--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2022-ec7de69ceb
2022-11-05 17:06:01.676001
--------------------------------------------------------------------------------Name        : java-latest-openjdk
Product     : Fedora 35
Version     : 19.0.1.0.10
Release     : 2.rolling.fc35
URL         : https://openjdk.org/
Summary     : OpenJDK 19 Runtime Environment
Description :
The OpenJDK 19 runtime environment.

--------------------------------------------------------------------------------Update Information:

# New in release OpenJDK 19.0.1 (2022-10-18)  * [Full release
notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html)
* This update depends on [FEDORA-2022-10bb6f119e](https://bodhi.fedoraproject.org/updates/FEDORA-2022-10bb6f119e)  ##
CVEs Fixed   - CVE-2022-21618   - CVE-2022-21619   - CVE-2022-21624   -CVE-2022-21628   - CVE-2022-39399  ## Security Fixes   - JDK-8282252: Improve
BigInteger/Decimal validation   - JDK-8285662: Better permission resolution   -JDK-8286077: Wider MultiByte conversions   - JDK-8286511: Improve macro
allocation   - JDK-8286519: Better memory handling   - JDK-8286526: Improve NTLM
support   - JDK-8286910: Improve JNDI lookups   - JDK-8286918: Better HttpServer
service   - JDK-8287446: Enhance icon presentations   - JDK-8288508: Enhance
ECDSA usage   - JDK-8289366: Improve HTTP/2 client usage   - JDK-8289853: Update
HarfBuzz to 4.4.1   - JDK-8290334: Update FreeType to 2.12.1  ## Major Changes
### [JDK-8292654](https://bugs.openjdk.org/browse/JDK-8292654): G1 Remembered
set memory footprint regression after
[JDK-8286115](https://bugs.openjdk.org/browse/JDK-8286115) JDK-8286115 changed
ergonomic sizing of a component of the remembered sets in G1. This change causes
increased native memory usage of the Hotspot VM for applications that create
large remembered sets with the G1 collector.  In an internal benchmark total GC
component native memory usage rose by almost 10% (from 1.2GB to 1.3GB).  This
issue can be worked around by passing double the value of
`G1RemSetArrayOfCardsEntries` as printed by running the application with
`-XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions` to your application.
E.g. pass `-XX:+UnlockExperimentalVMOptions -XX:G1RemSetArrayOfCardsEntries=128`
if a previous run showed a value of `64` for `G1RemSetArrayOfCardsEntries` in
the output of `-XX:+PrintFlagsFinal`.  ##
[JDK-8292579](https://bugs.openjdk.org/browse/JDK-8292579): Update Timezone Data
to 2022c  This version includes changes from 2022b that merged multiple regions
that have the same timestamp data post-1970 into a single time zone database.
All time zone IDs remain the same but the merged time zones will point to a
shared zone database.  As a result, pre-1970 data may not be compatible with
earlier JDK versions.  The affected zones are ```Antarctica/Vostok, Asia/Brunei,
Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen,
Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm,
Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe,  Indian/Reunion,
Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake,
Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland,
Pacific/Ponape, Pacific/Truk, and Pacific/Yap```.        For more details, refer
to the announcement of [2022b](https://mm.icann.org/pipermail/tz-announce/2022-August/000071.html)
--------------------------------------------------------------------------------ChangeLog:

* Thu Oct 27 2022 Andrew Hughes  - 1:19.0.1.0.10-2.rolling
- Temporarily roll build dependency back to tzdata 2022d for F35 as 2022e is still in testing
* Wed Oct 26 2022 Andrew Hughes  - 1:19.0.1.0.10-2.rolling
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
- Update CLDR data with Europe/Kyiv (JDK-8293834)
- Drop JDK-8292223 patch which we found to be unnecessary
- Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream
* Thu Oct 20 2022 Andrew Hughes  - 1:19.0.1.0.10-1.rolling
- Update to jdk-19.0.1 release
- Update release notes to 19.0.1
* Thu Sep 22 2022 Andrew Hughes  - 1:19.0.0.0.36-4.rolling
- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot
* Wed Sep 21 2022 Andrew Hughes  - 1:19.0.0.0.36-3.rolling
- The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds
- Remove freetype sources along with zlib sources
* Tue Sep 20 2022 Andrew Hughes  - 1:19.0.0.0.36-3.rolling
- Switch buildjdkver temporarily to 18, as java-19-openjdk is not yet available in the buildroot
* Tue Sep 20 2022 Andrew Hughes  - 1:19.0.0.0.36-3.rolling
- Flip the use of system libraries back on by default, as in-tree libraries should only be used on Fedora 37+
* Tue Aug 30 2022 Andrew Hughes  - 1:19.0.0.0.36-2.rolling
- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-ec7de69ceb' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 35: java-latest-openjdk 2022-ec7de69ceb

November 5, 2022

# New in release OpenJDK 19.0.1 (2022-10-18) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html) * This update depends on [FEDORA-2022- ...

Summary

The OpenJDK 19 runtime environment.

# New in release OpenJDK 19.0.1 (2022-10-18) * [Full release

notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html)

* This update depends on [FEDORA-2022-10bb6f119e](https://bodhi.fedoraproject.org/updates/FEDORA-2022-10bb6f119e) ##

CVEs Fixed - CVE-2022-21618 - CVE-2022-21619 - CVE-2022-21624 -CVE-2022-21628 - CVE-2022-39399 ## Security Fixes - JDK-8282252: Improve

BigInteger/Decimal validation - JDK-8285662: Better permission resolution -JDK-8286077: Wider MultiByte conversions - JDK-8286511: Improve macro

allocation - JDK-8286519: Better memory handling - JDK-8286526: Improve NTLM

support - JDK-8286910: Improve JNDI lookups - JDK-8286918: Better HttpServer

service - JDK-8287446: Enhance icon presentations - JDK-8288508: Enhance

ECDSA usage - JDK-8289366: Improve HTTP/2 client usage - JDK-8289853: Update

HarfBuzz to 4.4.1 - JDK-8290334: Update FreeType to 2.12.1 ## Major Changes

### [JDK-8292654](https://bugs.openjdk.org/browse/JDK-8292654): G1 Remembered

set memory footprint regression after

[JDK-8286115](https://bugs.openjdk.org/browse/JDK-8286115) JDK-8286115 changed

ergonomic sizing of a component of the remembered sets in G1. This change causes

increased native memory usage of the Hotspot VM for applications that create

large remembered sets with the G1 collector. In an internal benchmark total GC

component native memory usage rose by almost 10% (from 1.2GB to 1.3GB). This

issue can be worked around by passing double the value of

`G1RemSetArrayOfCardsEntries` as printed by running the application with

`-XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions` to your application.

E.g. pass `-XX:+UnlockExperimentalVMOptions -XX:G1RemSetArrayOfCardsEntries=128`

if a previous run showed a value of `64` for `G1RemSetArrayOfCardsEntries` in

the output of `-XX:+PrintFlagsFinal`. ##

[JDK-8292579](https://bugs.openjdk.org/browse/JDK-8292579): Update Timezone Data

to 2022c This version includes changes from 2022b that merged multiple regions

that have the same timestamp data post-1970 into a single time zone database.

All time zone IDs remain the same but the merged time zones will point to a

shared zone database. As a result, pre-1970 data may not be compatible with

earlier JDK versions. The affected zones are ```Antarctica/Vostok, Asia/Brunei,

Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen,

Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm,

Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe, Indian/Reunion,

Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake,

Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland,

Pacific/Ponape, Pacific/Truk, and Pacific/Yap```. For more details, refer

to the announcement of [2022b](https://mm.icann.org/pipermail/tz-announce/2022-August/000071.html)

* Thu Oct 27 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling

- Temporarily roll build dependency back to tzdata 2022d for F35 as 2022e is still in testing

* Wed Oct 26 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling

- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173

- Update CLDR data with Europe/Kyiv (JDK-8293834)

- Drop JDK-8292223 patch which we found to be unnecessary

- Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream

* Thu Oct 20 2022 Andrew Hughes - 1:19.0.1.0.10-1.rolling

- Update to jdk-19.0.1 release

- Update release notes to 19.0.1

* Thu Sep 22 2022 Andrew Hughes - 1:19.0.0.0.36-4.rolling

- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot

* Wed Sep 21 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling

- The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds

- Remove freetype sources along with zlib sources

* Tue Sep 20 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling

- Switch buildjdkver temporarily to 18, as java-19-openjdk is not yet available in the buildroot

* Tue Sep 20 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling

- Flip the use of system libraries back on by default, as in-tree libraries should only be used on Fedora 37+

* Tue Aug 30 2022 Andrew Hughes - 1:19.0.0.0.36-2.rolling

- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot

su -c 'dnf upgrade --advisory FEDORA-2022-ec7de69ceb' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: https://pagure.io/login/

FEDORA-2022-ec7de69ceb 2022-11-05 17:06:01.676001 Product : Fedora 35 Version : 19.0.1.0.10 Release : 2.rolling.fc35 URL : https://openjdk.org/ Summary : OpenJDK 19 Runtime Environment Description : The OpenJDK 19 runtime environment. # New in release OpenJDK 19.0.1 (2022-10-18) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html) * This update depends on [FEDORA-2022-10bb6f119e](https://bodhi.fedoraproject.org/updates/FEDORA-2022-10bb6f119e) ## CVEs Fixed - CVE-2022-21618 - CVE-2022-21619 - CVE-2022-21624 -CVE-2022-21628 - CVE-2022-39399 ## Security Fixes - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution -JDK-8286077: Wider MultiByte conversions - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526: Improve NTLM support - JDK-8286910: Improve JNDI lookups - JDK-8286918: Better HttpServer service - JDK-8287446: Enhance icon presentations - JDK-8288508: Enhance ECDSA usage - JDK-8289366: Improve HTTP/2 client usage - JDK-8289853: Update HarfBuzz to 4.4.1 - JDK-8290334: Update FreeType to 2.12.1 ## Major Changes ### [JDK-8292654](https://bugs.openjdk.org/browse/JDK-8292654): G1 Remembered set memory footprint regression after [JDK-8286115](https://bugs.openjdk.org/browse/JDK-8286115) JDK-8286115 changed ergonomic sizing of a component of the remembered sets in G1. This change causes increased native memory usage of the Hotspot VM for applications that create large remembered sets with the G1 collector. In an internal benchmark total GC component native memory usage rose by almost 10% (from 1.2GB to 1.3GB). This issue can be worked around by passing double the value of `G1RemSetArrayOfCardsEntries` as printed by running the application with `-XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions` to your application. E.g. pass `-XX:+UnlockExperimentalVMOptions -XX:G1RemSetArrayOfCardsEntries=128` if a previous run showed a value of `64` for `G1RemSetArrayOfCardsEntries` in the output of `-XX:+PrintFlagsFinal`. ## [JDK-8292579](https://bugs.openjdk.org/browse/JDK-8292579): Update Timezone Data to 2022c This version includes changes from 2022b that merged multiple regions that have the same timestamp data post-1970 into a single time zone database. All time zone IDs remain the same but the merged time zones will point to a shared zone database. As a result, pre-1970 data may not be compatible with earlier JDK versions. The affected zones are ```Antarctica/Vostok, Asia/Brunei, Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen, Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm, Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe, Indian/Reunion, Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake, Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland, Pacific/Ponape, Pacific/Truk, and Pacific/Yap```. For more details, refer to the announcement of [2022b](https://mm.icann.org/pipermail/tz-announce/2022-August/000071.html) * Thu Oct 27 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling - Temporarily roll build dependency back to tzdata 2022d for F35 as 2022e is still in testing * Wed Oct 26 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv (JDK-8293834) - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream * Thu Oct 20 2022 Andrew Hughes - 1:19.0.1.0.10-1.rolling - Update to jdk-19.0.1 release - Update release notes to 19.0.1 * Thu Sep 22 2022 Andrew Hughes - 1:19.0.0.0.36-4.rolling - Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot * Wed Sep 21 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling - The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds - Remove freetype sources along with zlib sources * Tue Sep 20 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling - Switch buildjdkver temporarily to 18, as java-19-openjdk is not yet available in the buildroot * Tue Sep 20 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling - Flip the use of system libraries back on by default, as in-tree libraries should only be used on Fedora 37+ * Tue Aug 30 2022 Andrew Hughes - 1:19.0.0.0.36-2.rolling - Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot su -c 'dnf upgrade --advisory FEDORA-2022-ec7de69ceb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam, report it: https://pagure.io/login/