Fedora 29: java-1.8.0-openjdk FEDORA-2019-a87aba290f

    Date25 Oct 2019
    CategoryFedora
    347
    Posted ByLinuxSecurity Advisories
    OpenJDK October CPU security update. See: https://openjdk.java.net/groups/vulnerability/advisories/2019-10-15 http://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-October/010452.html
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-a87aba290f
    2019-10-25 18:06:00.866958
    --------------------------------------------------------------------------------
    
    Name        : java-1.8.0-openjdk
    Product     : Fedora 29
    Version     : 1.8.0.232.b09
    Release     : 0.fc29
    URL         : http://openjdk.java.net/
    Summary     : OpenJDK Runtime Environment 8
    Description :
    The OpenJDK runtime environment 8.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    OpenJDK October CPU security update. See:
    https://openjdk.java.net/groups/vulnerability/advisories/2019-10-15
    http://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-October/010452.html
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Fri Oct 11 2019 Andrew Hughes  - 1:1.8.0.232.b09-0
    - Update to aarch64-shenandoah-jdk8u232-b09.
    - Switch to GA mode for final release.
    - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream.
    * Fri Oct 11 2019 Andrew Hughes  - 1:1.8.0.232.b08-0.0.ea
    - Update to aarch64-shenandoah-jdk8u232-b08.
    * Fri Oct 11 2019 Andrew Hughes  - 1:1.8.0.232.b05-0.1.ea
    - Update to aarch64-shenandoah-jdk8u232-b05-shenandoah-merge-2019-09-09.
    * Thu Oct 10 2019 Andrew Hughes  - 1:1.8.0.232.b05-0.0.ea
    - Update to aarch64-shenandoah-jdk8u232-b05.
    - Drop upstreamed patch JDK-8141570/PR3548.
    - Adjust context of JDK-8143245/PR3548 to apply against upstream JDK-8141570.
    * Fri Sep 27 2019 Andrew Hughes  - 1:1.8.0.232.b01-0.0.ea
    - Update to aarch64-shenandoah-jdk8u232-b01.
    - Switch to EA mode.
    - Drop JDK-8210761/RH1632174 as now upstream.
    - Drop JDK-8223219 as now upstream.
    - JDK-8226870 removed clhsdb and hdsdb from the JRE bin directory, so we should do likewise.
    - Add alternatives support for these two new SDK binaries.
    * Thu Aug 15 2019 Andrew Hughes  - 1:1.8.0.222.b10-3
    - Switch to in-tree SunEC code, dropping NSS runtime dependencies and patches to link against it.
    * Thu Aug  8 2019 Andrew Hughes  - 1:1.8.0.222.b10-2
    - Drop unnecessary build requirement on gtk2-devel, as OpenJDK searches for Gtk+ at runtime.
    - Add missing build requirements for libXext-devel and libXrender-devel, previously masked by Gtk2+ dependency.
    - fontconfig build requirement should be fontconfig-devel, previously masked by Gtk2+ dependency
    * Wed Jul 31 2019 Andrew Hughes  - 1:1.8.0.222.b10-1
    - Obsolete javadoc-debug and javadoc-debug-zip packages via javadoc and javadoc-zip respectively.
    * Wed Jul 31 2019 Severin Gehwolf  - 1:1.8.0.222.b10-1
    - Don't produce javadoc/javadoc-zip sub packages for the debug variant build.
    - Don't perform a bootcycle build for the debug variant build.
    * Thu Jul 11 2019 Andrew Hughes  - 1:1.8.0.222.b10-0
    - Update to aarch64-shenandoah-jdk8u222-b10.
    - Adjust PR3083/RH134640 to apply after JDK-8182999
    - Switch to GA mode for final release.
    * Mon Jul  8 2019 Andrew Hughes  - 1:1.8.0.222.b07-0.0.ea
    - Update to aarch64-shenandoah-jdk8u222-b07 and Shenandoah merge 2019-06-13.
    - Drop remaining JDK-8210425/RH1632174 patch now AArch64 part is upstream.
    * Mon Jul  8 2019 Andrew Hughes  - 1:1.8.0.222.b03-0.0.ea
    - Update to aarch64-shenandoah-jdk8u222-b03.
    - Drop 8210425 patches applied upstream. Still need to add AArch64 version in aarch64/shenandoah-jdk8u.
    - Re-generate JDK-8141570 & JDK-8143245 patches due to 8210425 zeroshark.make changes.
    * Mon Jul  8 2019 Andrew Hughes  - 1:1.8.0.222.b02-0.0.ea
    - Update to aarch64-shenandoah-jdk8u222-b02.
    - Drop 8064786/PR3599 & 8210416/RH1632174 as applied upstream (8064786 silently in 8176100).
    * Sun Jul  7 2019 Andrew Hughes  - 1:1.8.0.222.b01-0.2.ea
    - Make use of Recommends and Suggests dependent on Fedora or RHEL 8+ environment.
    * Sun Jul  7 2019 Andrew Hughes  - 1:1.8.0.222.b01-0.1.ea
    - Update to aarch64-shenandoah-jdk8u222-b01.
    - Refactor PR2888 after inclusion of 8129988 upstream. Now includes PR3575.
    - Drop 8171000 & 8197546 as applied upstream.
    * Wed Jul  3 2019 Severin Gehwolf  - 1:1.8.0.212.b04-6
    - Include 'ea' designator in Release when appropriate.
    * Wed Jul  3 2019 Andrew Hughes  - 1:1.8.0.212.b04-6
    - Handle milestone as variables so we can alter it easily and set the docs zip filename appropriately.
    - Drop unused use_shenandoah_hotspot variable.
    * Fri Jun 14 2019 Andrew John Hughes  - 1:1.8.0.212.b04-5
    - Update to aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30.
    - Update version logic to handle -shenandoah* tag suffix.
    - Drop PR3634 as applied upstream.
    - Adjust 8214206 fix for S390 as BinaryMagnitudeSeq moved to shenandoahNumberSeq.cpp
    - Update 8214206 to use log2_long rather than casting to intptr_t, which may be smaller than size_t.
    * Wed May 22 2019 Andrew John Hughes  - 1:1.8.0.212.b04-4
    - Remove additions to EXTRA_CFLAGS and EXTRA_CPP_FLAGS which are now made by upstream.
    - Remove -mstackrealign addition which is handled by PR3533 & PR3591 patches.
    * Wed May 22 2019 Andrew Hughes  - 1:1.8.0.212.b04-3
    - Add JDK-8223219 to avoid -fstack-protector overriding -fstack-protector-strong
    * Wed May 15 2019 James Cassell  - 1:1.8.0.212.b04-2
    - mark net.properties as a config file
    * Mon May 13 2019 Severin Gehwolf  - 1:1.8.0.212.b04-1
    - Update patch for RH1566890.
      - Renamed rh1566890_speculative_store_bypass_so_added_more_per_task_speculation_control_CVE_2018_3639 to
        rh1566890-CVE_2018_3639-speculative_store_bypass.patch
      - Added dependent patch,
        rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
    * Thu Apr 11 2019 Andrew Hughes  - 1:1.8.0.212.b04-0
    - Update to aarch64-shenandoah-jdk8u212-b04.
    * Thu Apr 11 2019 Andrew Hughes  - 1:1.8.0.212.b03-0
    - Update to aarch64-shenandoah-jdk8u212-b03.
    * Tue Apr  9 2019 Andrew Hughes  - 1:1.8.0.212.b02-0
    - Update to aarch64-shenandoah-jdk8u212-b02.
    - Remove patches included upstream
      - JDK-8197429/PR3546/RH153662{2,3}
      - JDK-8184309/PR3596
      - JDK-8210647/RH1632174
      - JDK-8029661/PR3642/RH1477159
      - JDK-8145096/PR3693
    - Re-generate patches
      - JDK-8203030
    - Add casts to resolve s390 ambiguity in calls to log2_intptr
    - Move JDK-8219772 to correct section as not yet upstreamed
    - Add new clhsdb and hsdb binaries.
    - Resolves: rhbz#1680640
    * Sun Apr  7 2019 Andrew Hughes  - 1:1.8.0.202.b08-0
    - Update to aarch64-shenandoah-jdk8u202-b08.
    - Remove patches included upstream
      - JDK-8211387/PR3559
      - JDK-8207057/PR3613
      - JDK-8165852/PR3468
      - JDK-8073139/PR1758/RH1191652
      - JDK-8044235
      - JDK-8172850/RH1640127
      - JDK-8209639/RH1640127
      - JDK-8131048/PR3574/RH1498936
      - JDK-8164920/PR3574/RH1498936
    - Re-generate patches
      - JDK-8210647/RH1632174
    * Thu Apr  4 2019 Andrew Hughes  - 1:1.8.0.201.b13-0
    - Update to aarch64-shenandoah-jdk8u201-b13.
    - Drop JDK-8160748 & JDK-8189170 AArch64 patches now applied upstream.
    * Fri Mar 29 2019 Andrew John Hughes  - 1:1.8.0.201.b09-8
    - Sync SystemTap & desktop files with upstream IcedTea release using new script
    * Mon Mar 11 2019 Severin Gehwolf  - 1:1.8.0.201.b09-6
    - Add -Wa,--generate-missing-build-notes=yes C flags and patch
      jdk8219772-extra_c_cxx_flags_not_picked_for_assembler_source.patch. So
      as to fix annocheck warnings for assembler source files.
    * Tue Feb 19 2019 Severin Gehwolf  - 1:1.8.0.201.b09-5
    - Add a test verifying system crypto policies can be disabled
    * Tue Feb 19 2019 Andrew Hughes  - 1:1.8.0.201.b09-4
    - Add PR3655 to allow the system crypto policy to be turned off.
    * Mon Feb 11 2019 Jiri Vanek   - 1:1.8.0.201.b09-3
    - config files to etc
    * Wed Feb  6 2019 Andrew John Hughes  - 1:1.8.0.201.b09-2
    - Add backport of JDK-8145096 (PR3693) to fix undefined behaviour issues on newer GCCs
    * Tue Feb  5 2019 Andrew Hughes  - 1:1.8.0.201.b09-1
    - Update to aarch64-shenandoah-jdk8u201-b09.
    * Tue Feb  5 2019 Nicolas De Amicis  - 1:1.8.0.192.b12-1
    - Added FX link of libglassgtk3.so
    * Wed Jan 30 2019 Andrew Hughes  - 1:1.8.0.192.b12-0
    - Update to aarch64-shenandoah-jdk8u192-b12.
    - Remove patches included upstream
      - JDK-8031668/PR2842
      - JDK-8148351/PR2842
      - JDK-6260348/PR3066
      - JDK-8061305/PR3335/RH1423421
      - JDK-8188030/PR3459/RH1484079
      - JDK-8205104/PR3539/RH1548475
      - JDK-8185723/PR3553
      - JDK-8186461/PR3557
      - JDK-8201509/PR3579
      - JDK-8075942/PR3602
      - JDK-8203182/PR3603
      - JDK-8206406/PR3610/RH1597825
      - JDK-8206425
      - JDK-8036003
      - JDK-8201495/PR2415
      - JDK-8150954/PR2866/RH1176206
    - Re-generate patches (mostly due to upstream build changes)
      - JDK-8073139/PR1758/RH1191652
      - JDK-8143245/PR3548 (due to JDK-8202600)
      - JDK-8197429/PR3546/RH1536622 (due to JDK-8189170)
      - JDK-8199936/PR3533
      - JDK-8199936/PR3591
      - JDK-8207057/PR3613
      - JDK-8210761/RH1632174 (due to JDK-8207402)
      - PR3559 (due to JDK-8185723/JDK-8186461/JDK-8201509)
      - PR3593 (due to JDK-8081202)
      - RH1566890/CVE-2018-3639 (due to JDK-8189170)
      - RH1649664 (due to JDK-8196516)
    - Add 8160748 for AArch64 which is missing from upstream 8u version.
    - Add port of 8189170 to AArch64 which is missing from upstream 8u version.
    * Mon Jan 28 2019 Andrew Hughes  - 1:1.8.0.191.b14-1
    - Add 8131048 & 8164920 (PR3574/RH1498936) to provide a CRC32 intrinsic for PPC64.
    * Thu Jan 24 2019 Andrew Hughes  - 1:1.8.0.191.b14-0
    - Introduce sa_arches for architectures with sa-jdi.jar and include aarch64
    * Thu Jan 10 2019 Andrew Hughes  - 1:1.8.0.191.b14-0
    - Update to aarch64-shenandoah-jdk8u191-b14.
    - Adjust JDK-8073139/PR1758/RH1191652 to apply following 8155627 backport.
    * Wed Jan  9 2019 Andrew Hughes  - 1:1.8.0.191.b13-0
    - Update to aarch64-shenandoah-jdk8u191-b13.
    - Update tarball generation script in preparation for PR3667/RH1656676 SunEC changes.
    - Use remove-intree-libraries.sh to remove the remaining SunEC code for now.
    * Wed Dec 19 2018 Andrew John Hughes  - 1:1.8.0.191.b12-13
    - Fix jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_jdk.patch paths to pass git apply
    * Mon Dec 10 2018 Jiri Vanek  - 1:1.8.0.191.b12-12
    - adde fx link of libglassgtk2.so (rhbz1657485)
    * Thu Nov 22 2018 Andrew John Hughes  - 1:1.8.0.191.b12-11
    - Add backport of JDK-8029661 which adds TLSv1.2 support to the PKCS11 provider.
    * Tue Nov 13 2018 Andrew Hughes  - 1:1.8.0.191.b12-10
    - Revise Shenandoah PR3634 patch following upstream discussion.
    * Wed Nov  7 2018 Jiri Vanek  - 1:1.8.0.191.b12-9
    - headfull suggests of cups, replaced by Requires of cups-libs in headless
    * Wed Nov  7 2018 Andrew Hughes  - 1:1.8.0.191.b12-9
    - Note why PR1834/RH1022017 is not suitable to go upstream in its current form.
    * Mon Nov  5 2018 Andrew Hughes  - 1:1.8.0.191.b12-9
    - Document patch sections.
    * Mon Nov  5 2018 Andrew Hughes  - 1:1.8.0.191.b12-9
    - Fix patch organisation in the spec file:
    -   * Move ECC patches back to upstreamable section
    -   * Move system cacerts & crypto policy patches to upstreamable section
    -   * Merge "Local fixes" and "RPM fixes" which amount to the same thing
    -   * Move system libpng & lcms patches back to 8u upstreamable section
    * Fri Oct 26 2018 Jiri Vanek  - 1:1.8.0.191.b12-8
    - added Patch583 jdk8172850-rh1640127-01-register_allocator_crash.patch
    - added Patch584 jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch
    * Tue Oct 23 2018 Jiri Vanek  - 1:1.8.0.191.b12-2
    - cups moved to headful package
    * Tue Oct 23 2018 Jiri Vanek  - 1:1.8.0.191.b12-1
    - updated to aarch64-shenandoah-jdk8u191-b12
    - deleted 8146115-pr3508-rh1463098.patch, pr3619.patch, pr3620.patch - should be upstreamed
    - create pr3634-fix_shenandoah_for_size_t_on_s390.patch to fix build failure on s390
    * Fri Oct 12 2018 Severin Gehwolf  - 1:1.8.0.181.b15-7
    - Add patch jdk8210425-rh1632174-03-compile_with_o2_and_ffp_contract_off_as_for_fdlibm_zero.patch:
      - Annother fix for optimization gaps (annocheck issues)
      - Zero 8u version fix was missing. Hence, only shows up on Zero arches.
    * Mon Oct  8 2018 Severin Gehwolf  - 1:1.8.0.181.b15-6
    - Refreshed upstreamed patches (from 8u202):
      - jdk8044235-src_zip_should_include_all_sources.patch: src.zip should include all sources.
      - jdk8073139-pr2236-rh1191652--use_ppc64le_as_the_arch_directory_on_that_platform_and_report_it_in_os_arch_aarch64_forest.patch,
        jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_jdk.patch,
        jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_root.patch: PPC64LE JVM reporting issues.
    - Moved both patch series to 8u202 sections.
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-a87aba290f' at the command
    line. For more information, refer to the dnf documentation available at
    http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"66","type":"x","order":"1","pct":57.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.57,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.