Fedora 28: java-1.8.0-openjdk Security Update 2018-4d58785bcd
Summary
The OpenJDK runtime environment.
Security critical patch update for OpenJDK (July CPU). See
https://www.oracle.com/security-alerts/cpujul2018.html
* Mon Jul 23 2018 Jiri Vanek
- updated to u181
- patches aligned according to rhel7 (full credit to gnu_andrew)
- removed upstreamed patch104 pr3458-rh1540242-aarch64.patch
- removed upstreamed patch568 8187577-pr3578.patch
* Tue Jul 17 2018 Jiri Vanek
- added Recommends gtk2 for main package
- added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package
- see RHBZ1598152
* Tue Jul 10 2018 Severin Gehwolf
- Fix hook to show hs_err*.log files on failures.
* Mon Jul 2 2018 Severin Gehwolf
- Fix requires/provides filters for internal libs. See
RHBZ#1590796
* Wed Jun 20 2018 Andrew Hughes
- Add additional fix (PR3601) to fix -Wreturn-type failures introduced by 8061651
- Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds.
- Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on AArch64.
- Sync with IcedTea 3.8.0 patches to use -Wreturn-type.
- Add backports of 8141570, 8143245, 8197981 & 8062808.
- Drop pr3458-rh1540242-zero.patch which is covered by 8143245.
* Wed Jun 20 2018 Jiri Vanek
- jsa files changed to 444 to pass rpm verification
* Mon Jun 18 2018 Severin Gehwolf
- Filter private provides/requires: 'lib.so(SUNWprivate_.*'
* Thu Jun 14 2018 Severin Gehwolf
- Add provides/requires for libjvm.so back. See RHBZ#1591215.
* Wed Jun 13 2018 Severin Gehwolf
- Fix reg-ex for filtering private libraries' provides/requires.
* Wed Jun 13 2018 Andrew Hughes
- Remove build flags exemption for aarch64 now the platform is more mature and can bootstrap OpenJDK with these flags.
- Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags.
- Add missing changelog credits
* Mon Jun 11 2018 Jiri Vanek
- Merge changes from RHEL 7
* Mon Jun 11 2018 Andrew Hughes
- Read jssecacerts file prior to trying either cacerts file (system or local) (PR3575)
* Mon Jun 11 2018 Andrew Hughes
- Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should be PR3546)
* Thu Jun 7 2018 Andrew Hughes
- Update Shenandoah tarball to include 2018-05-15 merge.
- Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be skipped on Shenandoah builds.
- Drop PR3573 patch applied upstream.
- Restrict 8187577 fix to non-Shenandoah builds, as it's included in the new tarball.
* Thu Jun 7 2018 Andrew Hughes
- Sync with IcedTea 3.8.0.
- Label architecture-specific fixes with architecture concerned
- x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround)
- PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build
- 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland mode
- 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds
- 8185723, PR3553: Zero: segfaults on Power PC 32-bit
- 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on linux-powerpcspe
- PR3559: Use ldrexd for atomic reads on ARMv7.
- 8187577, PR3578: JVM crash during gc doing concurrent marking
- 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong
- 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile
- PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code
- 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26
* Wed Jun 6 2018 Jiri Vanek
- updated to u172-b11
- removed patches:
- patch207 8200556-pr3566.patch
- patch104 pr3458-rh1540242.patch
- patch209 8035496-hotspot.patch
- patch700 pr3573.patch
* Thu May 17 2018 Severin Gehwolf
- Move to javapackages-filesystem over javapackages-tools
for directory ownership. Resolves RHBZ#1500288.
* Fri May 4 2018 Severin Gehwolf
- Remove duplicate patch rhbz_1538767_fix_linking2.patch. Just use
rhbz_1538767_fix_linking.patch.
* Wed Apr 25 2018 Severin Gehwolf
- Enable hardened build unconditionally (also for Zero).
Resolves RHBZ#1290936.
* Tue Apr 24 2018 Severin Gehwolf
- Enable hardened build for Aarch64.
* Tue Apr 24 2018 Severin Gehwolf
- Update rhbz1548475-LDFLAGSusage.patch to also set linker
flags for libsaproc.so and libjsig.so.
* Wed Apr 18 2018 Jiri Vanek
- Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10.
- Fix jconsole.desktop.in subcategory, replacing "Monitor" with "Profiling" (PR3550) (gnu_andrew)
- Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add misisng ones (gnu_andrew)
* Wed Apr 18 2018 Jiri Vanek
- added ownership of policy dir and subdirs
- removed ignored attributes for classes.jsa
* Tue Apr 10 2018 Severin Gehwolf
- Use correct patch for RHBZ#1538767 (JDK-8196516)
* Mon Apr 2 2018 Andrew Hughes
- Cleanup from previous commit.
- Remove unused upstream patch 8167200.hotspotAarch64.patch.
[ 1 ] Bug #1509371 - JDK UseCGroupMemoryLimitForHeap not systemd compatible
https://bugzilla.redhat.com/show_bug.cgi?id=1509371
su -c 'dnf upgrade --advisory FEDORA-2018-4d58785bcd' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQOPSPGKVQCFIE2XTLU2LMNWETD7N4HS/
FEDORA-2018-4d58785bcd 2018-07-29 03:19:11.836617 Product : Fedora 28 Version : 1.8.0.181 Release : 7.b13.fc28 URL : https://openjdk.org/ Summary : OpenJDK Runtime Environment 8 Description : The OpenJDK runtime environment. Security critical patch update for OpenJDK (July CPU). See https://www.oracle.com/security-alerts/cpujul2018.html * Mon Jul 23 2018 Jiri Vanek - 11:1.8.0.181-7.b13 - updated to u181 - patches aligned according to rhel7 (full credit to gnu_andrew) - removed upstreamed patch104 pr3458-rh1540242-aarch64.patch - removed upstreamed patch568 8187577-pr3578.patch * Tue Jul 17 2018 Jiri Vanek - 11:1.8.0.172-16.b11 - added Recommends gtk2 for main package - added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package - see RHBZ1598152 * Tue Jul 10 2018 Severin Gehwolf - 1:1.8.0.172-13.b11 - Fix hook to show hs_err*.log files on failures. * Mon Jul 2 2018 Severin Gehwolf - 1:1.8.0.172-12.b11 - Fix requires/provides filters for internal libs. See RHBZ#1590796 * Wed Jun 20 2018 Andrew Hughes - 1:1.8.0.172-11.b11 - Add additional fix (PR3601) to fix -Wreturn-type failures introduced by 8061651 - Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds. - Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on AArch64. - Sync with IcedTea 3.8.0 patches to use -Wreturn-type. - Add backports of 8141570, 8143245, 8197981 & 8062808. - Drop pr3458-rh1540242-zero.patch which is covered by 8143245. * Wed Jun 20 2018 Jiri Vanek - 11:1.8.0.172-10.b11 - jsa files changed to 444 to pass rpm verification * Mon Jun 18 2018 Severin Gehwolf - 1:1.8.0.172-9.b11 - Filter private provides/requires: 'lib.so(SUNWprivate_.*' * Thu Jun 14 2018 Severin Gehwolf - 1:1.8.0.172-8.b11 - Add provides/requires for libjvm.so back. See RHBZ#1591215. * Wed Jun 13 2018 Severin Gehwolf - 1:1.8.0.172-7.b11 - Fix reg-ex for filtering private libraries' provides/requires. * Wed Jun 13 2018 Andrew Hughes - 1:1.8.0.172-6.b11 - Remove build flags exemption for aarch64 now the platform is more mature and can bootstrap OpenJDK with these flags. - Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags. - Add missing changelog credits * Mon Jun 11 2018 Jiri Vanek - 1:1.8.0.172-5.b11 - Merge changes from RHEL 7 * Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11 - Read jssecacerts file prior to trying either cacerts file (system or local) (PR3575) * Mon Jun 11 2018 Andrew Hughes - 1:1.8.0.172-5.b11 - Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should be PR3546) * Thu Jun 7 2018 Andrew Hughes - 1:1.8.0.172-5.b11 - Update Shenandoah tarball to include 2018-05-15 merge. - Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be skipped on Shenandoah builds. - Drop PR3573 patch applied upstream. - Restrict 8187577 fix to non-Shenandoah builds, as it's included in the new tarball. * Thu Jun 7 2018 Andrew Hughes - 1:1.8.0.172-5.b11 - Sync with IcedTea 3.8.0. - Label architecture-specific fixes with architecture concerned - x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations (-mstackrealign workaround) - PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build - 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland mode - 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds - 8185723, PR3553: Zero: segfaults on Power PC 32-bit - 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on linux-powerpcspe - PR3559: Use ldrexd for atomic reads on ARMv7. - 8187577, PR3578: JVM crash during gc doing concurrent marking - 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong - 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile - PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code - 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26 * Wed Jun 6 2018 Jiri Vanek - 1:1.8.0.172-1.b11 - updated to u172-b11 - removed patches: - patch207 8200556-pr3566.patch - patch104 pr3458-rh1540242.patch - patch209 8035496-hotspot.patch - patch700 pr3573.patch * Thu May 17 2018 Severin Gehwolf - 1:1.8.0.171-6.b10 - Move to javapackages-filesystem over javapackages-tools for directory ownership. Resolves RHBZ#1500288. * Fri May 4 2018 Severin Gehwolf - 1:1.8.0.171-5.b10 - Remove duplicate patch rhbz_1538767_fix_linking2.patch. Just use rhbz_1538767_fix_linking.patch. * Wed Apr 25 2018 Severin Gehwolf - 1:1.8.0.171-4.b10 - Enable hardened build unconditionally (also for Zero). Resolves RHBZ#1290936. * Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-3.b10 - Enable hardened build for Aarch64. * Tue Apr 24 2018 Severin Gehwolf - 1:1.8.0.171-2.b10 - Update rhbz1548475-LDFLAGSusage.patch to also set linker flags for libsaproc.so and libjsig.so. * Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.171-1.b10 - Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10. - Fix jconsole.desktop.in subcategory, replacing "Monitor" with "Profiling" (PR3550) (gnu_andrew) - Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add misisng ones (gnu_andrew) * Wed Apr 18 2018 Jiri Vanek - 1:1.8.0.162-7.b12 - added ownership of policy dir and subdirs - removed ignored attributes for classes.jsa * Tue Apr 10 2018 Severin Gehwolf - 1:1.8.0.162-6.b12 - Use correct patch for RHBZ#1538767 (JDK-8196516) * Mon Apr 2 2018 Andrew Hughes - 1:1.8.0.162-5.b12 - Cleanup from previous commit. - Remove unused upstream patch 8167200.hotspotAarch64.patch. [ 1 ] Bug #1509371 - JDK UseCGroupMemoryLimitForHeap not systemd compatible https://bugzilla.redhat.com/show_bug.cgi?id=1509371 su -c 'dnf upgrade --advisory FEDORA-2018-4d58785bcd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQOPSPGKVQCFIE2XTLU2LMNWETD7N4HS/
Change Log
References
Update Instructions
