~openjdk/openjdk/openjdk7 : changes

~openjdk/openjdk/openjdk7 » Changes from revision 626

From Revision 618 to 599

Rev	Summary	Authors	Date
618	openjdk-7 (7u151-2.6.11-3) experimental; urgency=medium openjdk-7 (7u151-2.6.11-3) experimental; urgency=medium [ Matthias Klose ] * Disable bootstrap on wheezy, it currently fails due to the last round of 8u151 security patches (Emilio Pozuelo Monfort). [ Tiago Stürmer Daitx ] * debian/patches/hotspot-aarch64-S8145438-fix-field-too-big-for-insn.patch: the S8144028 fix was incomplete and followed up by S8145438; without it aarch64 JVM can fail with "Internal Error, failed: Field too big for insn". -- Matthias Klose <doko@ubuntu.com> Thu, 23 Nov 2017 16:37:21 +0100	Matthias Klose	7 years ago
617	- 7u151-2.6.11-2 upload - 7u151-2.6.11-2 upload	Matthias Klose	7 years ago
616	- 7u151-2.6.11 upload - 7u151-2.6.11 upload	Matthias Klose	7 years ago
615	openjdk-7 (7u131-2.6.9-3) experimental; urgency=medium openjdk-7 (7u131-2.6.9-3) experimental; urgency=medium * Only include the failing tests in the packages, not the whole test world. * openjdk-7-jdk: Provide openjdk-7-jdk-headless. -- Matthias Klose <doko@ubuntu.com> Sat, 20 May 2017 15:52:17 -0700	Matthias Klose	7 years ago
614	openjdk-7 (7u131-2.6.9-2) experimental; urgency=high openjdk-7 (7u131-2.6.9-2) experimental; urgency=high [ Tiago Stürmer Daitx ] * Fix JDK regression introduced by 7u131 upgrade: (LP: #1691126) - d/p/jdk-S8173783-fix-illegalargumentexception-regression.patch: fix "IllegalArgumentException: jdk.tls.namedGroups" backported from http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f5d0aadb4d1c -- Matthias Klose <doko@ubuntu.com> Tue, 16 May 2017 21:42:12 -0700	Matthias Klose	7 years ago
613	openjdk-7 (7u131-2.6.9-1) experimental; urgency=high openjdk-7 (7u131-2.6.9-1) experimental; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.9 (based on 7u131): * Security fixes - S8167110, CVE-2017-3514: Windows peering issue. - S8163528, CVE-2017-3511: Better library loading. - S8169011, CVE-2017-3526: Resizing XML parse trees. - S8163520, CVE-2017-3509: Reuse cache entries. - S8171533, CVE-2017-3544: Better email transfer. - S8170222, CVE-2017-3533: Better transfers of files. - S8171121, CVE-2017-3539: Enhancing jar checking. - S8172299: Improve class processing. * debian/compat: updated from 5 to 9. * debian/watch: using watch version 4 to download both icedtea and icedtea-sound. LP: #1642420. * debian/repack: simplified tarball download. * debian/rules: - removed 8u121 patches as they have been applied to 7u131. - building icedtea-sound on build/ directory - replaced 'dh_strip -k' calls by dh_prep - have the 'build' rule depend on 'debian/control' rule to force failure if debian/control gets regenerated. - added file 'security/blacklisted.cert' to be copied to etc dir (introduced by S8011402). - simplified build dependencies. - removed jtreg's xvfb-run call since icedtea takes care of calling it. - removed window manager as there are no additional significant failures on the jdk tests when not running one. - re-enabled jdk jtreg tests. - removed lpia arch. - use fonts-wqy-microhei and fonts-wqy-zenhei instead of transitional package names. - drop Recommends on obsolete GNOME libraries so they are not in a default GNOME desktop installation (Simon McVittie). Closes: #850270. + sun.net.spi.DefaultProxySelector prefers libglib2.0-0 (>= 2.24) over obsolete libgconf2-4. + sun.nio.fs.GnomeFileTypeDetector prefers libglib2.0-0 (>= 2.24) over libgnomevfs-2-0. + sun.xawt.awt_Desktop prefers libgtk2.0-0 (>= 2.14) over libgnomevfs2-0. * debian/control.in: added static build dependencies as their previous selection logic in debian/rules is no longer required. * debian/control: regenerated. * debian/patches/icedtea-sound.diff: removed, now packing icedtea-sound 1.0.1 which includes those fixes. * debian/upstream/signing-key.asc: add new signing key. [ Matthias Klose ] * Remove obsolete changelog entries from previous release. -- Matthias Klose <doko@ubuntu.com> Tue, 16 May 2017 13:49:35 -0700	Matthias Klose	7 years ago
612	* Remove obsolete changelog entries from previous release. * Remove obsolete changelog entries from previous release.	Matthias Klose	8 years ago
611	* Remove obsolete changelog entries from previous release. * Remove obsolete changelog entries from previous release.	Matthias Klose	8 years ago
610	openjdk-7 (7u121-2.6.8-2) experimental; urgency=high openjdk-7 (7u121-2.6.8-2) experimental; urgency=high [ Tiago Stürmer Daitx ] * Security fixes from 8u121: - S8167104, CVE-2017-3289: Custom class constructor code can bypass the required call to super.init allowing for uninitialized objects to be created. - S8164143, CVE-2017-3260: It is possible to corrupt memory by calling dispose() on a CMenuComponentmultiple times. - S8168714, CVE-2016-5546: ECDSA will accept signatures that have various extraneous bytes added to them whereas the signature is supposed to be unique. - S8166988, CVE-2017-3253: The PNG specification allows the [iz}Txt sections to be 2^32-1 bytes long so these should not be uncompressed unless the user explicitly requests it. - S8168728, CVE-2016-5548: DSA signing exhibits a timing bias that may leak information about k. - S8161743, CVE-2017-3252: LdapLoginModule incorrectly tries to deserialize responses from an LDAP server when an LDAP context is expected. - S8167223, CVE-2016-5552: Parsing of URLs can be inconsistent with how users or external applications would interpret them leading to possible security issues. - S8168705, CVE-2016-5547: A value from an InputStream is read directly into the size argument of a new byte[] without validation. - S8164147, CVE-2017-3261: An integer overflow exists in SocketOutputStream which can lead to memorydisclosure. - S8151934, CVE-2017-3231: Under some circumstances URLClassLoader will dispatch HTTP GET requests where the invoker does not have permission. - S8165071, CVE-2016-2183: 3DES can be exploited for block collisions when long running sessions are allowed. * Missing - S8165344, CVE-2017-3272: A protected field can be leveraged into type confusion. - S8156802, CVE-2017-3241: RMI deserialization should limit the types deserialized to prevent attacks that could escape the sandbox. * Ignored - S8168724, CVE-2016-5549: ECDSA signing exhibits a timing bias that may leak information about k. -- Matthias Klose <doko@ubuntu.com> Tue, 07 Feb 2017 11:09:39 +0100	Matthias Klose	8 years ago
609	openjdk-7 (7u121-2.6.8-1) experimental; urgency=medium openjdk-7 (7u121-2.6.8-1) experimental; urgency=medium * IcedTea release 2.6.8 (based on 7u121): -- Matthias Klose <doko@ubuntu.com> Mon, 14 Nov 2016 13:38:40 +0100	Matthias Klose	8 years ago
608	- upload 7u111-2.6.7-3 - upload 7u111-2.6.7-3	Matthias Klose	8 years ago
607	[ Tiago Stürmer Daitx ] [ Tiago Stürmer Daitx ] * Don't use precompiled header files on arm64. * Update the sec-webrev-8u111-S8159503.hotspot patch.	Matthias Klose	8 years ago
606	[ Tiago Stürmer Daitx ] [ Tiago Stürmer Daitx ] * Backported security fixes from 8u111: - CVE-2016-5568, S8158993: Service Menu services. - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. - CVE-2016-5554, S8157739: Classloader Consistency Checking. - CVE-2016-5542, S8155973: Tighten jar checks. * debian/rules: - removed lcms version 1 option as no current release uses that, lcms2 is now default. - removed in-tree/system lcms selection to always use system's lcms. - removed all cacao references except for the transitional cacao package. - updated jtreg tests to use othervm. - simplified rhino and libcups dependency selection. * debian/buildwatch.sh: updated to stop it if no 'make' process is running, as it probably means that the build failed - otherwise buildwatch keeps the builder alive until it exits after the timer (3 hours by default) expires. * debian/control.in: removed cacao references. * debian/README.source: removed cacao references. * debian/patches/cacao-armv4.diff: deleted file. * Makefile.am: remove -samevm * debian/patches/it-jamvm-8158260-unsafe-methods.patch: fix JAMVM after the introduction of two new Unsafe methods in the OpenJDK hotspot. Closes: #833933. (LP: #1611598)	Matthias Klose	8 years ago
