Fedora 29 OpenJDK Security Update: 2019-265e0b1282 Critical Issues

The OpenJDK runtime environment.

Update to April 2019 CPU. See: https://mail.openjdk.org/pipermail/jdk-updates-dev/2019-April/000951.html

* Tue Apr 23 2019 Severin Gehwolf - 1:11.0.3.7-1

- Fix requires/provides for the non-system JDK case. JDK 11

isn't a system JDK at this point.

- Resolves: RHBZ#1702324

* Sun Apr 7 2019 Andrew Hughes - 1:11.0.3.7-0

- Update to shenandoah-jdk-11.0.3+7 (April 2019 GA)

* Sat Apr 6 2019 Andrew Hughes - 1:11.0.3.6-0

- Update to shenandoah-jdk-11.0.3+6 (April 2019 EA)

- Drop JDK-8210416/RH1632174 applied upstream.

- Drop JDK-8210425/RH1632174 applied upstream.

- Drop JDK-8210647/RH1632174 applied upstream.

- Drop JDK-8210761/RH1632174 applied upstream.

- Drop JDK-8210703/RH1632174 applied upstream.

- Add cast to resolve s390 ambiguity in call to log2_intptr

* Thu Mar 21 2019 Severin Gehwolf - 1:11.0.2.7-9

- Add patch for RH1566890

* Mon Mar 11 2019 Severin Gehwolf - 1:11.0.2.7-7

- Add -Wa,--generate-missing-build-notes=yes C flags. So as to

fix annocheck warnings for assembler source files.

* Tue Feb 26 2019 Severin Gehwolf - 1:11.0.2.7-6

- Don't package lib/client and lib/client/classes.jsa

which don't exist.

- Resolves: RHBZ#1643469

* Tue Feb 19 2019 Severin Gehwolf - 1:11.0.2.7-5

- Add explicit requirement for libXcomposite which is used when performing

screenshots from Java.

- Add explicit BR unzip required for building OpenJDK.

* Thu Feb 14 2019 Severin Gehwolf - 1:11.0.2.7-4

- Add a test verifying system crypto policies can be disabled

* Tue Feb 12 2019 Severin Gehwolf - 1:11.0.2.7-3

- Don't build the test images needlessly.

* Thu Feb 7 2019 Andrew John Hughes - 1:11.0.2.7-2

- Add PR3695 to allow the system crypto policy to be turned off.

- Correct original system crypto policy patch to refer to OpenJDK 11 bug (PR3694)

* Tue Jan 15 2019 Andrew Hughes - 1:11.0.2.7-0

- Update to shenandoah-jdk-11.0.2+7 (January 2019 CPU)

- Drop JDK-8211105/RH1628612/RH1630996 applied upstream.

- Drop JDK-8209639/RH1640127 applied upstream.

- Re-generate JDK-8210416/RH1632174 following JDK-8209786

* Fri Jan 11 2019 Andrew Hughes - 1:11.0.1.13-11

- Update to shenandoah-jdk-11.0.1+13-20190101

- Update tarball generation script in preparation for PR3681/RH1656677 SunEC changes.

- Use remove-intree-libraries.sh to remove the remaining SunEC code for now.

- Fix PR1983 SunEC patch so that ecc_impl.h is patched rather than added

- Add missing RH1022017 patch to reduce curves reported by SSL to those we support.

- Remove RH1648995; fixed upstream.

* Wed Dec 5 2018 Jiri Vanek - 1:11.0.1.13-9

- for non debug supackages, ghosted all masters and slaves (rhbz1649776)

- for tech-preview packages, if-outed versionless provides. Aligned versions to be %{epoch}:%{version}-%{release} instead of chaotic

- Removed all slowdebug provides (rhbz1655938); for tech-preview packages also removed all internal provides

* Wed Nov 28 2018 Severin Gehwolf - 1:11.0.1.13-8

- Added %global _find_debuginfo_opts -g

- Resolves: RHBZ#1520879 (Detailed NMT issue)

* Mon Nov 12 2018 Jiri Vanek - 1:11.0.1.13-6

- fixed tck failures of arraycopy and process exec with shenandoah on

- added patch585 rh1648995-shenandoah_array_copy_broken_by_not_always_copy_forward_for_disjoint_arrays.patch

* Wed Nov 7 2018 Jiri Vanek - 1:11.0.1.13-5

- headless' suggests of cups, replaced by Requires of cups-libs

* Thu Nov 1 2018 Jiri Vanek - 1:11.0.1.13-3

- added Patch584 jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch

* Mon Oct 29 2018 Severin Gehwolf - 1:11.0.1.13-3

- Use upstream's version of Aarch64 intrinsics disable patch:

- Removed:

RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch

RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch

- Superceded by:

jdk8211105-aarch64-disable_cos_sin_and_log_intrinsics.patch

* Thu Oct 18 2018 Severin Gehwolf - 1:11.0.1.13-2

- Use LTS designator in version output for RHEL.

