What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-8251
2015-05-15 09:47:21
--------------------------------------------------------------------------------

Name        : java-1.8.0-openjdk
Product     : Fedora 20
Version     : 1.8.0.45
Release     : 38.b14.fc20
URL         : http://openjdk.java.net/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

updated to 8u45-b14 with hope to fix rhbz#1123870
This update adds debugging information to all the Java code included in the JDK, make it easier to debug the code.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 13 2015 Jiri Vanek  - 1:1.8.0.45-35.b14
- updated to 8u45-b14 with hope to fix rhbz#1123870
* Thu Apr 16 2015 Omair Majid  - 1:1.8.0.45-32.b13
- Build all java code with -g
- Test at build-time to ensure debugging information is included
- Resolves: rhbz#1150932
* Fri Apr 10 2015 Jiri Vanek  - 1:1.8.0.45-31.b13
- repacked sources
- added Patch204: zero-interpreter-fix.patch
* Tue Apr  7 2015 Jiri Vanek  - 1:1.8.0.45-30.b13
- updated to security u45
- deleted hotspot-build-j-directive.patch
- adapted generate_source_tarball.sh, removeSunEcProvider-RH1154143.patch,
  repackReproduciblePolycies.sh
* Thu Feb 12 2015 Jiri Vanek  - 1:1.8.0.25-4.b12
- policies repacked to stop spamming yum update
- added and used source20 repackReproduciblePolycies.sh
- added mehanism to force priority size
* Mon Jan 12 2015 Severin Gehwolf  - 1:1.8.0.31-1.b13
- Update to January CPU patch update.
* Fri Nov  7 2014 Jiri Vanek  - 1:1.8.0.25-4.b12
- updated arm64 tarball to jdk8-jdk8u40-b12-aarch64-1263.tar.xz
* Mon Nov  3 2014 Jiri Vanek  - 1:1.8.0.25-3.b12
- updated aarch64 tarball to u40b12
* Fri Oct 24 2014 Jiri Vanek  - 1:1.8.0.25-2.b18
- added patch12,removeSunEcProvider-RH1154143
- Add check for src.zip completeness. See RH1130490 (by sgehwolf@redhat.com)
- Resolves: rhbz#1125260
* Mon Oct 20 2014 Omair Majid  - 1:1.8.0.25-1.b18
- Apply patches accidentally left out
* Wed Oct 15 2014 Jiri Vanek  - 1:1.8.0.25-0.b18
- updated to security u25
- partial sync with f21
* Wed Sep 17 2014 Omair Majid  - 1:1.8.0.10-10.b26
- Remove LIBDIR and funny definition of _libdir.
- Fix rpmlint warnings about macros in comments.
* Fri Aug 22 2014 Jiri Vanek  - 1:1.8.0.11-9.b12
- fixed update to f21
 - alternatrives forced to removal if there is more then one jdk even if it si update
 - and of course in case of removal
 - note: jdk f20 do not support multiple installs, jdk f21 do
* Fri Aug 15 2014 Omair Majid  - 1:1.8.0.11-8.b12
- Include all sources in src.zip
- Resolves rhbz#1130490
* Mon Jul 21 2014 Jiri Vanek  - 1:1.8.0.11-7.b12
- removed legacy aarch64 switches
 - --with-jvm-variants=client and  --disable-precompiled-headers- added patch patch9999 enableArm64.patch to enable new hotspot
* Tue Jul 15 2014 Jiri Vanek  - 1:1.8.0.11-5.b12