605	- check-in remaining changes for 7u111-2.6.7-1 upload - check-in remaining changes for 7u111-2.6.7-1 upload	Matthias Klose	8 years ago
604	openjdk-7 (7u101-2.6.6-2) experimental; urgency=medium openjdk-7 (7u101-2.6.6-2) experimental; urgency=medium * Configure with --disable-arm32-jit, broken by the security update. -- Matthias Klose <doko@ubuntu.com> Sat, 23 Apr 2016 02:28:28 +0200	Matthias Klose	8 years ago
603	openjdk-7 (7u101-2.6.6-1) experimental; urgency=medium openjdk-7 (7u101-2.6.6-1) experimental; urgency=medium [ Tiago Stürmer Daitx ] * IcedTea release 2.6.6 (based on 7u101): * Security fixes - S8129952, CVE-2016-0686: Ensure thread consistency - S8132051, CVE-2016-0687: Better byte behavior - S8138593, CVE-2016-0695: Make DSA more fair - S8139008: Better state table management - S8143167, CVE-2016-3425: Better buffering of XML strings - S8144430, CVE-2016-3427: Improve JMX connections - S8146494: Better ligature substitution - S8146498: Better device table adjustments * debian/patches/jdk-8152335-improve-methodhandle-consistency.patch: removed, fix is upstream since 2.6.5 [ Matthias Klose ] * Fix handling of /usr/lib/jvm/*/jre/lib/zi if internal tzdata is used (Andreas Beckmann). Closes: #821858. -- Matthias Klose <doko@ubuntu.com> Fri, 22 Apr 2016 21:14:22 +0200	Matthias Klose	8 years ago
602	openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium [ Tiago Stürmer Daitx ] * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency [ Matthias Klose ] * Use internal tzdata for builds in stretch, unstable, experimental. Closes: #818308. -- Matthias Klose <doko@ubuntu.com> Thu, 24 Mar 2016 15:24:32 +0100 openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium * Upload to experimental. -- Matthias Klose <doko@ubuntu.com> Fri, 05 Feb 2016 17:51:20 +0100 openjdk-7 (7u95-2.6.4-1) unstable; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.4 (based on 7u95): * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed [ Matthias Klose ] * Remove obsolete IcedTea configure options. * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. * Don't run the test on mips, still having stone age buildd hardware and empty promises to fix these issues since 2010. -- Matthias Klose <doko@ubuntu.com> Thu, 21 Jan 2016 13:17:54 +0100	Matthias Klose	8 years ago
601	openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium * Fix stripping packages (use bash instead of expr substring). * openjdk-jre-headless: Add dependency on the package containing the mountpoint binary. Closes: #803717. * openjdk-7-jdk: Fix typo in sdk provides. Closes: #803150. * Build using giflib 5. -- Matthias Klose <doko@ubuntu.com> Mon, 30 Nov 2015 06:27:48 +0100	Matthias Klose	9 years ago
600	* Fix stripping packages (use bash instead of expr substring... * Fix stripping packages (use bash instead of expr substring).	Matthias Klose	9 years ago
599	openjdk-7 (7u91-2.6.3-2) unstable; urgency=medium openjdk-7 (7u91-2.6.3-2) unstable; urgency=medium * Enable sparc64 for hotspot (John Paul Adrian Glaubitz). * Add debian/patches/sparc-libproc-fix.diff to include missing headers on sparc64 (David Matthew Mattli). Closes: #805846. -- Matthias Klose <doko@ubuntu.com> Wed, 25 Nov 2015 23:38:54 +0100 openjdk-7 (7u91-2.6.3-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * Icedtea release 2.6.3 (based on 7u91): * Security fixes - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed -- Matthias Klose <doko@ubuntu.com> Thu, 19 Nov 2015 01:27:25 +0100	Matthias Klose	9 years ago

Older »