Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in java-1.7.0-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-1.7.0-openjdk
ID: FEDORA-2015-6397
Distribution: Fedora
Plattformen: Fedora 20
Datum: Do, 23. April 2015, 07:37
Referenzen: Keine Angabe
Applikationen: OpenJDK

Originalnachricht

Name        : java-1.7.0-openjdk
Product : Fedora 20
Version : 1.7.0.79
Release : 2.5.5.0.fc20
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

-------------------------------------------------------------------------------
-
Update Information:

Updated to security icedtea-forest7 2.5.5
-------------------------------------------------------------------------------
-
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.75-2.5.5.0
- repacked sources
* Thu Apr 9 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.75-2.5.5.0
- Bump to 2.5.5 using OpenJDK 7u79 b14.
- Update OpenJDK tarball creation comments
- Drop AArch64 version of RH1191652 HotSpot patch as included upstream.
- added Patch406: fixPtraceInclude.patch, Patch404: rh1191652-hotspot.patch
Patch405: rh1191652-jdk.patch
* Wed Jan 21 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.75-2.5.4.2
- Updated to security update of 20.1.2015
- Replace unmodified java.security file via headless post scriptlet.
- Fix macro expansion in changelog
- Fix elliptic curve list as part of fsg.sh
- Bump release so that the RHEL 7.1 version is built on AArch64.
- Bump to 2.5.4 using OpenJDK 7u75 b13.
- Bump AArch64 port to 2.6.0pre17.
- Fix abrt_friendly_hs_log_jdk7.patch to apply again and enable on all archs.
- Remove OpenJDK 8 / AArch64 version of PStack patch as this is no longer
needed.
* Tue Dec 16 2014 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.71-2.5.3.3
- aarch64 sources updated to most recent stable tag
- adapted patch4030 PStack-808293-aarch64.patch
* Tue Dec 9 2014 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.71-2.5.3.2
- added and applied patch404 rh1155012-jdk-speedup.patch
* Mon Dec 1 2014 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.71-2.5.3.1
- removed source14 remove-origin-from-rpaths (11690970)
- removed build requirement for chrpath
* Wed Oct 15 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.71-2.5.3.0
- updated to security icedtea-forest 2.5.3
* Thu Sep 11 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.2.5
- fixed headless to become headless again
- jre/lib/archinstall/libjavagtk.so
- jre/bin/policytool
- jre-abrt/lib/archinstall/libjavagtk.so
- all three added to not headless exclude list
* Tue Sep 2 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.2
- updated to icedtea7-forest 2.5.2
- removed patch404 gtk3ToBeReverted.patch
- removed patch405 pr1864_smartcardIO.patch
* Tue Jul 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.4
- excluded libmawt.so from autorequires/autoprovides
- see https://bugzilla.redhat.com/show_bug.cgi?id=1111349
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> -
1.7.0.65-2.5.1.3
- rebuild (for pulseaudio, bug #1117683)
* Mon Jul 14 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.2
- added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch
* Mon Jul 7 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.1
- updated to security patched icedtea7-forest-2.5.1
* Wed Jul 2 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.3
- Added arrch64 support
* Tue Jul 1 2014 Andrew Hughes <gnu.andrew@redhat.com> -
1.7.0.60-2.5.0.2
- Add nss-softokn dependency for SunEC provider
- Add support for ppc64le
- Enable SunEC provider with system NSS support.
- Ensure java-1.7.0-openjdk is used to build, not 8
- Set INSTALL_LOCATION so it can be used in the rpath.
* Thu Jun 19 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.1.f20
- added and applied as reverted patch404 gtk3ToBeReverted.patch
- reverting controversial fix of show_bug.cgi?id=729
* Wed Jun 18 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.f20
- updated to icedtea7-forest 2.5.0
- removed icedtea_version_presuffix
- removed hardcoded 60
- removed upstreamed patch412 add-final-location-rpaths.patch
- removed upstreamed patch413 rh1064383-prelink_fix.patch
* Thu May 22 2014 Andrew Hughes <gnu.andrew@redhat.com -
1.7.0.51-2.4.7.4.fc20
- Fix jinfo behaviour when prelink cache is present
- Resolves: rhbz#1064383
* Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.7.3.fc20
- debug turned off (0)
- python added to line %{SOURCE14} $files to preven access denied
- added build requires for python
* Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.7.2.fc20
- bumped release
- changed buildoutputdir to contains "-debug" in case of debug on
- rewritten (long unmaintained) java-1.7.0-openjdk-debugdocs.patch and
java-1.7.0-openjdk-debuginfo.patch
- debug turned on (1)
* Tue Apr 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.55-2.4.7.1.fc20
- Added Omair's fix for RH1059925
- added and used Source14, remove-origin-from-rpaths
- added and applied patch412 add-final-location-rpaths.patch
- added build requires chrpath
- adde INSTALL_LOCATION=_jvmdir/sdkdir to make swithces
- added missing OrderWithRequires (sync with master)
- removed rhino requires (sync with master)
- added libattr-devel build requires (sync with master)
- added conditional chmod on sa-jdi.jar (sync with master)
- added comment to fiels about lua (sync with master)
- added few more owned dirs (sync with master)
* Mon Apr 7 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.55-2.4.7.0.fc20
- Added check to lua according to already exisitng same jvm
- bumped to future icedtea-forest 2.4.7
- updatever set to 55, buildver se to 13, release reset to 0
- removed upstreamed patch402 gstackbounds.patch
- included config(norepalce) lua script
* Wed Mar 26 2014 Omair Majid <omajid@redhat.com> - 1.7.0.60-2.4.5.2.fc20
- Switch to a new tapset tarball without trailing space in file name
* Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.1.f20
- removed or cleaning alternatives remove in posts
* Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.0.f20
- removed buildRequires: pulseaudio >= 0.9.11, as not neccessary
- but kept libs-devel
- updated to icedtea 2.4.5
- http://blog.fuseyism.com/index.php/2014/01/29/icedtea-2-4-5-released/
- removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them
out)
- patch410 1015432.patch (upstreamed)
- patch411 1029588.patch
- patch412 zero-x32.diff
- patch104 java-1.7.0-ppc-zero-jdk.patch
- patch105 java-1.7.0-ppc-zero-hotspot.patch
- patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always
(again thanx to gnu_andrew)
- merged other gnu_andrew's changes
- FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls

- buildver bumbed to 31
- added build requires nss-devel
- removed build requires mercurial
- added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call
* Fri Jan 17 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.4.1.f20
- removed 2.3 tarball due to security issues
- this causes zero arm32 jit to not exists eny more (aprox 30% slowdown)
- removed declarations:
- global icedtea_version_arm32 2.3.13
- source100 openjdk-icedtea-%{icedtea_version_arm32}.tar.xz
- removed:
- patch30 java-1.7.0-openjdk-java-access-bridge-security-2.3.patch
- patch1000 rhino-2.3.patch
- patch4020 gstackbounds-2.3.patch
- patch4110 1029588-2.3.patch
- patch302 systemtap.patch
- patch401 657854-openjdk7.patch
- with all follwing ifarch arm calls
- patch410 and TestCryptoLevel are now used always
- US_export_policy.jar and local_policy.jar are now listed always
- make:
- always used DISABLE_INTREE_EC, UNLIMITED_CRYPTO
- removed arm32 specific DISTRO_PACKAGE_VERSION JDK_UPDATE_VERSION
JDK_BUILD_NUMBER
- added patch412 zero-x32.diff to try to fix zero builds build
* Fri Jan 10 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.4.0.f20
- updated to security icedtea 2.4.4
- and arm tarball updated to security icedtea 2.3.13
- icedtea_version set to 2.4.4
- updatever bumped to 51
- release reset to 0
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.4.f19
- added and applied patch411 1029588.patch (for 2.4)
- added and applied patch4110 1029588-2.3.patch (for 2.3)
- resolves rhbz#1029588
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.3.f19
- added and applied for icedtea 2.4 patch410, 1015432.patch
- resolves rhbz#1015432
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.2.f20
- changed Provides: jre-headless = 1.7.0
to Provides: jre-headless = 1:1.7.0
- resolves rhbz#1046050
* Fri Oct 18 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.1.f20
- arm tarball updated to new CPU sources 2.3.13
- removed upstreamed patch 501 callerclass-01.patch
- removed upstreamed patch 502 callerclass-02.patch
- removed upstreamed patch 503 callerclass-02.patch
- removed upstreamed patch 504 callerclass-02.patch
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update java-1.7.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung