Fedora 35: 2022-b76ab52e73 Moderate: OpenJDK 18 Security Issues

The OpenJDK 18 runtime environment.

# New in release OpenJDK 18.0.2 (2022-07-19) * Full release notes can be found

at https://builds.shipilev.net/backports-monitor/release-notes-18.0.2.txt ##

Security fixes * JDK-8272243: Improve DER parsing - JDK-8272249: Better

properties of loaded Properties - JDK-8277608: Address IP Addressing -JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866,

CVE-2022-21541: Enhance MethodHandle invocations - JDK-8282676: Improve

subject handling - JDK-8283190: Improve MIDI processing - JDK-8284370:

Improve zlib usage - JDK-8285407, CVE-2022-34169: Improve Xalan supports ##

JDK-8288367: CPU Shares Ignored When Computing Active Processor Count Previous

JDK releases used an incorrect interpretation of the Linux cgroups parameter

`cpu.shares`. This might cause the JVM to use fewer CPUs than available, leading

to an under utilization of CPU resources when the JVM is used inside a

container. Starting from this JDK release, by default, the JVM no longer

considers `cpu.shares` when deciding the number of threads to be used by the

various thread pools. The `-XX:+UseContainerCpuShares` command-line option can

be used to revert to the previous behaviour. This option is deprecated and may

be removed in a future JDK release.

* Fri Jul 22 2022 Andrew Hughes - 1:18.0.2.0.9-1.rolling

- Update to jdk-18.0.2 release

- Update release notes to 18.0.2

- Drop JDK-8282004 patch which is now upstreamed under JDK-8282231

- Exclude x86 where java_arches is undefined, in order to unbreak build

* Fri Jul 22 2022 Jiri Vanek - 1:18.0.1.1.2-8.rolling

- moved to build only on %{java_arches}

-- https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs

- reverted :

-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild (always mess up release)

-- Try to build on x86 again by creating a husk of a JDK which does not depend on itself

-- Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable

-- Replaced binaries and .so files with bash-stubs on i686

- added ExclusiveArch: %{java_arches}

-- this now excludes i686

-- this is safely backport-able to older fedoras, as the macro was backported properly (with i686 included)

- https://bugzilla.redhat.com/show_bug.cgi?id=2104125

* Thu Jul 21 2022 Fedora Release Engineering - 1:18.0.1.1.2-7.rolling.1

- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

* Tue Jul 19 2022 Andrew Hughes - 1:18.0.1.1.2-7.rolling

- Try to build on x86 again by creating a husk of a JDK which does not depend on itself

* Sun Jul 17 2022 Andrew Hughes - 1:18.0.1.1.2-6.rolling

- Exclude x86 from builds as the bootstrap JDK is now completely broken and unusable

* Wed Jul 13 2022 Andrew Hughes - 1:18.0.1.1.2-5.rolling

- Explicitly require crypto-policies during build and runtime for system security properties

* Wed Jul 13 2022 Jiri Vanek - 1:18.0.1.1.2-4.rolling.

- Replaced binaries and .so files with bash-stubs on i686 in preparation of the removal on that architecture:

- https://fedoraproject.org/wiki/Changes/Drop_i686_JDKs

* Wed Jul 13 2022 Andrew Hughes - 1:18.0.1.1.2-3.rolling

- Make use of the vendor version string to store our version & release rather than an upstream release date

* Tue Jul 12 2022 FeRD (Frank Dana) - 1:18.0.1.1.2-2.rolling

- Add javaver- and origin-specific javadoc and javadoczip alternatives.

su -c 'dnf upgrade --advisory FEDORA-2022-b76ab52e73' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: