Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Fedora 28: FEDORA-2018-4d58785bcd Critical: OpenJDK Runtime Issue

fedora
Calendar Grey July 29, 2018
Dist Fedora Esm H88
An important security patch for OpenJDK on Fedora 28 has been released to fix several vulnerabilities. Please follow the provided installation guidelines to ensure your system is secure.
Security critical patch update for OpenJDK (July CPU)

Summary

The OpenJDK runtime environment.

Security critical patch update for OpenJDK (July CPU). See

https://www.oracle.com/security-alerts/cpujul2018.html

* Mon Jul 23 2018 Jiri Vanek - 11:1.8.0.181-7.b13

- updated to u181

- patches aligned according to rhel7 (full credit to gnu_andrew)

- removed upstreamed patch104 pr3458-rh1540242-aarch64.patch

- removed upstreamed patch568 8187577-pr3578.patch

* Tue Jul 17 2018 Jiri Vanek - 11:1.8.0.172-16.b11

- added Recommends gtk2 for main package

- added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package

- see RHBZ1598152

* Tue Jul 10 2018 Severin Gehwolf - 1:1.8.0.172-13.b11

- Fix hook to show hs_err*.log files on failures.

* Mon Jul 2 2018 Severin Gehwolf - 1:1.8.0.172-12.b11

- Fix requires/provides filters for internal libs. See

RHBZ#1590796

* Wed Jun 20 2018 Andrew Hughes - 1:1.8.0.172-11.b11

- Add additional fix (PR3601) to fix -Wreturn-type failures introduced by 8061651

- Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds.

- Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on AArch64.

- Sync with IcedTea 3.8.0 patches to use -Wreturn-type.

- Add backports of 8141570, 8143245, 8197981 & 8062808.

- Drop pr3458-rh1540242-zero.patch which is covered by 8143245.

* Wed Jun 20 2018 Jiri Vanek - 11:1.8.0.172-10.b11

- jsa files changed to 444 to pass rpm verification

* Mon Jun 18 2018 Severin Gehwolf - 1:1.8.0.172-9.b11

- Filter private provides/requires: 'lib.so(SUNWprivate_.*'

* Thu Jun 14 2018 Severin Gehwolf - 1:1.8.0.172-8.b11

- Add provides/requires for libjvm.so back. See RHBZ#1591215.

* Wed Jun 13 2018 Severin Gehwolf - 1:1.8.0.172-7.b11

- Fix reg-ex for filtering private libraries' provides/requires.

* Wed Jun 13 2018 Andrew Hughes - 1:1.8.0.172-6.b11

- Remove build flags exemption for aarch64 now the platform is more mature and can bootstrap OpenJDK with these flags.

- Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags.

- Add missing changelog credits

* Mon Jun 11 2018 Jiri Vanek - 1:1.8.0.172-5.b11

- Merge changes from RHEL 7

* Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11

- Read jssecacerts file prior to trying either cacerts file (system or local) (PR3575)

* Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11

- Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should be PR3546)

* Thu Jun 7 2018 Andrew Hughes - 1:1.8.0.172-5.b11

- Update Shenandoah tarball to include 2018-05-15 merge.

- Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be skipped on Shenandoah builds.

- Drop PR3573 patch applied upstream.

- Restrict 8187577 fix to non-Shenandoah builds, as it's included in the new tarball.

* Thu Jun 7 2018 Andrew Hughes - 1:1.8.0.172-5.b11

- Sync with IcedTea 3.8.0.

- Label architecture-specific fixes with architecture concerned

- x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround)

- PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build

- 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland mode

- 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds

- 8185723, PR3553: Zero: segfaults on Power PC 32-bit

- 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on linux-powerpcspe

- PR3559: Use ldrexd for atomic reads on ARMv7.

- 8187577, PR3578: JVM crash during gc doing concurrent marking

- 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong

- 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile

- PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code

- 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26

* Wed Jun 6 2018 Jiri Vanek - 1:1.8.0.172-1.b11

- updated to u172-b11

- removed patches:

- patch207 8200556-pr3566.patch

- patch104 pr3458-rh1540242.patch

- patch209 8035496-hotspot.patch

- patch700 pr3573.patch

* Thu May 17 2018 Severin Gehwolf - 1:1.8.0.171-6.b10

- Move to javapackages-filesystem over javapackages-tools

for directory ownership. Resolves RHBZ#1500288.

* Fri May 4 2018 Severin Gehwolf - 1:1.8.0.171-5.b10

- Remove duplicate patch rhbz_1538767_fix_linking2.patch. Just use

rhbz_1538767_fix_linking.patch.

* Wed Apr 25 2018 Severin Gehwolf - 1:1.8.0.171-4.b10

- Enable hardened build unconditionally (also for Zero).

Resolves RHBZ#1290936.

* Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-3.b10

- Enable hardened build for Aarch64.

* Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-2.b10

- Update rhbz1548475-LDFLAGSusage.patch to also set linker

flags for libsaproc.so and libjsig.so.

* Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.171-1.b10

- Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10.

- Fix jconsole.desktop.in subcategory, replacing "Monitor" with "Profiling" (PR3550) (gnu_andrew)

- Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add misisng ones (gnu_andrew)

* Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.162-7.b12

- added ownership of policy dir and subdirs

- removed ignored attributes for classes.jsa

* Tue Apr 10 2018 Severin Gehwolf - 1:1.8.0.162-6.b12

- Use correct patch for RHBZ#1538767 (JDK-8196516)

* Mon Apr 2 2018 Andrew Hughes - 1:1.8.0.162-5.b12

- Cleanup from previous commit.

- Remove unused upstream patch 8167200.hotspotAarch64.patch.

[ 1 ] Bug #1509371 - JDK UseCGroupMemoryLimitForHeap not systemd compatible

https://bugzilla.redhat.com/show_bug.cgi?id=1509371

su -c 'dnf upgrade --advisory FEDORA-2018-4d58785bcd' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQOPSPGKVQCFIE2XTLU2LMNWETD7N4HS/

Topics%20covered

Topics Covered

security advisory security update critical Fedora OpenJDK runtime issue Java patch

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 28
Version: 1.8.0.181
Release: 7.b13.fc28
URL: https://openjdk.org/
Summary: OpenJDK Runtime Environment 8

Topics%20covered

Topics Covered

security advisory security update critical Fedora OpenJDK runtime issue Java patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here