Stay Secure with the Latest Linux Advisories

security advisorysecurity updatefedora

Critical OpenJDK Security Update for Fedora 21: 2015-11859 Release

security update to oracle CPU july 2015 - https://www.oracle.com/security-alerts/cpujul2015.html. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-11859 2015-07-21 05:08:48 -------------------------------------------------------------------------------- Name : java-1.8.0-openjdk Product : Fedora 21 Version : 1.8.0.51 Release : 4.b16.fc21 URL : https://openjdk.org/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment. -------------------------------------------------------------------------------- Update Information: security update to oracle CPU july 2015 - https://www.oracle.com/security-alerts/cpujul2015.html -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 17 2015 Jiri Vanek - 1:1.8.0.51-4.b16 - added one more md5sum test (thanx to Sewerein!) * Thu Jul 16 2015 Jiri Vanek - 1:1.8.0.51-3.b16 - doubled slash in md5sum test in post * Wed Jul 15 2015 Jiri Vanek - 1:1.8.0.51-2.b16 - sync with rhel7 * Tue Jul 14 2015 Omair Majid - 1:1.8.0.51-1.b16 - Update to the jdk8u51-b16 security release. * Fri Jun 5 2015 Jiri Vanek - 1:1.8.0.45-40.b14 - added requires lksctp-tools for headless subpackage to make sun.nio.ch.sctp work - added patch506 rhbz1213280-b51c6914f297.patch - allow build on Linux 4.x kernel (sync from master) * Mon May 25 2015 Jiri Vanek - 1:1.8.0.45-39.b14 - patches 501-503 moved out of with_systemtap block patch501 1182011_JavaPrintApiDoesNotPrintUmlautCharsWithPostscriptOutputCorrectly.patch patch502 1182694_javaApplicationMenuMisbehave.patch patch503 d318d83c4e74.patch * Wed May 13 2015 Jiri Vanek - 1:1.8.0.45-38.b14 - updated to 8u45-b14 with hope to fix rhbz#1123870 - sync with f22 * Wed Apr 29 2015 Jiri Vanek - 1:1.8.0.45-35.b13 - Omit jsa files from power64 file list as well, as they are never generated - moved to boot build by openjdk8 - Use the template interpreter on ppc64le * Fri Apr10 2015 Jiri Vanek - 1:1.8.0.45-31.b13 - repacked sources * Tue Apr 7 2015 Jiri Vanek - 1:1.8.0.45-30.b13 - updated to security u45 - added patch d318d83c4e74.patch - added rhbz1206656_fix_current_stack_pointer.patch - renamed PStack-808293.patch -> java-1.8.0-openjdk-PStack-808293.patch - renamed remove-intree-libraries.sh -> java-1.8.0-openjdk-remove-intree-libraries.sh - renamed to preven conflix with jdk7 * Thu Apr 2 2015 Jiri Vanek - 1:1.8.0.40-27.b25 - bumped release. Needed rebuild by itself on arm * Tue Mar 31 2015 Severin Gehwolf - 1:1.8.0.40-26.b25 - Make Zero build-able on ARM32. Resolves: RHBZ#1206656 * Fri Mar 27 2015 Dan Horák - 1:1.8.0.40-25.b25 - refresh s390 patches * Fri Mar 27 2015 Jiri Vanek - 1:1.8.0.40-24.b25 - added patch501 1182011_JavaPrintApiDoesNotPrintUmlautCharsWithPostscriptOutputCorrectly.patch - added patch502 1182694_javaApplicationMenuMisbehave.patch - both upstreamed, will be gone with u60 * Wed Mar 25 2015 Omair Majid - 1:1.8.0.40-23.b25 - Disable various EC algorithms in configuration * Mon Mar 23 2015 Jiri Vanek - 1:1.8.0.40-22.b25 - sytemtap made working for dual package * Tue Mar 3 2015 Severin Gehwolf - 1:1.8.0.40-21.b25 - Added compiler no-warn- * Fri Feb 20 2015 Omair Majid - 1:1.8.0.40-21.b25 - Fix zero interpreter build. * Thu Feb 12 2015 Omair Majid - 1:1.8.0.40-21.b25 - Fix building with gcc 5 by ignoring return-local-addr warning - Include additional debugging info for java class files and test that they are present * Thu Feb 12 2015 Jiri Vanek - 1:1.8.0.40-20.b25 - bumped to b25 - removed upstreamed patch11 hotspot-build-j-directive.patch - policies repacked to stop spamming yum update - added and used source20 repackReproduciblePolycies.sh - added mehanism to force priority size * Fri Jan 9 2015 Dan Horák - 1:1.8.0.40-19.b12 - refresh s390 patches -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum updatejava-1.8.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Important security patch released for Fedora 21 targeting OpenJDK security flaws as outlined in Oracle's July 2015 advisory.. Fedora Updates, OpenJDK Security, Java Runtime, Linux Security. . Severity: Critical. LinuxSecurity.com Team

Jul 21, 2015 •Critical Fedora