Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in java-1.8.0-openjdk
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in java-1.8.0-openjdk
ID: FEDORA-2018-4d58785bcd
Distribution: Fedora
Plattformen: Fedora 28
Datum: So, 29. Juli 2018, 08:50
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1509371
Applikationen: OpenJDK

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-4d58785bcd
2018-07-29 03:19:11.836617
-------------------------------------------------------------------------------
-

Name : java-1.8.0-openjdk
Product : Fedora 28
Version : 1.8.0.181
Release : 7.b13.fc28
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment 8
Description :
The OpenJDK runtime environment.

-------------------------------------------------------------------------------
-
Update Information:

Security critical patch update for OpenJDK (July CPU). See
http://www.oracle.com/technetwork/security-
advisory/cpujul2018-4258247.html#AppendixJAVA
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Jul 23 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.181-7.b13
- updated to u181
- patches aligned according to rhel7 (full credit to gnu_andrew)
- removed upstreamed patch104 pr3458-rh1540242-aarch64.patch
- removed upstreamed patch568 8187577-pr3578.patch
* Tue Jul 17 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.172-16.b11
- added Recommends gtk2 for main package
- added Suggests lksctp-tools, pcsc-lite-devel, cups for headless package
- see RHBZ1598152
* Tue Jul 10 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-13.b11
- Fix hook to show hs_err*.log files on failures.
* Mon Jul 2 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-12.b11
- Fix requires/provides filters for internal libs. See
RHBZ#1590796
* Wed Jun 20 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-11.b11
- Add additional fix (PR3601) to fix -Wreturn-type failures introduced by
8061651
- Backport 8064786 (PR3601) to fix -Wreturn-type failure on debug builds.
- Bring in PR3519 from IcedTea 3.7.0 to fix remaining -Wreturn-type failure on
AArch64.
- Sync with IcedTea 3.8.0 patches to use -Wreturn-type.
- Add backports of 8141570, 8143245, 8197981 & 8062808.
- Drop pr3458-rh1540242-zero.patch which is covered by 8143245.
* Wed Jun 20 2018 Jiri Vanek <jvanek@redhat.com> - 11:1.8.0.172-10.b11
- jsa files changed to 444 to pass rpm verification
* Mon Jun 18 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-9.b11
- Filter private provides/requires: 'lib.so(SUNWprivate_.*'
* Thu Jun 14 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-8.b11
- Add provides/requires for libjvm.so back. See RHBZ#1591215.
* Wed Jun 13 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.172-7.b11
- Fix reg-ex for filtering private libraries' provides/requires.
* Wed Jun 13 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-6.b11
- Remove build flags exemption for aarch64 now the platform is more mature and
can bootstrap OpenJDK with these flags.
- Remove duplicate -fstack-protector-strong; it is provided by the RHEL cflags.
- Add missing changelog credits
* Mon Jun 11 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.172-5.b11
- Merge changes from RHEL 7
* Mon Jun 11 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Read jssecacerts file prior to trying either cacerts file (system or local)
(PR3575)
* Mon Jun 11 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Fix a number of bad bug identifiers (PR3546 should be PR3578, PR3456 should
be PR3546)
* Thu Jun 7 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Update Shenandoah tarball to include 2018-05-15 merge.
- Split PR3458/RH1540242 fix into AArch64 & Zero sections, so former can be
skipped on Shenandoah builds.
- Drop PR3573 patch applied upstream.
- Restrict 8187577 fix to non-Shenandoah builds, as it's included in the
new tarball.
* Thu Jun 7 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.172-5.b11
- Sync with IcedTea 3.8.0.
- Label architecture-specific fixes with architecture concerned
- x86: S8199936, PR3533: HotSpot generates code with unaligned stack, crashes
on SSE operations (-mstackrealign workaround)
- PR3539, RH1548475: Pass EXTRA_LDFLAGS to HotSpot build
- 8171000, PR3542, RH1402819: Robot.createScreenCapture() crashes in wayland
mode
- 8197546, PR3542, RH1402819: Fix for 8171000 breaks Solaris + Linux builds
- 8185723, PR3553: Zero: segfaults on Power PC 32-bit
- 8186461, PR3557: Zero's atomic_copy64() should use SPE instructions on
linux-powerpcspe
- PR3559: Use ldrexd for atomic reads on ARMv7.
- 8187577, PR3578: JVM crash during gc doing concurrent marking
- 8201509, PR3579: Zero: S390 31bit atomic_copy64 inline assembler is wrong
- 8165489, PR3589: Missing G1 barrier in Unsafe_GetObjectVolatile
- PR3591: Fix for bug 3533 doesn't add -mstackrealign to JDK code
- 8184309, PR3596: Build warnings from GCC 7.1 on Fedora 26
* Wed Jun 6 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.172-1.b11
- updated to u172-b11
- removed patches:
- patch207 8200556-pr3566.patch
- patch104 pr3458-rh1540242.patch
- patch209 8035496-hotspot.patch
- patch700 pr3573.patch
* Thu May 17 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-6.b10
- Move to javapackages-filesystem over javapackages-tools
for directory ownership. Resolves RHBZ#1500288.
* Fri May 4 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-5.b10
- Remove duplicate patch rhbz_1538767_fix_linking2.patch. Just use
rhbz_1538767_fix_linking.patch.
* Wed Apr 25 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-4.b10
- Enable hardened build unconditionally (also for Zero).
Resolves RHBZ#1290936.
* Tue Apr 24 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-3.b10
- Enable hardened build for Aarch64.
* Tue Apr 24 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.171-2.b10
- Update rhbz1548475-LDFLAGSusage.patch to also set linker
flags for libsaproc.so and libjsig.so.
* Wed Apr 18 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.171-1.b10
- Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10.
- Fix jconsole.desktop.in subcategory, replacing "Monitor" with
"Profiling" (PR3550) (gnu_andrew)
- Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add
misisng ones (gnu_andrew)
* Wed Apr 18 2018 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.162-7.b12
- added ownership of policy dir and subdirs
- removed ignored attributes for classes.jsa
* Tue Apr 10 2018 Severin Gehwolf <sgehwolf@redhat.com> -
1:1.8.0.162-6.b12
- Use correct patch for RHBZ#1538767 (JDK-8196516)
* Mon Apr 2 2018 Andrew Hughes <gnu.andrew@redhat.com> -
1:1.8.0.162-5.b12
- Cleanup from previous commit.
- Remove unused upstream patch 8167200.hotspotAarch64.patch.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1509371 - JDK UseCGroupMemoryLimitForHeap not systemd compatible
https://bugzilla.redhat.com/show_bug.cgi?id=1509371
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-4d58785bcd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQOPSPGKVQCFIE2XTLU2LMNWETD7N4HS/
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung