Fedora 37: java-latest-openjdk 2022-d0ed59bee7 | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-d0ed59bee7
2022-11-10 22:04:44.634854
--------------------------------------------------------------------------------

Name        : java-latest-openjdk
Product     : Fedora 37
Version     : 19.0.1.0.10
Release     : 2.rolling.fc37
URL         : https://openjdk.java.net/
Summary     : OpenJDK 19 Runtime Environment
Description :
The OpenJDK 19 runtime environment.

--------------------------------------------------------------------------------
Update Information:

# New in release OpenJDK 19.0.1 (2022-10-18)  * [Full release
notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html)
* This update depends on [FEDORA-2022-
d0fc6f0dd4](https://bodhi.fedoraproject.org/updates/FEDORA-2022-d0fc6f0dd4)  ##
CVEs Fixed   - CVE-2022-21618   - CVE-2022-21619   - CVE-2022-21624   -
CVE-2022-21628   - CVE-2022-39399  ## Security Fixes   - JDK-8282252: Improve
BigInteger/Decimal validation   - JDK-8285662: Better permission resolution   -
JDK-8286077: Wider MultiByte conversions   - JDK-8286511: Improve macro
allocation   - JDK-8286519: Better memory handling   - JDK-8286526: Improve NTLM
support   - JDK-8286910: Improve JNDI lookups   - JDK-8286918: Better HttpServer
service   - JDK-8287446: Enhance icon presentations   - JDK-8288508: Enhance
ECDSA usage   - JDK-8289366: Improve HTTP/2 client usage   - JDK-8289853: Update
HarfBuzz to 4.4.1   - JDK-8290334: Update FreeType to 2.12.1  ## Major Changes
### [JDK-8292654](https://bugs.openjdk.org/browse/JDK-8292654): G1 Remembered
set memory footprint regression after
[JDK-8286115](https://bugs.openjdk.org/browse/JDK-8286115) JDK-8286115 changed
ergonomic sizing of a component of the remembered sets in G1. This change causes
increased native memory usage of the Hotspot VM for applications that create
large remembered sets with the G1 collector.  In an internal benchmark total GC
component native memory usage rose by almost 10% (from 1.2GB to 1.3GB).  This
issue can be worked around by passing double the value of
`G1RemSetArrayOfCardsEntries` as printed by running the application with
`-XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions` to your application.
E.g. pass `-XX:+UnlockExperimentalVMOptions -XX:G1RemSetArrayOfCardsEntries=128`
if a previous run showed a value of `64` for `G1RemSetArrayOfCardsEntries` in
the output of `-XX:+PrintFlagsFinal`.  ##
[JDK-8292579](https://bugs.openjdk.org/browse/JDK-8292579): Update Timezone Data
to 2022c  This version includes changes from 2022b that merged multiple regions
that have the same timestamp data post-1970 into a single time zone database.
All time zone IDs remain the same but the merged time zones will point to a
shared zone database.  As a result, pre-1970 data may not be compatible with
earlier JDK versions.  The affected zones are ```Antarctica/Vostok, Asia/Brunei,
Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen,
Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm,
Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe,  Indian/Reunion,
Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake,
Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland,
Pacific/Ponape, Pacific/Truk, and Pacific/Yap```.        For more details, refer
to the announcement of [2022b](https://mm.icann.org/pipermail/tz-
announce/2022-August/000071.html)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 27 2022 Andrew Hughes  - 1:19.0.1.0.10-2.rolling
- Temporarily roll build dependency back to tzdata 2022d for F37 as 2022e is still in testing
* Wed Oct 26 2022 Andrew Hughes  - 1:19.0.1.0.10-2.rolling
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
- Update CLDR data with Europe/Kyiv (JDK-8293834)
- Drop JDK-8292223 patch which we found to be unnecessary
- Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream
* Thu Oct 20 2022 Andrew Hughes  - 1:19.0.1.0.10-1.rolling
- Update to jdk-19.0.1 release
- Update release notes to 19.0.1
* Wed Sep 21 2022 Andrew Hughes  - 1:19.0.0.0.36-3.rolling
- The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds
- Remove freetype sources along with zlib sources
* Tue Aug 30 2022 Andrew Hughes  - 1:19.0.0.0.36-2.rolling
- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-d0ed59bee7' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 37: java-latest-openjdk 2022-d0ed59bee7

November 10, 2022

Summary

The OpenJDK 19 runtime environment.

Update Information:

# New in release OpenJDK 19.0.1 (2022-10-18) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html) * This update depends on [FEDORA-2022- d0fc6f0dd4](https://bodhi.fedoraproject.org/updates/FEDORA-2022-d0fc6f0dd4) ## CVEs Fixed - CVE-2022-21618 - CVE-2022-21619 - CVE-2022-21624 - CVE-2022-21628 - CVE-2022-39399 ## Security Fixes - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286077: Wider MultiByte conversions - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526: Improve NTLM support - JDK-8286910: Improve JNDI lookups - JDK-8286918: Better HttpServer service - JDK-8287446: Enhance icon presentations - JDK-8288508: Enhance ECDSA usage - JDK-8289366: Improve HTTP/2 client usage - JDK-8289853: Update HarfBuzz to 4.4.1 - JDK-8290334: Update FreeType to 2.12.1 ## Major Changes ### [JDK-8292654](https://bugs.openjdk.org/browse/JDK-8292654): G1 Remembered set memory footprint regression after [JDK-8286115](https://bugs.openjdk.org/browse/JDK-8286115) JDK-8286115 changed ergonomic sizing of a component of the remembered sets in G1. This change causes increased native memory usage of the Hotspot VM for applications that create large remembered sets with the G1 collector. In an internal benchmark total GC component native memory usage rose by almost 10% (from 1.2GB to 1.3GB). This issue can be worked around by passing double the value of `G1RemSetArrayOfCardsEntries` as printed by running the application with `-XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions` to your application. E.g. pass `-XX:+UnlockExperimentalVMOptions -XX:G1RemSetArrayOfCardsEntries=128` if a previous run showed a value of `64` for `G1RemSetArrayOfCardsEntries` in the output of `-XX:+PrintFlagsFinal`. ## [JDK-8292579](https://bugs.openjdk.org/browse/JDK-8292579): Update Timezone Data to 2022c This version includes changes from 2022b that merged multiple regions that have the same timestamp data post-1970 into a single time zone database. All time zone IDs remain the same but the merged time zones will point to a shared zone database. As a result, pre-1970 data may not be compatible with earlier JDK versions. The affected zones are ```Antarctica/Vostok, Asia/Brunei, Asia/Kuala_Lumpur, Atlantic/Reykjavik, Europe/Amsterdam, Europe/Copenhagen, Europe/Luxembourg, Europe/Monaco, Europe/Oslo, Europe/Stockholm, Indian/Christmas, Indian/Cocos, Indian/Kerguelen, Indian/Mahe, Indian/Reunion, Pacific/Chuuk, Pacific/Funafuti, Pacific/Majuro, Pacific/Pohnpei, Pacific/Wake, Pacific/Wallis, Arctic/Longyearbyen, Atlantic/Jan_Mayen, Iceland, Pacific/Ponape, Pacific/Truk, and Pacific/Yap```. For more details, refer to the announcement of [2022b](https://mm.icann.org/pipermail/tz- announce/2022-August/000071.html)

Change Log

* Thu Oct 27 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling - Temporarily roll build dependency back to tzdata 2022d for F37 as 2022e is still in testing * Wed Oct 26 2022 Andrew Hughes - 1:19.0.1.0.10-2.rolling - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv (JDK-8293834) - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream * Thu Oct 20 2022 Andrew Hughes - 1:19.0.1.0.10-1.rolling - Update to jdk-19.0.1 release - Update release notes to 19.0.1 * Wed Sep 21 2022 Andrew Hughes - 1:19.0.0.0.36-3.rolling - The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds - Remove freetype sources along with zlib sources * Tue Aug 30 2022 Andrew Hughes - 1:19.0.0.0.36-2.rolling - Switch buildjdkver back to being featurever, now java-19-openjdk is available in the buildroot

References

Fedora Update Notification FEDORA-2022-d0ed59bee7 2022-11-10 22:04:44.634854 Name : java-latest-openjdk Product : Fedora 37 Version : 19.0.1.0.10 Release : 2.rolling.fc37 URL : https://openjdk.java.net/ Summary : OpenJDK 19 Runtime Environment Description : The OpenJDK 19 runtime environment.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-d0ed59bee7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : java-latest-openjdk
Product : Fedora 37
Version : 19.0.1.0.10
Release : 2.rolling.fc37
URL : https://openjdk.java.net/
Summary : OpenJDK 19 Runtime Environment

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.