--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-6397
2015-04-18 05:44:42
--------------------------------------------------------------------------------

Name        : java-1.7.0-openjdk
Product     : Fedora 20
Version     : 1.7.0.79
Release     : 2.5.5.0.fc20
URL         : http://openjdk.java.net/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

Updated to security icedtea-forest7 2.5.5
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek  - 1:1.7.0.75-2.5.5.0
- repacked sources
* Thu Apr  9 2015 Jiri Vanek  - 1:1.7.0.75-2.5.5.0
- Bump to 2.5.5 using OpenJDK 7u79 b14.
- Update OpenJDK tarball creation comments
- Drop AArch64 version of RH1191652 HotSpot patch as included upstream.
- added Patch406: fixPtraceInclude.patch, Patch404: rh1191652-hotspot.patch
  Patch405: rh1191652-jdk.patch
* Wed Jan 21 2015 Jiri Vanek  - 1:1.7.0.75-2.5.4.2
- Updated to security update of 20.1.2015
- Replace unmodified java.security file via headless post scriptlet.
- Fix macro expansion in changelog
- Fix elliptic curve list as part of fsg.sh
- Bump release so that the RHEL 7.1 version is built on AArch64.
- Bump to 2.5.4 using OpenJDK 7u75 b13.
- Bump AArch64 port to 2.6.0pre17.
- Fix abrt_friendly_hs_log_jdk7.patch to apply again and enable on all archs.
- Remove OpenJDK 8 / AArch64 version of PStack patch as this is no longer needed.
* Tue Dec 16 2014 Jiri Vanek  - 1:1.7.0.71-2.5.3.3
- aarch64 sources updated to most recent stable tag
- adapted patch4030 PStack-808293-aarch64.patch
* Tue Dec  9 2014 Jiri Vanek  - 1:1.7.0.71-2.5.3.2
- added and applied patch404 rh1155012-jdk-speedup.patch
* Mon Dec  1 2014 Jiri Vanek  - 1:1.7.0.71-2.5.3.1
- removed source14 remove-origin-from-rpaths (11690970)
- removed build requirement for chrpath
* Wed Oct 15 2014 Jiri Vanek   - 1.7.0.71-2.5.3.0
- updated to security icedtea-forest 2.5.3
* Thu Sep 11 2014 Jiri Vanek   - 1.7.0.65-2.5.2.5
- fixed headless to become headless again
 - jre/lib/archinstall/libjavagtk.so
 - jre/bin/policytool
 - jre-abrt/lib/archinstall/libjavagtk.so
 - all three added to not headless exclude list
* Tue Sep  2 2014 Jiri Vanek   - 1.7.0.65-2.5.2
- updated to icedtea7-forest 2.5.2
- removed patch404 gtk3ToBeReverted.patch
- removed patch405 pr1864_smartcardIO.patch
* Tue Jul 22 2014 Jiri Vanek   - 1.7.0.65-2.5.1.4
- excluded libmawt.so from autorequires/autoprovides
- see https://bugzilla.redhat.com/show_bug.cgi?id=1111349
* Thu Jul 17 2014 Rex Dieter  - 1.7.0.65-2.5.1.3
- rebuild (for pulseaudio, bug #1117683)
* Mon Jul 14 2014 Jiri Vanek   - 1.7.0.65-2.5.1.2
- added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch
* Mon Jul  7 2014 Jiri Vanek   - 1.7.0.65-2.5.1.1
- updated to security patched icedtea7-forest-2.5.1
* Wed Jul  2 2014 Jiri Vanek   - 1.7.0.60-2.5.0.3
- Added arrch64 support
* Tue Jul  1 2014 Andrew Hughes  - 1.7.0.60-2.5.0.2
- Add nss-softokn dependency for SunEC provider
- Add support for ppc64le
- Enable SunEC provider with system NSS support.
- Ensure java-1.7.0-openjdk is used to build, not 8
- Set INSTALL_LOCATION so it can be used in the rpath.
* Thu Jun 19 2014 Jiri Vanek   - 1.7.0.60-2.5.0.1.f20
- added and applied as reverted patch404 gtk3ToBeReverted.patch
 - reverting controversial fix of * Wed Jun 18 2014 Jiri Vanek   - 1.7.0.60-2.5.0.f20
- updated to icedtea7-forest 2.5.0
- removed icedtea_version_presuffix
- removed hardcoded 60
- removed upstreamed patch412 add-final-location-rpaths.patch
- removed upstreamed patch413 rh1064383-prelink_fix.patch
* Thu May 22 2014 Andrew Hughes  - 1.7.0.51-2.4.7.3.fc20
- debug turned off (0)
- python added to line %{SOURCE14} $files to preven access denied
- added build requires for python
* Thu May 22 2014 Jiri Vanek  - 1.7.0.51-2.4.7.2.fc20
- bumped release
- changed  buildoutputdir to contains "-debug" in case of debug on
- rewritten (long unmaintained) java-1.7.0-openjdk-debugdocs.patch and 
  java-1.7.0-openjdk-debuginfo.patch
- debug turned on (1)
* Tue Apr 22 2014 Jiri Vanek  - 1.7.0.55-2.4.7.1.fc20
- Added Omair's fix for RH1059925
 - added and used Source14, remove-origin-from-rpaths
 - added and applied patch412 add-final-location-rpaths.patch
 - added build requires chrpath
 - adde INSTALL_LOCATION=_jvmdir/sdkdir to make swithces
- added missing OrderWithRequires (sync with master)
- removed rhino requires (sync with master)
- added libattr-devel build requires (sync with master)
- added conditional chmod on sa-jdi.jar (sync with master)
- added comment to fiels about lua (sync with master)
- added few more owned dirs (sync with master)
* Mon Apr  7 2014 Jiri Vanek  - 1.7.0.55-2.4.7.0.fc20
- Added check to lua according to already exisitng same jvm
- bumped to future icedtea-forest 2.4.7
- updatever set to 55, buildver se to 13, release reset to 0
- removed upstreamed patch402 gstackbounds.patch
- included config(norepalce) lua script
* Wed Mar 26 2014 Omair Majid  - 1.7.0.60-2.4.5.2.fc20
- Switch to a new tapset tarball without trailing space in file name
* Thu Jan 30 2014 Jiri Vanek  - 1.7.0.51-2.4.5.1.f20
- removed or cleaning alternatives remove in posts
* Thu Jan 30 2014 Jiri Vanek  - 1.7.0.51-2.4.5.0.f20
- removed buildRequires: pulseaudio >= 0.9.11, as not neccessary
 -  but kept libs-devel
- updated to icedtea 2.4.5
 - - removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them out)
 - patch410 1015432.patch (upstreamed)
 - patch411 1029588.patch
 - patch412 zero-x32.diff
 - patch104 java-1.7.0-ppc-zero-jdk.patch
 - patch105 java-1.7.0-ppc-zero-hotspot.patch
- patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always
 (again thanx to gnu_andrew)
- merged other gnu_andrew's changes
 - FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls 
 - buildver bumbed to 31
- added build requires  nss-devel
- removed build requires mercurial
- added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call
* Fri Jan 17 2014 Jiri Vanek  - 1.7.0.51-2.4.4.1.f20
- removed 2.3 tarball due to security issues
 - this causes zero arm32 jit to not exists eny more (aprox 30% slowdown)
 - removed declarations:
  - global icedtea_version_arm32 2.3.13
  - source100  openjdk-icedtea-%{icedtea_version_arm32}.tar.xz
 - removed:
  - patch30   java-1.7.0-openjdk-java-access-bridge-security-2.3.patch
  - patch1000 rhino-2.3.patch
  - patch4020 gstackbounds-2.3.patch
  - patch4110 1029588-2.3.patch
  - patch302 systemtap.patch
  - patch401 657854-openjdk7.patch
 - with all follwing  ifarch arm calls
 - patch410 and TestCryptoLevel are now used always
 - US_export_policy.jar and  local_policy.jar are now listed always
 - make: 
  - always used DISABLE_INTREE_EC,  UNLIMITED_CRYPTO
  - removed arm32 specific DISTRO_PACKAGE_VERSION JDK_UPDATE_VERSION  JDK_BUILD_NUMBER
- added patch412 zero-x32.diff to try to fix zero builds build
* Fri Jan 10 2014 Jiri Vanek  - 1.7.0.51-2.4.4.0.f20
- updated to security icedtea 2.4.4
- and arm tarball updated to security icedtea 2.3.13
 - icedtea_version set to 2.4.4
 - updatever bumped to       51
 - release reset to 0
* Mon Jan  6 2014 Jiri Vanek  - 1.7.0.40-2.4.3.4.f19
- added and applied patch411 1029588.patch (for 2.4)
- added and applied patch4110 1029588-2.3.patch (for 2.3)
- resolves rhbz#1029588
* Mon Jan  6 2014 Jiri Vanek  - 1.7.0.40-2.4.3.3.f19
- added and applied for icedtea 2.4 patch410, 1015432.patch
- resolves rhbz#1015432
* Mon Jan  6 2014 Jiri Vanek  - 1.7.0.40-2.4.3.2.f20
- changed Provides: jre-headless = 1.7.0
  to      Provides: jre-headless = 1:1.7.0
- resolves rhbz#1046050
* Fri Oct 18 2013 Jiri Vanek  - 1.7.0.40-2.4.3.1.f20
- arm tarball updated to new  CPU sources 2.3.13
- removed upstreamed  patch 501 callerclass-01.patch
- removed upstreamed  patch 502 callerclass-02.patch
- removed upstreamed  patch 503 callerclass-02.patch
- removed upstreamed  patch 504 callerclass-02.patch
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update java-1.7.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 20: java-1.7.0-openjdk Security Update

April 22, 2015

Updated to security icedtea-forest7 2.5.5

Summary

The OpenJDK runtime environment.

Update Information:

Updated to security icedtea-forest7 2.5.5

Change Log

* Fri Apr 10 2015 Jiri Vanek - 1:1.7.0.75-2.5.5.0 - repacked sources * Thu Apr 9 2015 Jiri Vanek - 1:1.7.0.75-2.5.5.0 - Bump to 2.5.5 using OpenJDK 7u79 b14. - Update OpenJDK tarball creation comments - Drop AArch64 version of RH1191652 HotSpot patch as included upstream. - added Patch406: fixPtraceInclude.patch, Patch404: rh1191652-hotspot.patch Patch405: rh1191652-jdk.patch * Wed Jan 21 2015 Jiri Vanek - 1:1.7.0.75-2.5.4.2 - Updated to security update of 20.1.2015 - Replace unmodified java.security file via headless post scriptlet. - Fix macro expansion in changelog - Fix elliptic curve list as part of fsg.sh - Bump release so that the RHEL 7.1 version is built on AArch64. - Bump to 2.5.4 using OpenJDK 7u75 b13. - Bump AArch64 port to 2.6.0pre17. - Fix abrt_friendly_hs_log_jdk7.patch to apply again and enable on all archs. - Remove OpenJDK 8 / AArch64 version of PStack patch as this is no longer needed. * Tue Dec 16 2014 Jiri Vanek - 1:1.7.0.71-2.5.3.3 - aarch64 sources updated to most recent stable tag - adapted patch4030 PStack-808293-aarch64.patch * Tue Dec 9 2014 Jiri Vanek - 1:1.7.0.71-2.5.3.2 - added and applied patch404 rh1155012-jdk-speedup.patch * Mon Dec 1 2014 Jiri Vanek - 1:1.7.0.71-2.5.3.1 - removed source14 remove-origin-from-rpaths (11690970) - removed build requirement for chrpath * Wed Oct 15 2014 Jiri Vanek - 1.7.0.71-2.5.3.0 - updated to security icedtea-forest 2.5.3 * Thu Sep 11 2014 Jiri Vanek - 1.7.0.65-2.5.2.5 - fixed headless to become headless again - jre/lib/archinstall/libjavagtk.so - jre/bin/policytool - jre-abrt/lib/archinstall/libjavagtk.so - all three added to not headless exclude list * Tue Sep 2 2014 Jiri Vanek - 1.7.0.65-2.5.2 - updated to icedtea7-forest 2.5.2 - removed patch404 gtk3ToBeReverted.patch - removed patch405 pr1864_smartcardIO.patch * Tue Jul 22 2014 Jiri Vanek - 1.7.0.65-2.5.1.4 - excluded libmawt.so from autorequires/autoprovides - see https://bugzilla.redhat.com/show_bug.cgi?id=1111349 * Thu Jul 17 2014 Rex Dieter - 1.7.0.65-2.5.1.3 - rebuild (for pulseaudio, bug #1117683) * Mon Jul 14 2014 Jiri Vanek - 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch * Mon Jul 7 2014 Jiri Vanek - 1.7.0.65-2.5.1.1 - updated to security patched icedtea7-forest-2.5.1 * Wed Jul 2 2014 Jiri Vanek - 1.7.0.60-2.5.0.3 - Added arrch64 support * Tue Jul 1 2014 Andrew Hughes - 1.7.0.60-2.5.0.2 - Add nss-softokn dependency for SunEC provider - Add support for ppc64le - Enable SunEC provider with system NSS support. - Ensure java-1.7.0-openjdk is used to build, not 8 - Set INSTALL_LOCATION so it can be used in the rpath. * Thu Jun 19 2014 Jiri Vanek - 1.7.0.60-2.5.0.1.f20 - added and applied as reverted patch404 gtk3ToBeReverted.patch - reverting controversial fix of * Wed Jun 18 2014 Jiri Vanek - 1.7.0.60-2.5.0.f20 - updated to icedtea7-forest 2.5.0 - removed icedtea_version_presuffix - removed hardcoded 60 - removed upstreamed patch412 add-final-location-rpaths.patch - removed upstreamed patch413 rh1064383-prelink_fix.patch * Thu May 22 2014 Andrew Hughes - 1.7.0.51-2.4.7.3.fc20 - debug turned off (0) - python added to line %{SOURCE14} $files to preven access denied - added build requires for python * Thu May 22 2014 Jiri Vanek - 1.7.0.51-2.4.7.2.fc20 - bumped release - changed buildoutputdir to contains "-debug" in case of debug on - rewritten (long unmaintained) java-1.7.0-openjdk-debugdocs.patch and java-1.7.0-openjdk-debuginfo.patch - debug turned on (1) * Tue Apr 22 2014 Jiri Vanek - 1.7.0.55-2.4.7.1.fc20 - Added Omair's fix for RH1059925 - added and used Source14, remove-origin-from-rpaths - added and applied patch412 add-final-location-rpaths.patch - added build requires chrpath - adde INSTALL_LOCATION=_jvmdir/sdkdir to make swithces - added missing OrderWithRequires (sync with master) - removed rhino requires (sync with master) - added libattr-devel build requires (sync with master) - added conditional chmod on sa-jdi.jar (sync with master) - added comment to fiels about lua (sync with master) - added few more owned dirs (sync with master) * Mon Apr 7 2014 Jiri Vanek - 1.7.0.55-2.4.7.0.fc20 - Added check to lua according to already exisitng same jvm - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release reset to 0 - removed upstreamed patch402 gstackbounds.patch - included config(norepalce) lua script * Wed Mar 26 2014 Omair Majid - 1.7.0.60-2.4.5.2.fc20 - Switch to a new tapset tarball without trailing space in file name * Thu Jan 30 2014 Jiri Vanek - 1.7.0.51-2.4.5.1.f20 - removed or cleaning alternatives remove in posts * Thu Jan 30 2014 Jiri Vanek - 1.7.0.51-2.4.5.0.f20 - removed buildRequires: pulseaudio >= 0.9.11, as not neccessary - but kept libs-devel - updated to icedtea 2.4.5 - - removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them out) - patch410 1015432.patch (upstreamed) - patch411 1029588.patch - patch412 zero-x32.diff - patch104 java-1.7.0-ppc-zero-jdk.patch - patch105 java-1.7.0-ppc-zero-hotspot.patch - patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always (again thanx to gnu_andrew) - merged other gnu_andrew's changes - FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls - buildver bumbed to 31 - added build requires nss-devel - removed build requires mercurial - added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call * Fri Jan 17 2014 Jiri Vanek - 1.7.0.51-2.4.4.1.f20 - removed 2.3 tarball due to security issues - this causes zero arm32 jit to not exists eny more (aprox 30% slowdown) - removed declarations: - global icedtea_version_arm32 2.3.13 - source100 openjdk-icedtea-%{icedtea_version_arm32}.tar.xz - removed: - patch30 java-1.7.0-openjdk-java-access-bridge-security-2.3.patch - patch1000 rhino-2.3.patch - patch4020 gstackbounds-2.3.patch - patch4110 1029588-2.3.patch - patch302 systemtap.patch - patch401 657854-openjdk7.patch - with all follwing ifarch arm calls - patch410 and TestCryptoLevel are now used always - US_export_policy.jar and local_policy.jar are now listed always - make: - always used DISABLE_INTREE_EC, UNLIMITED_CRYPTO - removed arm32 specific DISTRO_PACKAGE_VERSION JDK_UPDATE_VERSION JDK_BUILD_NUMBER - added patch412 zero-x32.diff to try to fix zero builds build * Fri Jan 10 2014 Jiri Vanek - 1.7.0.51-2.4.4.0.f20 - updated to security icedtea 2.4.4 - and arm tarball updated to security icedtea 2.3.13 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 0 * Mon Jan 6 2014 Jiri Vanek - 1.7.0.40-2.4.3.4.f19 - added and applied patch411 1029588.patch (for 2.4) - added and applied patch4110 1029588-2.3.patch (for 2.3) - resolves rhbz#1029588 * Mon Jan 6 2014 Jiri Vanek - 1.7.0.40-2.4.3.3.f19 - added and applied for icedtea 2.4 patch410, 1015432.patch - resolves rhbz#1015432 * Mon Jan 6 2014 Jiri Vanek - 1.7.0.40-2.4.3.2.f20 - changed Provides: jre-headless = 1.7.0 to Provides: jre-headless = 1:1.7.0 - resolves rhbz#1046050 * Fri Oct 18 2013 Jiri Vanek - 1.7.0.40-2.4.3.1.f20 - arm tarball updated to new CPU sources 2.3.13 - removed upstreamed patch 501 callerclass-01.patch - removed upstreamed patch 502 callerclass-02.patch - removed upstreamed patch 503 callerclass-02.patch - removed upstreamed patch 504 callerclass-02.patch

References

Fedora Update Notification FEDORA-2015-6397 2015-04-18 05:44:42 Name : java-1.7.0-openjdk Product : Fedora 20 Version : 1.7.0.79 Release : 2.5.5.0.fc20 URL : http://openjdk.java.net/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment.

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update java-1.7.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity

Name : java-1.7.0-openjdk

Product : Fedora 20

Version : 1.7.0.79

Release : 2.5.5.0.fc20

URL : http://openjdk.java.net/

Summary : OpenJDK Runtime Environment

What Are You Looking For?

Fedora 20: java-1.7.0-openjdk Security Update

Summary

Change Log

References

Update Instructions

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Kali Linux 2023.4 Released With New Hacking Tools

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector

Using Open Source to Ensure Compliance & Data Integrity through Data Governance

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

What Are You Looking For?

Fedora 20: java-1.7.0-openjdk Security Update

Summary

Change Log

References

Update Instructions

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By