Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in java-11-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-11-openjdk
ID: FEDORA-2019-4bafcdb85f
Distribution: Fedora
Plattformen: Fedora 29
Datum: Sa, 26. Oktober 2019, 09:23
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1683095
Applikationen: OpenJDK

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2019-4bafcdb85f
2019-10-25 18:06:00.867093
-------------------------------------------------------------------------------
-

Name : java-11-openjdk
Product : Fedora 29
Version : 11.0.5.10
Release : 0.fc29
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment 11
Description :
The OpenJDK runtime environment.

-------------------------------------------------------------------------------
-
Update Information:

Update to OpenJDK October CPU (security update). See:
https://openjdk.java.net/groups/vulnerability/advisories/2019-10-15
http://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-October/002025.html
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Oct 9 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-0
- Update to shenandoah-jdk-11.0.5+10 (GA)
- Switch to GA mode for final release.
* Mon Oct 7 2019 Andrew Hughes <gnu.andrew@redhat.com> -
1:11.0.5.9-0.0.ea
- Update to shenandoah-jdk-11.0.5+9 (EA)
* Tue Aug 27 2019 Andrew Hughes <gnu.andrew@redhat.com> -
1:11.0.5.2-0.2.ea
- Update generate_source_tarball.sh script to use the PR3751 patch and retain
the secp256k1 curve.
- Regenerate source tarball using the updated script and add the
-'4curve' suffix.
- PR3751 includes the changes in the PR1834/RH1022017 patch which is removed.
* Sat Aug 24 2019 Andrew John Hughes <gnu.andrew@redhat.com> -
1:11.0.5.2-0.1.ea
- Update to shenandoah-jdk-11.0.5+2 (EA)
* Mon Aug 12 2019 Andrew Hughes <gnu.andrew@redhat.com> -
1:11.0.5.1-0.1.ea
- Update to shenandoah-jdk-11.0.5+1 (EA)
- Switch to EA mode for 11.0.5 pre-release builds.
* Thu Aug 8 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.4.11-4
- Switch to in-tree SunEC code, dropping NSS runtime dependencies and patches
to link against it.
* Fri Jul 26 2019 Andrew John Hughes <gnu.andrew@redhat.com> -
1:11.0.4.11-3
- Drop unnecessary build requirement on gtk3-devel, as OpenJDK searches for
Gtk+ at runtime.
- Add missing build requirement for libXrender-devel, previously masked by
Gtk3+ dependency
- Add missing build requirement for libXrandr-devel, previously masked by Gtk3+
dependency
- fontconfig build requirement should be fontconfig-devel, previously masked by
Gtk3+ dependency
* Tue Jul 9 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.4.11-0
- Update to shenandoah-jdk-11.0.4+11 (GA)
- Switch to GA mode for final release.
* Mon Jul 8 2019 Andrew Hughes <gnu.andrew@redhat.com> -
1:11.0.4.10-0.2.ea
- Obsolete javadoc-slowdebug and javadoc-slowdebug-zip packages via javadoc and
javadoc-zip respectively.
* Mon Jul 8 2019 Andrew Hughes <gnu.andrew@redhat.com> -
1:11.0.4.10-0.1.ea
- Update to shenandoah-jdk-11.0.4+10 (EA)
* Sun Jun 30 2019 Andrew John Hughes <gnu.andrew@redhat.com> -
1:11.0.4.2-0.1.ea
- Update to shenandoah-jdk-11.0.4+2 (EA)
* Fri Jun 21 2019 Severin Gehwolf <sgehwolf@redhat.com> -
1:11.0.4.2-0.1.ea
- Package jspawnhelper (see JDK-8220360).
* Fri Jun 21 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.3.7-6
- Include 'ea' designator in Release when appropriate.
* Wed May 22 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.3.7-6
- Handle milestone as variables so we can alter it easily and set the docs zip
filename appropriately.
* Thu Apr 25 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.3.7-3
- Don't produce javadoc/javadoc-zip sub packages for the
debug variant build.
- Don't perform a bootcycle build for the debug variant build.
* Wed Apr 24 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.3.7-2
- Don't generate lib-style requires for -slowdebug subpackages.
- Resolves: RHBZ#1702379
* Tue Apr 23 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.3.7-1
- Fix requires/provides for the non-system JDK case. JDK 11
isn't a system JDK at this point.
- Resolves: RHBZ#1702324
* Sun Apr 7 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.3.7-0
- Update to shenandoah-jdk-11.0.3+7 (April 2019 GA)
* Sat Apr 6 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.3.6-0
- Update to shenandoah-jdk-11.0.3+6 (April 2019 EA)
- Drop JDK-8210416/RH1632174 applied upstream.
- Drop JDK-8210425/RH1632174 applied upstream.
- Drop JDK-8210647/RH1632174 applied upstream.
- Drop JDK-8210761/RH1632174 applied upstream.
- Drop JDK-8210703/RH1632174 applied upstream.
- Add cast to resolve s390 ambiguity in call to log2_intptr
* Thu Mar 21 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-9
- Add patch for RH1566890
* Mon Mar 11 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-7
- Add -Wa,--generate-missing-build-notes=yes C flags. So as to
fix annocheck warnings for assembler source files.
* Tue Feb 26 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-6
- Don't package lib/client and lib/client/classes.jsa
which don't exist.
- Resolves: RHBZ#1643469
* Tue Feb 19 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-5
- Add explicit requirement for libXcomposite which is used when performing
screenshots from Java.
- Add explicit BR unzip required for building OpenJDK.
* Thu Feb 14 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-4
- Add a test verifying system crypto policies can be disabled
* Tue Feb 12 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.2.7-3
- Don't build the test images needlessly.
* Thu Feb 7 2019 Andrew John Hughes <gnu.andrew@redhat.com> -
1:11.0.2.7-2
- Add PR3695 to allow the system crypto policy to be turned off.
- Correct original system crypto policy patch to refer to OpenJDK 11 bug
(PR3694)
* Tue Jan 15 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.2.7-0
- Update to shenandoah-jdk-11.0.2+7 (January 2019 CPU)
- Drop JDK-8211105/RH1628612/RH1630996 applied upstream.
- Drop JDK-8209639/RH1640127 applied upstream.
- Re-generate JDK-8210416/RH1632174 following JDK-8209786
* Fri Jan 11 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.1.13-11
- Update to shenandoah-jdk-11.0.1+13-20190101
- Update tarball generation script in preparation for PR3681/RH1656677 SunEC
changes.
- Use remove-intree-libraries.sh to remove the remaining SunEC code for now.
- Fix PR1983 SunEC patch so that ecc_impl.h is patched rather than added
- Add missing RH1022017 patch to reduce curves reported by SSL to those we
support.
- Remove RH1648995; fixed upstream.
* Wed Dec 5 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.1.13-9
- for non debug supackages, ghosted all masters and slaves (rhbz1649776)
- for tech-preview packages, if-outed versionless provides. Aligned versions to
be %{epoch}:%{version}-%{release} instead of chaotic
- Removed all slowdebug provides (rhbz1655938); for tech-preview packages also
removed all internal provides
* Wed Nov 28 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.1.13-8
- Added %global _find_debuginfo_opts -g
- Resolves: RHBZ#1520879 (Detailed NMT issue)
* Mon Nov 12 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.1.13-6
- fixed tck failures of arraycopy and process exec with shenandoah on
- added patch585
rh1648995-shenandoah_array_copy_broken_by_not_always_copy_forward_for_disjoint_arrays.patch
* Wed Nov 7 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.1.13-5
- headless' suggests of cups, replaced by Requires of cups-libs
* Thu Nov 1 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.1.13-3
- added Patch584
jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch
* Mon Oct 29 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.1.13-3
- Use upstream's version of Aarch64 intrinsics disable patch:
- Removed:
RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch
RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch
- Superceded by:
jdk8211105-aarch64-disable_cos_sin_and_log_intrinsics.patch
* Thu Oct 18 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.1.13-2
- Use LTS designator in version output for RHEL.