- Attempt to update aarch64 *jdk* to u11b12, by resticting aarch64 sources to hotpot only
- partial sync with f21
* Tue Jul 15 2014 Jiri Vanek  - 1:1.8.0.11-1.b12
- updated to security u11b12
* Wed May 28 2014 Omair Majid  - 1:1.8.0.5-4.b13
- Backport fix for JDK-8012224
* Fri May 16 2014 Jiri Vanek  - 1:1.8.0.5-3.b13
- Disable doclint for compatiblity
- Patch contributed by Andrew John Hughes
* Wed Apr 23 2014 Omair Majid  - 1:1.8.0.5-2.b13
- Change make flags to fix debuginfo generation
- Fix suggested by Yasumasa Suenaga
* Wed Apr 16 2014 Omair Majid  - 1:1.8.0.5-1.b13
- Update to the 2014-04-15 security update.
* Tue Mar 11 2014 Omair Majid  - 1:1.8.0.0-0.34.b132
- Include jdeps and jjs for aarch64. These are present in b128.
* Mon Mar 10 2014 Omair Majid  - 1:1.8.0.0-0.33.b132
- Update aarch64 tarball to the latest upstream release
* Fri Mar  7 2014 Omair Majid  - 1:1.8.0.0-0.32.b132
- Fix `java -version` output
* Fri Mar  7 2014 Jiri Vanek  - 1:1.8.0.0-0.31.b132
- updated to rc4 aarch64 tarball
- outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch
  patch2021 system-libpng-aarch64.patch
* Thu Mar  6 2014 Omair Majid  - 1:1.8.0.0-0.30.b132
- Update to b132
* Thu Mar  6 2014 Omair Majid  - 1:1.8.0.0-0.29.b129
- Fix typo in STRIP_POLICY
* Mon Mar  3 2014 Omair Majid  - 1:1.8.0.0-0.28.b129
- Remove redundant debuginfo files
- Generate complete debug information for libjvm
* Tue Feb 25 2014 Omair Majid  - 1:1.8.0.0-0.27.b129
- Fix non-headless libraries
* Tue Feb 25 2014 Jiri Vanek  - 1:1.8.0.0-0.26.b129
- Fix incorrect Requires
* Thu Feb 13 2014 Omair Majid  - 1:1.8.0.0-0.26.b129
- Add -headless subpackage based on java-1.7.0-openjdk
- Add abrt connector support
- Add -accessibility subpackage
* Thu Feb 13 2014 Omair Majid  - 1:1.8.0.0-0.26.b129
- Update to b129.
* Fri Feb  7 2014 Omair Majid  - 1:1.8.0.0-0.25.b126
- Update to candidate Reference Implementation release.
* Fri Jan 31 2014 Omair Majid  - 1:1.8.0.0-0.24.b123
- Forward port more patches from java-1.7.0-openjdk
* Mon Jan 20 2014 Omair Majid  - 1:1.8.0.0-0.23.b123
- Update to jdk8-b123
* Thu Nov 14 2013 Omair Majid  - 1:1.8.0.0-0.22.b115
- Update to jdk8-b115
* Wed Oct 30 2013 Jiri Vanek  - 1:1.8.0.0-0.21.b106
- added jre/lib/security/blacklisted.certs for aarch64
- updated to preview_rc2 aarch64 tarball
* Sun Oct  6 2013 Omair Majid  - 1:1.8.0.0-0.20.b106
- Fix paths in tapsets to work on non-x86_64
- Use system libjpeg
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1123870 - CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)
        https://bugzilla.redhat.com/show_bug.cgi?id=1123870
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update java-1.8.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 20: java-1.8.0-openjdk Security Update