* Thu Oct 18 2018 Severin Gehwolf - 1:11.0.1.13-1

- Update to October 2018 CPU release, 11.0.1+13.

* Wed Oct 17 2018 Severin Gehwolf - 1:11.0.0.28-2

- Use --with-vendor-version-string=18.9 so as to show original

GA date for the JDK.

* Fri Sep 28 2018 Severin Gehwolf - 1:11.0.0.28-1

- Identify as GA version and no longer as early access (EA).

- JDK 11 has been released for GA on 2018-09-25.

* Fri Sep 28 2018 Severin Gehwolf - 1:11.0.ea.28-9

- Rework changes from 1:11.0.ea.22-6. RHBZ#1632174 supercedes

RHBZ-1624122.

- Add patch, jdk8210416-rh1632174-compile_fdlibm_with_o2_ffp_contract_off_on_gcc_clang_arches.patch, so as to

optimize compilation of fdlibm library.

- Add patch, jdk8210425-rh1632174-sharedRuntimeTrig_sharedRuntimeTrans_compiled_without_optimization.patch, so

as to optimize compilation of sharedRuntime{Trig,Trans}.cpp

- Add patch, jdk8210647-rh1632174-libsaproc_is_being_compiled_without_optimization.patch, so as to

optimize compilation of libsaproc (extra c flags won't override

optimization).

- Add patch, jdk8210761-rh1632174-libjsig_is_being_compiled_without_optimization.patch, so as to

optimize compilation of libjsig.

- Add patch, jdk8210703-rh1632174-vmStructs_cpp_no_longer_compiled_with_o0, so as to

optimize compilation of vmStructs.cpp (part of libjvm.so).

- Reinstate filtering of opt flags coming from redhat-rpm-config.

* Thu Sep 27 2018 Jiri Vanek - 1:11.0.ea.28-8

- removed version less provides

- javadocdir moved to arched dir as it is no longer noarch

* Thu Sep 20 2018 Severin Gehwolf - 1:11.0.ea.28-6

- Add patch, RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch,

so as to disable log math intrinsic on aarch64. Work-around for

JDK-8210858

* Thu Sep 13 2018 Severin Gehwolf - 1:11.0.ea.28-5

- Add patch, RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch,

so as to disable dsin/dcos math intrinsics on aarch64. Work-around for

JDK-8210461.

* Wed Sep 12 2018 Severin Gehwolf - 1:11.0.ea.22-6

- Add patch, JDK-8210416-RHBZ-1624122-fdlibm-opt-fix.patch, so as to

optimize compilation of fdlibm library.

- Add patch, JDK-8210425-RHBZ-1624122-sharedRuntimeTrig-opt-fix.patch, so

as to optimize compilation of sharedRuntime{Trig,Trans}.cpp

- Add patch, JDK-8210647-RHBZ-1624122-libsaproc-opt-fix.patch, so as to

optimize compilation of libsaproc (extra c flags won't override

optimization).

- Add patch, JDK-8210703-RHBZ-1624122-vmStructs-opt-fix.patch, so as to

optimize compilation of vmStructs.cpp (part of libjvm.so).

- No longer filter -O flags from C flags coming from

redhat-rpm-config.

* Mon Sep 10 2018 Jiri Vanek - 1:11.0.ea.28-4

- link to jhsdb followed its file to ifarch jit_arches ifnarch s390x

* Fri Sep 7 2018 Severin Gehwolf - 1:11.0.ea.28-3

- Enable ZGC on x86_64.

[ 1 ] Bug #1702324 - java-11-openjdk packages have wrong lib-style requirements

https://bugzilla.redhat.com/show_bug.cgi?id=1702324

su -c 'dnf upgrade --advisory FEDORA-2019-265e0b1282' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/