Fedora 29: java-11-openjdk FEDORA-2019-4bafcdb85f

    Date25 Oct 2019
    CategoryFedora
    349
    Posted ByLinuxSecurity Advisories
    Update to OpenJDK October CPU (security update). See: https://openjdk.java.net/groups/vulnerability/advisories/2019-10-15 http://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-October/002025.html
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-4bafcdb85f
    2019-10-25 18:06:00.867093
    --------------------------------------------------------------------------------
    
    Name        : java-11-openjdk
    Product     : Fedora 29
    Version     : 11.0.5.10
    Release     : 0.fc29
    URL         : http://openjdk.java.net/
    Summary     : OpenJDK Runtime Environment 11
    Description :
    The OpenJDK runtime environment.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Update to OpenJDK October CPU (security update). See:
    https://openjdk.java.net/groups/vulnerability/advisories/2019-10-15
    http://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-October/002025.html
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Wed Oct  9 2019 Andrew Hughes  - 1:11.0.5.10-0
    - Update to shenandoah-jdk-11.0.5+10 (GA)
    - Switch to GA mode for final release.
    * Mon Oct  7 2019 Andrew Hughes  - 1:11.0.5.9-0.0.ea
    - Update to shenandoah-jdk-11.0.5+9 (EA)
    * Tue Aug 27 2019 Andrew Hughes  - 1:11.0.5.2-0.2.ea
    - Update generate_source_tarball.sh script to use the PR3751 patch and retain the secp256k1 curve.
    - Regenerate source tarball using the updated script and add the -'4curve' suffix.
    - PR3751 includes the changes in the PR1834/RH1022017 patch which is removed.
    * Sat Aug 24 2019 Andrew John Hughes  - 1:11.0.5.2-0.1.ea
    - Update to shenandoah-jdk-11.0.5+2 (EA)
    * Mon Aug 12 2019 Andrew Hughes  - 1:11.0.5.1-0.1.ea
    - Update to shenandoah-jdk-11.0.5+1 (EA)
    - Switch to EA mode for 11.0.5 pre-release builds.
    * Thu Aug  8 2019 Andrew Hughes  - 1:11.0.4.11-4
    - Switch to in-tree SunEC code, dropping NSS runtime dependencies and patches to link against it.
    * Fri Jul 26 2019 Andrew John Hughes  - 1:11.0.4.11-3
    - Drop unnecessary build requirement on gtk3-devel, as OpenJDK searches for Gtk+ at runtime.
    - Add missing build requirement for libXrender-devel, previously masked by Gtk3+ dependency
    - Add missing build requirement for libXrandr-devel, previously masked by Gtk3+ dependency
    - fontconfig build requirement should be fontconfig-devel, previously masked by Gtk3+ dependency
    * Tue Jul  9 2019 Andrew Hughes  - 1:11.0.4.11-0
    - Update to shenandoah-jdk-11.0.4+11 (GA)
    - Switch to GA mode for final release.
    * Mon Jul  8 2019 Andrew Hughes  - 1:11.0.4.10-0.2.ea
    - Obsolete javadoc-slowdebug and javadoc-slowdebug-zip packages via javadoc and javadoc-zip respectively.
    * Mon Jul  8 2019 Andrew Hughes  - 1:11.0.4.10-0.1.ea
    - Update to shenandoah-jdk-11.0.4+10 (EA)
    * Sun Jun 30 2019 Andrew John Hughes  - 1:11.0.4.2-0.1.ea
    - Update to shenandoah-jdk-11.0.4+2 (EA)
    * Fri Jun 21 2019 Severin Gehwolf  - 1:11.0.4.2-0.1.ea
    - Package jspawnhelper (see JDK-8220360).
    * Fri Jun 21 2019 Severin Gehwolf  - 1:11.0.3.7-6
    - Include 'ea' designator in Release when appropriate.
    * Wed May 22 2019 Andrew Hughes  - 1:11.0.3.7-6
    - Handle milestone as variables so we can alter it easily and set the docs zip filename appropriately.
    * Thu Apr 25 2019 Severin Gehwolf  - 1:11.0.3.7-3
    - Don't produce javadoc/javadoc-zip sub packages for the
      debug variant build.
    - Don't perform a bootcycle build for the debug variant build.
    * Wed Apr 24 2019 Severin Gehwolf  - 1:11.0.3.7-2
    - Don't generate lib-style requires for -slowdebug subpackages.
    - Resolves: RHBZ#1702379
    * Tue Apr 23 2019 Severin Gehwolf  - 1:11.0.3.7-1
    - Fix requires/provides for the non-system JDK case. JDK 11
      isn't a system JDK at this point.
    - Resolves: RHBZ#1702324
    * Sun Apr  7 2019 Andrew Hughes  - 1:11.0.3.7-0
    - Update to shenandoah-jdk-11.0.3+7 (April 2019 GA)
    * Sat Apr  6 2019 Andrew Hughes  - 1:11.0.3.6-0
    - Update to shenandoah-jdk-11.0.3+6 (April 2019 EA)
    - Drop JDK-8210416/RH1632174 applied upstream.
    - Drop JDK-8210425/RH1632174 applied upstream.
    - Drop JDK-8210647/RH1632174 applied upstream.
    - Drop JDK-8210761/RH1632174 applied upstream.
    - Drop JDK-8210703/RH1632174 applied upstream.
    - Add cast to resolve s390 ambiguity in call to log2_intptr
    * Thu Mar 21 2019 Severin Gehwolf  - 1:11.0.2.7-9
    - Add patch for RH1566890
    * Mon Mar 11 2019 Severin Gehwolf  - 1:11.0.2.7-7
    - Add -Wa,--generate-missing-build-notes=yes C flags. So as to
      fix annocheck warnings for assembler source files.
    * Tue Feb 26 2019 Severin Gehwolf  - 1:11.0.2.7-6
    - Don't package lib/client and lib/client/classes.jsa
      which don't exist.
    - Resolves: RHBZ#1643469
    * Tue Feb 19 2019 Severin Gehwolf  - 1:11.0.2.7-5
    - Add explicit requirement for libXcomposite which is used when performing
      screenshots from Java.
    - Add explicit BR unzip required for building OpenJDK.
    * Thu Feb 14 2019 Severin Gehwolf  - 1:11.0.2.7-4
    - Add a test verifying system crypto policies can be disabled
    * Tue Feb 12 2019 Severin Gehwolf  - 1:11.0.2.7-3
    - Don't build the test images needlessly.
    * Thu Feb  7 2019 Andrew John Hughes  - 1:11.0.2.7-2
    - Add PR3695 to allow the system crypto policy to be turned off.
    - Correct original system crypto policy patch to refer to OpenJDK 11 bug (PR3694)
    * Tue Jan 15 2019 Andrew Hughes  - 1:11.0.2.7-0
    - Update to shenandoah-jdk-11.0.2+7 (January 2019 CPU)
    - Drop JDK-8211105/RH1628612/RH1630996 applied upstream.
    - Drop JDK-8209639/RH1640127 applied upstream.
    - Re-generate JDK-8210416/RH1632174 following JDK-8209786
    * Fri Jan 11 2019 Andrew Hughes  - 1:11.0.1.13-11
    - Update to shenandoah-jdk-11.0.1+13-20190101
    - Update tarball generation script in preparation for PR3681/RH1656677 SunEC changes.
    - Use remove-intree-libraries.sh to remove the remaining SunEC code for now.
    - Fix PR1983 SunEC patch so that ecc_impl.h is patched rather than added
    - Add missing RH1022017 patch to reduce curves reported by SSL to those we support.
    - Remove RH1648995; fixed upstream.
    * Wed Dec  5 2018 Jiri Vanek  - 1:11.0.1.13-9
    - for non debug supackages, ghosted all masters and slaves (rhbz1649776)
    - for tech-preview packages, if-outed versionless provides. Aligned versions to be %{epoch}:%{version}-%{release} instead of chaotic
    - Removed all slowdebug provides (rhbz1655938); for tech-preview packages also removed all internal provides
    * Wed Nov 28 2018 Severin Gehwolf  - 1:11.0.1.13-8
    - Added %global _find_debuginfo_opts -g
    - Resolves: RHBZ#1520879 (Detailed NMT issue)
    * Mon Nov 12 2018 Jiri Vanek  - 1:11.0.1.13-6
    - fixed tck failures of arraycopy and process exec with shenandoah on
    - added patch585 rh1648995-shenandoah_array_copy_broken_by_not_always_copy_forward_for_disjoint_arrays.patch
    * Wed Nov  7 2018 Jiri Vanek  - 1:11.0.1.13-5
    - headless' suggests of cups, replaced by Requires of cups-libs
    * Thu Nov  1 2018 Jiri Vanek  - 1:11.0.1.13-3
    - added Patch584 jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch
    * Mon Oct 29 2018 Severin Gehwolf  - 1:11.0.1.13-3
    - Use upstream's version of Aarch64 intrinsics disable patch:
      - Removed:
        RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch
        RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch
      - Superceded by:
        jdk8211105-aarch64-disable_cos_sin_and_log_intrinsics.patch
    * Thu Oct 18 2018 Severin Gehwolf  - 1:11.0.1.13-2
    - Use LTS designator in version output for RHEL.
    * Thu Oct 18 2018 Severin Gehwolf  - 1:11.0.1.13-1
    - Update to October 2018 CPU release, 11.0.1+13.
    * Wed Oct 17 2018 Severin Gehwolf  - 1:11.0.0.28-2
    - Use --with-vendor-version-string=18.9 so as to show original
      GA date for the JDK.
    * Fri Sep 28 2018 Severin Gehwolf  - 1:11.0.0.28-1
    - Identify as GA version and no longer as early access (EA).
    - JDK 11 has been released for GA on 2018-09-25.
    * Fri Sep 28 2018 Severin Gehwolf  - 1:11.0.ea.28-9
    - Rework changes from 1:11.0.ea.22-6. RHBZ#1632174 supercedes
      RHBZ-1624122.
    - Add patch, jdk8210416-rh1632174-compile_fdlibm_with_o2_ffp_contract_off_on_gcc_clang_arches.patch, so as to
      optimize compilation of fdlibm library.
    - Add patch, jdk8210425-rh1632174-sharedRuntimeTrig_sharedRuntimeTrans_compiled_without_optimization.patch, so
      as to optimize compilation of sharedRuntime{Trig,Trans}.cpp
    - Add patch, jdk8210647-rh1632174-libsaproc_is_being_compiled_without_optimization.patch, so as to
      optimize compilation of libsaproc (extra c flags won't override
      optimization).
    - Add patch, jdk8210761-rh1632174-libjsig_is_being_compiled_without_optimization.patch, so as to
      optimize compilation of libjsig.
    - Add patch, jdk8210703-rh1632174-vmStructs_cpp_no_longer_compiled_with_o0, so as to
      optimize compilation of vmStructs.cpp (part of libjvm.so).
    - Reinstate filtering of opt flags coming from redhat-rpm-config.
    * Thu Sep 27 2018 Jiri Vanek  - 1:11.0.ea.28-8
    - removed version less provides
    - javadocdir moved to arched dir as it is no longer noarch
    * Thu Sep 20 2018 Severin Gehwolf  - 1:11.0.ea.28-6
    - Add patch, RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch,
      so as to disable log math intrinsic on aarch64. Work-around for
      JDK-8210858
    * Thu Sep 13 2018 Severin Gehwolf  - 1:11.0.ea.28-5
    - Add patch, RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch,
      so as to disable dsin/dcos math intrinsics on aarch64. Work-around for
      JDK-8210461.
    * Wed Sep 12 2018 Severin Gehwolf  - 1:11.0.ea.22-6
    - Add patch, JDK-8210416-RHBZ-1624122-fdlibm-opt-fix.patch, so as to
      optimize compilation of fdlibm library.
    - Add patch, JDK-8210425-RHBZ-1624122-sharedRuntimeTrig-opt-fix.patch, so
      as to optimize compilation of sharedRuntime{Trig,Trans}.cpp
    - Add patch, JDK-8210647-RHBZ-1624122-libsaproc-opt-fix.patch, so as to
      optimize compilation of libsaproc (extra c flags won't override
      optimization).
    - Add patch, JDK-8210703-RHBZ-1624122-vmStructs-opt-fix.patch, so as to
      optimize compilation of vmStructs.cpp (part of libjvm.so).
    - No longer filter -O flags from C flags coming from
      redhat-rpm-config.
    * Mon Sep 10 2018 Jiri Vanek  - 1:11.0.ea.28-4
    - link to jhsdb followed its file to ifarch jit_arches ifnarch s390x
    * Fri Sep  7 2018 Severin Gehwolf  - 1:11.0.ea.28-3
    - Enable ZGC on x86_64.
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1683095 - [F30] java-11-openjdk intermittently FTBFS on i686 in G1 code due to a race condition
            https://bugzilla.redhat.com/show_bug.cgi?id=1683095
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-4bafcdb85f' at the command
    line. For more information, refer to the dnf documentation available at
    http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"66","type":"x","order":"1","pct":57.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.57,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.