May 27, 2015
updated to 8u45-b14 with hope to fix rhbz#1123870 This update adds debugging information to all the Java code included in the JDK, make it easier to debug the code.

Summary

The OpenJDK runtime environment.

Update Information:

updated to 8u45-b14 with hope to fix rhbz#1123870 This update adds debugging information to all the Java code included in the JDK, make it easier to debug the code.

Change Log

* Wed May 13 2015 Jiri Vanek - 1:1.8.0.45-35.b14 - updated to 8u45-b14 with hope to fix rhbz#1123870 * Thu Apr 16 2015 Omair Majid - 1:1.8.0.45-32.b13 - Build all java code with -g - Test at build-time to ensure debugging information is included - Resolves: rhbz#1150932 * Fri Apr 10 2015 Jiri Vanek - 1:1.8.0.45-31.b13 - repacked sources - added Patch204: zero-interpreter-fix.patch * Tue Apr 7 2015 Jiri Vanek - 1:1.8.0.45-30.b13 - updated to security u45 - deleted hotspot-build-j-directive.patch - adapted generate_source_tarball.sh, removeSunEcProvider-RH1154143.patch, repackReproduciblePolycies.sh * Thu Feb 12 2015 Jiri Vanek - 1:1.8.0.25-4.b12 - policies repacked to stop spamming yum update - added and used source20 repackReproduciblePolycies.sh - added mehanism to force priority size * Mon Jan 12 2015 Severin Gehwolf - 1:1.8.0.31-1.b13 - Update to January CPU patch update. * Fri Nov 7 2014 Jiri Vanek - 1:1.8.0.25-4.b12 - updated arm64 tarball to jdk8-jdk8u40-b12-aarch64-1263.tar.xz * Mon Nov 3 2014 Jiri Vanek - 1:1.8.0.25-3.b12 - updated aarch64 tarball to u40b12 * Fri Oct 24 2014 Jiri Vanek - 1:1.8.0.25-2.b18 - added patch12,removeSunEcProvider-RH1154143 - Add check for src.zip completeness. See RH1130490 (by sgehwolf@redhat.com) - Resolves: rhbz#1125260 * Mon Oct 20 2014 Omair Majid - 1:1.8.0.25-1.b18 - Apply patches accidentally left out * Wed Oct 15 2014 Jiri Vanek - 1:1.8.0.25-0.b18 - updated to security u25 - partial sync with f21 * Wed Sep 17 2014 Omair Majid - 1:1.8.0.10-10.b26 - Remove LIBDIR and funny definition of _libdir. - Fix rpmlint warnings about macros in comments. * Fri Aug 22 2014 Jiri Vanek - 1:1.8.0.11-9.b12 - fixed update to f21 - alternatrives forced to removal if there is more then one jdk even if it si update - and of course in case of removal - note: jdk f20 do not support multiple installs, jdk f21 do * Fri Aug 15 2014 Omair Majid - 1:1.8.0.11-8.b12 - Include all sources in src.zip - Resolves rhbz#1130490 * Mon Jul 21 2014 Jiri Vanek - 1:1.8.0.11-7.b12 - removed legacy aarch64 switches - --with-jvm-variants=client and --disable-precompiled-headers- added patch patch9999 enableArm64.patch to enable new hotspot * Tue Jul 15 2014 Jiri Vanek - 1:1.8.0.11-5.b12 - Attempt to update aarch64 *jdk* to u11b12, by resticting aarch64 sources to hotpot only - partial sync with f21 * Tue Jul 15 2014 Jiri Vanek - 1:1.8.0.11-1.b12 - updated to security u11b12 * Wed May 28 2014 Omair Majid - 1:1.8.0.5-4.b13 - Backport fix for JDK-8012224 * Fri May 16 2014 Jiri Vanek - 1:1.8.0.5-3.b13 - Disable doclint for compatiblity - Patch contributed by Andrew John Hughes * Wed Apr 23 2014 Omair Majid - 1:1.8.0.5-2.b13 - Change make flags to fix debuginfo generation - Fix suggested by Yasumasa Suenaga * Wed Apr 16 2014 Omair Majid - 1:1.8.0.5-1.b13 - Update to the 2014-04-15 security update. * Tue Mar 11 2014 Omair Majid - 1:1.8.0.0-0.34.b132 - Include jdeps and jjs for aarch64. These are present in b128. * Mon Mar 10 2014 Omair Majid - 1:1.8.0.0-0.33.b132 - Update aarch64 tarball to the latest upstream release * Fri Mar 7 2014 Omair Majid - 1:1.8.0.0-0.32.b132 - Fix `java -version` output * Fri Mar 7 2014 Jiri Vanek - 1:1.8.0.0-0.31.b132 - updated to rc4 aarch64 tarball - outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch patch2021 system-libpng-aarch64.patch * Thu Mar 6 2014 Omair Majid - 1:1.8.0.0-0.30.b132 - Update to b132 * Thu Mar 6 2014 Omair Majid - 1:1.8.0.0-0.29.b129 - Fix typo in STRIP_POLICY * Mon Mar 3 2014 Omair Majid - 1:1.8.0.0-0.28.b129 - Remove redundant debuginfo files - Generate complete debug information for libjvm * Tue Feb 25 2014 Omair Majid - 1:1.8.0.0-0.27.b129 - Fix non-headless libraries * Tue Feb 25 2014 Jiri Vanek - 1:1.8.0.0-0.26.b129 - Fix incorrect Requires * Thu Feb 13 2014 Omair Majid - 1:1.8.0.0-0.26.b129 - Add -headless subpackage based on java-1.7.0-openjdk - Add abrt connector support - Add -accessibility subpackage * Thu Feb 13 2014 Omair Majid - 1:1.8.0.0-0.26.b129 - Update to b129. * Fri Feb 7 2014 Omair Majid - 1:1.8.0.0-0.25.b126 - Update to candidate Reference Implementation release. * Fri Jan 31 2014 Omair Majid - 1:1.8.0.0-0.24.b123 - Forward port more patches from java-1.7.0-openjdk * Mon Jan 20 2014 Omair Majid - 1:1.8.0.0-0.23.b123 - Update to jdk8-b123 * Thu Nov 14 2013 Omair Majid - 1:1.8.0.0-0.22.b115 - Update to jdk8-b115 * Wed Oct 30 2013 Jiri Vanek - 1:1.8.0.0-0.21.b106 - added jre/lib/security/blacklisted.certs for aarch64 - updated to preview_rc2 aarch64 tarball * Sun Oct 6 2013 Omair Majid - 1:1.8.0.0-0.20.b106 - Fix paths in tapsets to work on non-x86_64 - Use system libjpeg

References

[ 1 ] Bug #1123870 - CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807) https://bugzilla.redhat.com/show_bug.cgi?id=1123870

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update java-1.8.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : java-1.8.0-openjdk
Product : Fedora 20
Version : 1.8.0.45
Release : 38.b14.fc20
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

Nov 5, 2023

Linux 6.6 Brings New Scheduler, File Sharing and Security

Nov 2, 2023

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo