Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in java-1.8.0-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-1.8.0-openjdk
ID: FEDORA-2018-d4bfa98f6a
Distribution: Fedora
Plattformen: Fedora 27
Datum: Di, 31. Juli 2018, 22:32
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1509371
Applikationen: OpenJDK

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-d4bfa98f6a
2018-07-31 17:09:33.504803
-------------------------------------------------------------------------------
-

Name : java-1.8.0-openjdk
Product : Fedora 27
Version : 1.8.0.181
Release : 7.b13.fc27
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

-------------------------------------------------------------------------------
-
Update Information:

Security critical patch update for OpenJDK (July CPU). See
http://www.oracle.com/technetwork/security-
advisory/cpujul2018-4258247.html#AppendixJAVA
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Jul 23 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.181-7.b13
- updated to u181
- patches aligned according to rhel7 (full credit to gnu_andrew)
- removed upstreamed patch104 pr3458-rh1540242-aarch64.patch
- removed upstreamed patch568 8187577-pr3578.patch
* Tue Jul 17 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.172-16.b11
- added Recommends gtk2 for main package
- added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package
- see RHBZ1598152
* Tue Jul 10 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-13.b11
- Fix hook to show hs_err*.log files on failures.
* Mon Jul 2 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-12.b11
- Fix requires/provides filters for internal libs. See
RHBZ#1590796
* Wed Jun 20 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-11.b11
- Add additional fix (PR3601) to fix -Wreturn-type failures introduced by
8061651
- Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds.
- Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on
AArch64.
- Sync with IcedTea 3.8.0 patches to use -Wreturn-type.
- Add backports of 8141570, 8143245, 8197981 & 8062808.
- Drop pr3458-rh1540242-zero.patch which is covered by 8143245.
* Wed Jun 20 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.172-10.b11
- jsa files changed to 444 to pass rpm verification
* Mon Jun 18 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-9.b11
- Filter private provides/requires: 'lib.so(SUNWprivate_.*'
* Thu Jun 14 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-8.b11
- Add provides/requires for libjvm.so back. See RHBZ#1591215.
* Wed Jun 13 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-7.b11
- Fix reg-ex for filtering private libraries' provides/requires.
* Wed Jun 13 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-6.b11
- Remove build flags exemption for aarch64 now the platform is more mature and
can bootstrap OpenJDK with these flags.
- Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags.
- Add missing changelog credits
* Mon Jun 11 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.172-5.b11
- Merge changes from RHEL 7
* Mon Jun 11 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Read jssecacerts file prior to trying either cacerts file (system or local)
(PR3575)
* Mon Jun 11 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should
be PR3546)
* Thu Jun 7 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Update Shenandoah tarball to include 2018-05-15 merge.
- Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be
skipped on Shenandoah builds.
- Drop PR3573 patch applied upstream.
- Restrict 8187577 fix to non-Shenandoah builds, as it's included in the
new tarball.
* Thu Jun 7 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Sync with IcedTea 3.8.0.
- Label architecture-specific fixes with architecture concerned
- x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes
on SSE operations (-mstackrealign workaround)
- PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build
- 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland
mode
- 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds
- 8185723, PR3553: Zero: segfaults on Power PC 32-bit
- 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on
linux-powerpcspe
- PR3559: Use ldrexd for atomic reads on ARMv7.
- 8187577, PR3578: JVM crash during gc doing concurrent marking
- 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong
- 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile
- PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code
- 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26
* Wed Jun 6 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.172-1.b11
- updated to u172-b11
- removed patches:
- patch207 8200556-pr3566.patch
- patch104 pr3458-rh1540242.patch
- patch209 8035496-hotspot.patch
- patch700 pr3573.patch
* Fri May 4 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-5.b10
- Remove duplicate patch rhbz_1538767_fix_linking2.patch. Just use
rhbz_1538767_fix_linking.patch.
* Wed Apr 25 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-4.b10
- Enable hardened build unconditionally (also for Zero).
Resolves RHBZ#1290936.
* Tue Apr 24 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-3.b10
- Enable hardened build for Aarch64.
* Tue Apr 24 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-2.b10
- Update rhbz1548475-LDFLAGSusage.patch to also set linker
flags for libsaproc.so and libjsig.so.
* Wed Apr 18 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.171-1.b10
- Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10.
- Fix jconsole.desktop.in subcategory, replacing "Monitor" with
"Profiling" (PR3550) (gnu_andrew)
- Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add
misisng ones (gnu_andrew)
* Wed Apr 18 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.162-7.b12
- added ownership of policy dir and subdirs
- removed ignored attributes for classes.jsa
* Tue Apr 10 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.162-6.b12
- Use correct patch for RHBZ#1538767 (JDK-8196516)
* Mon Apr 2 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.162-5.b12
- Cleanup from previous commit.
- Remove unused upstream patch 8167200.hotspotAarch64.patch.
* Thu Mar 29 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.162-3.b12
- returned patch562 rhbz_1540242.patch
- added Patch563 rhbz_1536622-JDK8197429-jdk8.patch
* Mon Mar 26 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.162-2.b12
- Added patch 540 rhbz1548475-LDFLAGSusage.patch to honor build flags fully
* Wed Mar 21 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.162-1.b12
- Update to aarch64-jdk8u162-b12 and aarch64-shenandoah-jdk8u162-b12.
- Remove upstreamed patches for 8181055/PR3394/RH1448880,
- 8181419/PR3413/RH1463144, 8145913/PR3466/RH1498309,
- 8168318/PR3466/RH1498320, 8170328/PR3466/RR1498321 and
- 8181810/PR3466/RH1498319.
* Wed Mar 7 2018 Adam Williamson <awilliam@redhat.com> -
1:1.8.0.161-9.b14
- Rebuild to fix GCC 8 mis-compilation
See https://da.gd/YJVwk ("GCC 8 ABI change on x86_64")
* Sun Feb 11 2018 Sandro Mani <manisandro@gmail.com> - 1:1.8.0.161-8.b14
- Rebuild (giflib)
* Fri Feb 9 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> -
1:1.8.0.161-7.b14
- Escape macros in %changelog
* Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> -
1:1.8.0.161-6.b14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.161-5.b14
- Additional fix needed for FTBFS bug on aarch64.
Resolves RHBZ#1540242.
* Wed Jan 31 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.161-4.b14
- Add fix for FTBFS on aarch64 and armv7hl.
Resolves RHBZ#1540242.
* Tue Jan 30 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.161-3.b14
- Include Aarch64 build fixes post January 2018 CPU.
* Mon Jan 29 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.161-2.b14
- Work around ppc64le gdb backtrace problem in %check.
See RHBZ#1539664
* Wed Jan 24 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.161-1.b14
- Fix FTBFS due to link failure in libfontmanager.so
- See RHBZ#1538767
* Wed Jan 24 2018 jvanek <jvanek@redhat.com> - 1:1.8.0.161-0.b14
- updated to u161, rmeoved upstreamed patches
- removed patch555 8164293-pr3412-rh1459641.patch
- removed patch550 8175813-pr3394-rh1448880.patch
- removed patch547 8173941-pr3326.patch
- removed patch532 8162384-pr3122-rh1358661.patch
- removed patch535 8153711-pr3313-rh1284948.patch
- removed patch561 8075484-pr3473-rh1490713.patch
- removed patch554 8175887-pr3415.patch
* Mon Nov 13 2017 jvanek <jvanek@redhat.com> - 1:1.8.0.151-1.b12
- added ownership of etc dirs
- sysconfdir/.java/.systemPrefs
- sysconfdir/.java
* Wed Oct 25 2017 jvanek <jvanek@redhat.com> - 1:1.8.0.151-1.b12
- updated to aarch64-jdk8u151-b12 (from aarch64-port/jdk8u)
- updated to aarch64-shenandoah-jdk8u151-b12 (from
aarch64-port/jdk8u-shenandoah) of hotspot
- used aarch64-port-jdk8u-aarch64-jdk8u151-b12.tar.xz as new sources
- used aarch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u151-b12.tar.xz as
new sources for hotspot
- tapset updated to 3.6pre02
- policies adapted to new limited/unlimited schmea
- above acomapnied by c-j-c 3.3
- alligned patches and added PPC ones (thanx to gnu_andrew)
- added patch209: 8035496-hotspot.patch
- added patch210: suse_linuxfilestore.patch
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1509371 - JDK UseCGroupMemoryLimitForHeap not systemd compatible
https://bugzilla.redhat.com/show_bug.cgi?id=1509371
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-d4bfa98f6a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2BAGGEZ7NSKJTZLJOX2MCSEKUSKL7FZK/
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung