it looks like: jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024 For future reference, once can see when an applet is being affect by looking for the following log line: Codebase matches codebase manifest attribute, but application is unsigned. Continuing. The browser must be run with icedtea plugin debug enabled as in "ICEDTEAPLUGIN_DEBUG=true firefox". Also, please be aware that Oracle is planning to reintroduce the MD5 signature restriction back in January, see section "Restrict JARs signed with weak algorithms and keys" in http://www.oracle.com/technetwork/java/javase/8all-relnotes-2226344.html -thanks
Information forwarded
to debian-bugs-dist@lists.debian.org, OpenJDK Team <openjdk@lists.launchpad.net>:
Bug#843784; Package openjdk-7-jre.
(Fri, 02 Dec 2016 11:30:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Alain Rpnpif <rpnpif@free.fr>:
Extra info received and forwarded to list. Copy sent to OpenJDK Team <openjdk@lists.launchpad.net>.
(Fri, 02 Dec 2016 11:30:06 GMT) (full text, mbox, link).
Message #50 received at 843784@bugs.debian.org (full text, mbox, reply):
From Gaute Amundsen : Hi. I don't have an email address I want posted on a public webpage, but I believe I have this problem in Ubuntu 14.04, with icedtea-plugin 1.5.3-0ubuntu0.14.04.1. I had some trouble downgrading OpenJDK 7 as suggested due to complex dependencies but I was able to "solve" the problem by instead adding "permission java.security.AllPermission;" to the default section /etc/java-7-openjdk/security/java.policy. Perhaps one of you may want to add this to the bug report? Regards Gaute Amundsen
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.