* Thu Oct 18 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.1.13-1
- Update to October 2018 CPU release, 11.0.1+13.
* Wed Oct 17 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.0.28-2
- Use --with-vendor-version-string=18.9 so as to show original
GA date for the JDK.
* Fri Sep 28 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.0.28-1
- Identify as GA version and no longer as early access (EA).
- JDK 11 has been released for GA on 2018-09-25.
* Fri Sep 28 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.ea.28-9
- Rework changes from 1:11.0.ea.22-6. RHBZ#1632174 supercedes
RHBZ-1624122.
- Add patch,
jdk8210416-rh1632174-compile_fdlibm_with_o2_ffp_contract_off_on_gcc_clang_arches.patch, so as to
optimize compilation of fdlibm library.
- Add patch,
jdk8210425-rh1632174-sharedRuntimeTrig_sharedRuntimeTrans_compiled_without_optimization.patch, so
as to optimize compilation of sharedRuntime{Trig,Trans}.cpp
- Add patch,
jdk8210647-rh1632174-libsaproc_is_being_compiled_without_optimization.patch, so as to
optimize compilation of libsaproc (extra c flags won't override
optimization).
- Add patch,
jdk8210761-rh1632174-libjsig_is_being_compiled_without_optimization.patch, so as to
optimize compilation of libjsig.
- Add patch, jdk8210703-rh1632174-vmStructs_cpp_no_longer_compiled_with_o0, so
as to
optimize compilation of vmStructs.cpp (part of libjvm.so).
- Reinstate filtering of opt flags coming from redhat-rpm-config.
* Thu Sep 27 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.ea.28-8
- removed version less provides
- javadocdir moved to arched dir as it is no longer noarch
* Thu Sep 20 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.ea.28-6
- Add patch,
RHBZ-1630996-JDK-8210858-workaround-disable-aarch64-intrinsic-log.patch,
so as to disable log math intrinsic on aarch64. Work-around for
JDK-8210858
* Thu Sep 13 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.ea.28-5
- Add patch,
RHBZ-1628612-JDK-8210461-workaround-disable-aarch64-intrinsic.patch,
so as to disable dsin/dcos math intrinsics on aarch64. Work-around for
JDK-8210461.
* Wed Sep 12 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.ea.22-6
- Add patch, JDK-8210416-RHBZ-1624122-fdlibm-opt-fix.patch, so as to
optimize compilation of fdlibm library.
- Add patch, JDK-8210425-RHBZ-1624122-sharedRuntimeTrig-opt-fix.patch, so
as to optimize compilation of sharedRuntime{Trig,Trans}.cpp
- Add patch, JDK-8210647-RHBZ-1624122-libsaproc-opt-fix.patch, so as to
optimize compilation of libsaproc (extra c flags won't override
optimization).
- Add patch, JDK-8210703-RHBZ-1624122-vmStructs-opt-fix.patch, so as to
optimize compilation of vmStructs.cpp (part of libjvm.so).
- No longer filter -O flags from C flags coming from
redhat-rpm-config.
* Mon Sep 10 2018 Jiri Vanek <jvanek@redhat.com> - 1:11.0.ea.28-4
- link to jhsdb followed its file to ifarch jit_arches ifnarch s390x
* Fri Sep 7 2018 Severin Gehwolf <sgehwolf@redhat.com> - 1:11.0.ea.28-3
- Enable ZGC on x86_64.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1683095 - [F30] java-11-openjdk intermittently FTBFS on i686 in G1
code due to a race condition
https://bugzilla.redhat.com/show_bug.cgi?id=1683095
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-4bafcdb85f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung