|
|
|
|
Changelog for java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-45.1.x86_64.rpm :
* Thu Dec 05 2013 lijewski.stefanAATTgmail.com- update to 1.12.7, with following fixes: Security fixes S8006900, CVE-2013-3829: Add new date/time capability S8008589: Better MBean permission validation S8011071, CVE-2013-5780: Better crypto provider handling S8011081, CVE-2013-5772: Improve jhat S8011157, CVE-2013-5814: Improve CORBA portablility S8012071, CVE-2013-5790: Better Building of Beans S8012147: Improve tool support S8012277: CVE-2013-5849: Improve AWT DataFlavor S8012425, CVE-2013-5802: Transform TransformerFactory S8013503, CVE-2013-5851: Improve stream factories S8013506: Better Pack200 data handling S8013510, CVE-2013-5809: Augment image writing code S8013514: Improve stability of cmap class S8013739, CVE-2013-5817: Better LDAP resource management S8013744, CVE-2013-5783: Better tabling for AWT S8014085: Better serialization support in JMX classes S8014093, CVE-2013-5782: Improve parsing of images S8014102, CVE-2013-5778: Improve image conversion S8014341, CVE-2013-5803: Better service from Kerberos servers S8014349, CVE-2013-5840: (cl) Class.getDeclaredClass problematic in some class loader configurations S8014530, CVE-2013-5825: Better digital signature processing S8014534: Better profiling support S8014987, CVE-2013-5842: Augment serialization handling S8015614: Update build settings S8015731: Subject java.security.auth.subject to improvements S8015743, CVE-2013-5774: Address internet addresses S8016256: Make finalization final S8016653, CVE-2013-5804: javadoc should ignore ignoreable characters in names S8016675, CVE-2013-5797: Make Javadoc pages more robust S8017196, CVE-2013-5850: Ensure Proxies are handled appropriately S8017287, CVE-2013-5829: Better resource disposal S8017291, CVE-2013-5830: Cast Proxies Aside S8017298, CVE-2013-4002: Better XML support S8017300, CVE-2013-5784: Improve Interface Implementation S8017505, CVE-2013-5820: Better Client Service S8019292: Better Attribute Value Exceptions S8019617: Better view of objects S8020293: JVM crash S8021290, CVE-2013-5823: Better signature validation S8022940: Enhance CORBA translations S8023683: Enhance class file parsing Backports S4075303: Use javap to enquire about a specific inner class S4111861: static final field contents are not displayed S4348375: Javap is not internationalized S4459541: “javap -l” shows line numbers as signed short; they should be unsigned S4501660: change diagnostic of -help as ‘print this help message and exit’ S4501661: disallow mixing -public, -private, and -protected options at the same time S4776241: unused source file in javap… S4870651: javap should recognize generics, varargs, enum S4876942: javap invoked without args does not print help screen S4880663: javap could output whitespace between class name and opening brace S4884240: additional option required for javap S4893408: JPEGReader throws IllegalArgException when setting the destination to BYTE_GRAY S4975569: javap doesn’t print new flag bits S6271787: javap dumps LocalVariableTypeTable attribute in hex, needs to print a table S6305779: javap: support annotations S6439940: Clean up javap implementation S6469569: wrong check of searchpath in JavapEnvironment S6474890: javap does not open .zip files in -classpath S6563752: Build and test JDK7 with Sun Studio 12 Express compilers (prep makefiles) S6587786: Javap throws error : “ERROR:Could not find ” for JRE classes S6622215: javap ignores certain relevant access flags S6622216: javap names some attributes incorrectly S6622232: javap gets whitespace confused S6622260: javap prints negative bytes incorrectly in hex S6631559: Registration of ImageIO plugins should not cause loading of jpeg.dlli and cmm.dll S6636331: ConcurrentModificationException in AppContext code S6636370: minor corrections and simplification of code in AppContext S6708729: update jdk Makefiles for new javap S6715767: javap on java.lang.ClassLoader crashes S6729772: 64-bit build with SS12 compiler: SIGSEGV (0xb) at pc=0×0000000000000048, pid=14826, tid=2 S6791502: IIOException “Invalid icc profile” on jpeg after update from JDK5 to JDK6 S6793818: JpegImageReader is too greedy creating color profiles S6799141: Build with –hash-style=both so that binaries can work on SuSE 10 S6816311: Changes to allow builds with latest Windows SDK 6.1 on 64bit Windows 2003 S6819246: improve support for decoding instructions in classfile library S6824493: experimental support for additional info for instructions S6840152: JVM crashes when heavyweight monitors are used S6841419: classfile: add constant pool iterator S6841420: classfile: add new methods to ConstantClassInfo S6843013: missing files in fix for 6824493 S6852856: javap changes to facilitate subclassing javap for variants S6867671: javap whitespace formatting issues S6868539: javap should use current names for constant pool tags S6888215: memory leak in jpeg plugin S6902264: fix indentation of tableswitch and lookupswitch S6925851: Localize JRE into pt_BR S6954275: XML signatures with reference data larger 16KB and cacheRef on fails to validate S6974017: Upgrade required Solaris Studio compilers to 5.10 (12 update 1 + patches) S6980281: SWAT: SwingSet2 got core dumped in Solaris-AMD64 using b107 swat build S6989760: cmm native compiler warnings S6989774: imageio compiler warnings in native code S7000225: Sanity check on sane-alsa-headers is broken S7013519: [parfait] Integer overflows in 2D code S7018912: [parfait] potential buffer overruns in imageio jpeg S7022999: Can’t build with FORCE_TIERED=0 S7035073: Add missing timezones to TimeZoneNames_pt_BR.java S7038711: Fix CC_VER checks for compiler options, fix use of -Wno-clobber S7146431: java.security files out-of-sync S7196533: TimeZone.getDefault() slow due to synchronization bottleneck S8000450: Restrict access to com/sun/corba/se/impl package S8002070: Remove the stack search for a resource bundle for Logger to use S8003992: File and other classes in java.io do not handle embedded nulls properly S8004188: Rename src/share/lib/security/java.security to java.security-linux S8005194: [parfait] #353 sun/awt/image/jpeg/imageioJPEG.c Memory leak of pointer ‘scale’ allocated with calloc() S8006882: Proxy generated classes in sun.proxy package breaks JMockit S8010118: Annotate jdk caller sensitive methods with AATTsun.reflect.CallerSensitive S8010727: WLS fails to add a logger with “” in its own LogManager subclass instance S8010939: Deadlock in LogManager S8011139: (reflect) Revise checking in getEnclosingClass S8011950: java.io.File.createTempFile enters infinite loop when passed invalid data S8011990: TEST_BUG: java/util/logging/bundlesearch/ResourceBundleSearchTest.java fails on Windows S8012243: about 30% regression on specjvm2008.serial on 7u25 comparing 7u21 S8012453: (process) Runtime.exec(String) fails if command contains spaces [win] S8012617: ArrayIndexOutOfBoundsException with some fonts using LineBreakMeasurer S8013380: Removal of stack walk to find resource bundle breaks Glassfish startup S8013827: File.createTempFile hangs with temp file starting with ‘com1.4′ S8014469: (tz) Support tzdata2013c S8014718: Netbeans IDE begins to throw a lot exceptions since 7u25 b10 S8014745: Provide a switch to allow stack walk search of resource bundle S8015144: Performance regression in ICU OpenType Layout library S8015965: (process) Typo in name of property to allow ambiguous commands S8015978: Incorrect transformation of XPath expression “string(-0)” S8016357: Update hotspot diagnostic class S8017566: Backout 8000450 – Cannot access to com.sun.corba.se.impl.orb.ORBImpl S8019584: javax/management/remote/mandatory/loading/MissingClassTest.java failed in nightly against jdk7u45: java.io.InvalidObjectException: Invalid notification: null S8019969: nioNetworkChannelInet6/SetOptionGetOptionTestInet6 test case crashes S8019979: Replace CheckPackageAccess test with better one from closed repo S8020054: (tz) Support tzdata2013d S8020983, RH976897: OutOfMemoryError caused by non garbage collected JPEGImageWriter Instances S8021355: REGRESSION: Five closed/java/awt/SplashScreen tests fail since 7u45 b01 on Linux, Solaris S8021366: java_util/Properties/PropertiesWithOtherEncodings fails during 7u45 nightly testing S8021577: JCK test api/javax_management/jmx_serial/modelmbean/ModelMBeanNotificationInfo/serial/index.html#Input has failed since jdk 7u45 b01 S8021933: Add extra check for fix # JDK-8014530 S8021969: The index_AccessAllowed jnlp can not load successfully with exception thrown in the log. S8022661: InetAddress.writeObject() performs flush() on object output stream S8022682: Supporting XOM S8023964: java/io/IOException/LastErrorString.java should be AATTignore-d S8024914: Swapped usage of idx_t and bm_word_t types in bitMap.inline.hpp S8025128: File.createTempFile fails if prefix is absolute path S8025255: (tz) Support tzdata2013g OJ19: Fix test cases from 8010118 to work with OpenJDK 6 OJ20: Resolve merge issues with JAXP security fixes OJ21: Remove AATTOverride annotation added on interface by 2013/10/15 security fixes Bug fixes PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel. RH995488: Java thinks that the default timezone is Busingen instead of Zurich D729448: 32-bit alignment on mips and mipsel * Mon Jul 15 2013 lijewski.stefanAATTgmail.com- update to 1.12.6 - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve deserialization - S8000642, CVE-2013-2446: Better handling of objects for transportation - S8001032: Restrict object access - S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers - S8001034, CVE-2013-1500: Memory management improvements - S8001038, CVE-2013-2444: Resourcefully handle resources - S8001043: Clarify definition restrictions - S8001309: Better handling of annotation interfaces - S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost - S8001330, CVE-2013-2443: Improve on checking order - S8003703, CVE-2013-2412: Update RMI connection dialog box - S8004584: Augment applet contextualization - S8005007: Better glyph processing - S8006328, CVE-2013-2448: Improve robustness of sound classes - S8006611: Improve scripting - S8007467: Improve robustness of JMX internal APIs - S8007471: Improve MBean notifications - S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes - S8008120, CVE-2013-2457: Improve JMX class checking - S8008124, CVE-2013-2453: Better compliance testing - S8008128: Better API coherence for JMX - S8008132, CVE-2013-2456: Better serialization support - S8008585: Better JMX data handling - S8008593: Better URLClassLoader resource management - S8008603: Improve provision of JMX providers - S8008611: Better handling of annotations in JMX - S8008615: Improve robustness of JMX internal APIs - S8008623: Better handling of MBeanServers - S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606 - S8008982: Adjust JMX for underlying interface changes - S8009004: Better implementation of RMI connections - S8009013: Better handling of T2K glyphs - S8009034: Improve resulting notifications in JMX - S8009038: Improve JMX notification support - S8009067: Improve storing keys in KeyStore - S8009071, CVE-2013-2459: Improve shape handling - S8009235: Improve handling of TSA data - S8011243, CVE-2013-2470: Improve ImagingLib - S8011248, CVE-2013-2471: Better Component Rasters - S8011253, CVE-2013-2472: Better Short Component Rasters - S8011257, CVE-2013-2473: Better Byte Component Rasters - S8012375, CVE-2013-1571: Improve Javadoc framing - S8012421: Better positioning of PairPositioning - S8012438, CVE-2013-2463: Better image validation - S8012597, CVE-2013-2465: Better image channel verification - S8012601, CVE-2013-2469: Better validation of image layouts - S8014281, CVE-2013-2461: Better checking of XML signature - S8015997: Additional improvement in Javadoc framing * Thu Apr 25 2013 mvyskocilAATTsuse.com- update to 1.12.5 (bnc#817157) * Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework RMI model - S8001322: Refactor deserialization - S8001329, CVE-2013-1557: Augment RMI logging - S8003335: Better handling of Finalizer thread - S8003445: Adjust JAX-WS to focus on API - S8003543, CVE-2013-2415: Improve processing of MTOM attachments - S8004261: Improve input validation - S8004336, CVE-2013-2431: Better handling of method handle intrinsic frames - S8004986, CVE-2013-2383: Better handling of glyph table - S8004987, CVE-2013-2384: Improve font layout - S8004994, CVE-2013-1569: Improve checking of glyph table - S8005432: Update access to JAX-WS - S8005943: (process) Improved Runtime.exec - S8006309: More reliable control panel operation - S8006435, CVE-2013-2424: Improvements in JMX - S8006790: Improve checking for windows - S8006795: Improve font warning messages - S8007406: Improve accessibility of AccessBridge - S8007617, CVE-2013-2420: Better validation of images - S8007667, CVE-2013-2430: Better image reading - S8007918, CVE-2013-2429: Better image writing - S8009063, CVE-2013-2426: Improve reliability of ConcurrentHashMap - S8009305, CVE-2013-0401: Improve AWT data transfer - S8009699, CVE-2013-2421: Methodhandle lookup - S8009814, CVE-2013-1488: Better driver management - S8009857, CVE-2013-2422: Problem with plugin - RH952389: Temporary files created with insecure permissions * Backports - S7197906: BlockOffsetArray::power_to_cards_back() needs to handle > 32 bit shifts - S7036559: ConcurrentHashMap footprint and contention improvements - S5102804: Memory leak in Introspector.getBeanInfo(Class) for custom BeanInfo: Class param (with WeakCache from S6397609) - S6501644: sync LayoutEngine *code * structure to match ICU - S6886358: layout code update - S6963811: Deadlock-prone locking changes in Introspector - S7017324: Kerning crash in JDK 7 since ICU layout update - S7064279: Introspector.getBeanInfo() should release some resources in timely manner - S8004302: javax/xml/soap/Test7013971.java fails since jdk6u39b01 - S7133220: Additional patches to JAXP 1.4.5 update 1 for 7u4 (partial for S6657673) - S8009530: ICU Kern table support broken * Bug fixes - OJ3: Fix get_stack_bounds memory leak (alternate fix for S7197906) - PR1362: Fedora 19 / rawhide FTBFS SIGILL - PR1338: Remove dependence on libXp - PR1339: Simplify the rhino class rewriter to avoid use of concurrency - PR1336: Bootstrap failure on Fedora 17/18 - PR1319: Correct #ifdef to #if - PR1402: Support glibc < 2.17 with AArch64 patch - Give xalan/xerces access to their own internal packages. * New features - JAXP, JAXWS & JAF supplied as patches rather than drops to aid subsequent patching. - PR1380: Add AArch64 support to Zero * Tue Mar 05 2013 mvyskocilAATTsuse.com- update to 1.12.4 (bnc#807487) - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion * Wed Feb 20 2013 mvyskocilAATTsuse.com- update to 1.12.3 (bnc#804654) * Security fixes - S8006446: Restrict MBeanServer access (CVE-2013-1486) - S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) - S8007688: Blacklist known bad certificate (issued by DigiCert) * Backports - S8007393: Possible race condition after JDK-6664509 - S8007611: logging behavior in applet changed * Bug fixes - PR1319: Support GIF lib v5. * Tue Feb 12 2013 mvyskocilAATTsuse.com- update to 1.12.2 (bnc#801972) * Backports - S8004341: Two JCK tests fails with 7u11 b06 - S8005615: Java Logger fails to load tomcat logger implementation (JULI) * Bug fixes - PR1297: cacao and jamvm parallel unpack failures - PR1301: PR1171 causes builds of Zero to fail- openjdk-7-src-b147-awt-crasher.patch (bnc#792951) * Tue Feb 05 2013 mvyskocilAATTsuse.com- update to 1.12.1 (bnc#801972) * Security fixes (on top of 1.12.0) - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdown - S7141694, CVE-2013-0429: Improving CORBA internals - S7173145: Improve in-memory representation of splashscreens - S7186945: Unpack200 improvement - S7186946: Refine unpacker resource usage - S7186948: Improve Swing data validation - S7186952, CVE-2013-0432: Improve clipboard access - S7186954: Improve connection performance - S7186957: Improve Pack200 data validation - S7192392, CVE-2013-0443: Better validation of client keys - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages - S7192977, CVE-2013-0442: Issue in toolkit thread - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies - S7200491: Tighten up JTable layout code - S7200500: Launcher better input validation - S7201064: Better dialogue checking - S7201066, CVE-2013-0441: Change modifiers on unused fields - S7201068, CVE-2013-0435: Better handling of UI elements - S7201070: Serialization to conform to protocol - S7201071, CVE-2013-0433: InetSocketAddress serialization issue - S8000210: Improve JarFile code quality - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class - S8000540, CVE-2013-1475: Improve IIOP type reuse management - S8000631, CVE-2013-1476: Restrict access to class constructor - S8001235, CVE-2013-0434: Improve JAXP HTTP handling - S8001242: Improve RMI HTTP conformance - S8001307: Modify ACC_SUPER behavior - S8001972, CVE-2013-1478: Improve image processing - S8002325, CVE-2013-1480: Improve management of images * Mon Feb 04 2013 mvyskocilAATTsuse.com- update to 1.12.0 * Import of OpenJDK6 b27 (all changes already in security updates) * Import of OpenJDK6 b26 - S7071826: Avoid benign race condition in initialization of UUID - S7123896: Unexpected behavior due to Solaris using separate IPv4 and IPv6 port spaces - S7142509: Cipher.doFinal(ByteBuffer,ByteBuffer) fails to process when in.remaining() == 0 - S7157903: JSSE client sockets are very slow - S7174440: JDK6-open build breakage - S7175845: JSSE client sockets are very slow - S7176477: TEST: Remove testcase test/java/lang/SecurityManager/CheckPackageDefinition.java from jdk6-open - S7184700: Backout changes with wrong id for 7157903 - S7199153: TEST_BUG: try-with-resources syntax pushed to 6-open repo * Import of OpenJDK6 b25 - S6790292: BOOTDIR of jdk6 u12 will not work with jdk7 builds - S6967036: Need to fix links with // in Javadoc comments - S7007299: FileFontStrike appears not to be threadsafe - S7022473: JDK7 still runs /etc/prtconf to find memory size - S7058133: Javah should use the freshly built classes instead of those from the BOOTDIR jdk - S7107919: Remove hotspot assertion due to Solaris 8 kstat \"unimplemented\". - S7123519: problems with certification path - S7126889: Incorrect SSLEngine debug output - S7127104: Build issue with prtconf and zones, also using := to avoid extra execs - S7128474: Update source copyright years - S7128505: Building on em64t system does not work - S7149751: another krb5 test in openjdk6 without test infrastructure * Backports - S6706974: Add krb5 test infrastructure - S6764553: com.sun.org.apache.xml.internal.security.utils.IdResolver is not thread safe - S6761072: new krb5 tests fail on multiple platforms - S6883983: JarVerifier dependency on sun.security.pkcs should be removed - S4465490: Suspicious about double-check locking idiom being used in the code - S6763340: memory leak in com.sun.corba.se. * classes - S6873605: Missing finishedDispatch() call in ORBImpl causes test failures after 5u20 b04 - S6980681: CORBA deadlock in Java SE believed to be related to CR 6238477 - S7162902: Umbrella port of a number of corba bug fixes from JDK 6 to jdk7u/8 - S6414899: P11Digest should support cloning - S4898461: Support for ECB and CBC/PKCS5Padding - S6604496: Support for CKM_AES_CTR (counter mode) - S6682411: JCK test failed w/ ArrayIndexOutOfBoundException (-1) when decrypting with no data - S6682417: JCK test failed w/ ProviderException when decrypted data is not multiple of blocks - S6687725: Internal PKCS5Padding impl should throw IllegalBlockSizeException and not BadPaddingException - S6812738: SSL stress test with GF leads to 32 bit max process size in less than 5 minutes with PCKS11 provider - S6867345: Turkish regional options cause NPE in sun.security.x509.AlgorithmId.algOID - S6924489: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_OPERATION_NOT_INITIALIZED - S7088989: Improve the performance for T4 by utilizing the newly provided crypto APIs * Bug fixes - PR902: PulseAudioClip getMicrosecondsLength() returns length in milliseconds, not microseconds - PR1050: Stream objects not garbage collected - PR1113: Add tapset tests to distribution. - PR1117: IcedTea6 prebuilds far too many classes on bootstrap - PR1121: Old installs still suffer from GCC PR41686 - PR1119: Only add classes to rt-source-files.txt if the class (or one or more of its methods/fields) are actually missing from the boot JDK - PR1114: Provide option to turn off downloading of tarballs (--disable-downloading) - PR1176: Synchronise CACAO rules between IcedTea6/7/8 where possible - RH513605: Updating/Installing OpenJDK should recreate the shared class-data archive - G422525: Apply pax markings before using a freshly built JVM. - PR986: IcedTea fails to build with IcedTea6 CACAO due to low max heap size * CACAO - PR1120: Unified version for icedtea6/7 - CA166, CA167: check-langtools fixes for icedtea6 - Implemented sun.misc.Perf.highResCounter - CACAO now identifies by its own Mercurial revision - Some memory barrier maintenance - Ability to run when compiled as Thumb on armv5 (no Thumb JIT though) - Stop creating pseudo files for OpenJDK (libjsig.so, Xusage.txt) - Clang fix for the i386 backend - CONTRIBUTE: Reference code submission process wiki instructions. - INSTALL.CACAO: Update, so following the instruction actually works. - Make doxygen work - CA172, PR1266, G453612: ARM hardfloat support - src/scripts/java.in: Look for cacao executable in install path, not in PATH. - src/vm/jit/alpha/asmpart.S: Fix copyright header. - src/vm/jit/alpha/asmpart.S: Properly set up GP in asm_abstractmethoderror - Use AATTabs_top_builddirAATT for support scripts * JamVM - ARMv6 armhf: Changes for Raspbian (Raspberry Pi) - PPC: Don\'t use lwsync if it isn\'t supported - X86: Generate machine-dependent stubs for i386 - When suspending, ignore detached threads that have died, this prevents a user caused deadlock when an external thread has been attached to the VM via JNI and it has exited without detaching - Add missing REF_TO_OBJs for references passed from JNI, this enable JamVM to run Qt-Jambi - PR1155: Do not put version number in libjvm.so SONAME * SystemTap - Addition of garbage collection probes * drop bouncycastle patch and add a shell hackery in %install * Fri Oct 19 2012 mvyskocilAATTsuse.com- update to 1.11.5 (bnc#785433) * Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7167656, CVE-2012-5077: Multiple Seeders are being created - S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types - S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector - S7172522, CVE-2012-5072: Improve DomainCombiner checking - S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC - S7189103, CVE-2012-5069: Executors needs to maintain state - S7189490: More improvements to DomainCombiner checking - S7189567, CVE-2012-5085: java net obselete protocol - S7192975, CVE-2012-5071: Conditional usage check is wrong - S7195194, CVE-2012-5084: Better data validation for Swing - S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved - S7195919, CVE-2012-5079: (sl) ServiceLoader can throw CCE without needing to create instance - S7198296, CVE-2012-5089: Refactor classloader usage - S7158800: Improve storage of symbol tables - S7158801: Improve VM CompileOnly option - S7158804: Improve config file parsing - S7176337: Additional changes needed for 7158801 fix - S7198606, CVE-2012-4416: Improve VM optimization * Backports - S7175845: \"jar uf\" changes file permissions unexpectedly - S7177216: native2ascii changes file permissions of input file - S7199153: TEST_BUG: try-with-resources syntax pushed to 6-open repo * Bug fixes - PR1194: IcedTea tries to build with /usr/lib/jvm/java-openjdk (now a 1.7 VM) by default * Mon Sep 03 2012 mvyskocilAATTsuse.cz- update to 1.11.4 (bnc#777499) * Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references * OpenJDK - S7182135: Impossible to use some editors directly - S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE * Mon Aug 20 2012 meissnerAATTsuse.com- fixed gnome-java-bridge.jar file permissions. bnc#770040 * Thu Jun 14 2012 dmuellerAATTsuse.com- fix build for non-jit packages * Thu Jun 14 2012 mvyskocilAATTsuse.cz- update to 1.11.3 (bnc#766802) * Security fixes - S7079902, CVE-2012-1711: Refine CORBA data models - S7110720: Issue with vm config file loadingIssue with vm config file loading - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC - S7143872, CVE-2012-1718: Improve certificate extension processing - S7145239: Finetune package definition restriction - S7152811, CVE-2012-1723: Issues in client compiler - S7157609, CVE-2012-1724: Issues with loop - S7160677: missing else in fix for 7152811 - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile * Bug fixes - PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358) * Tue Jun 12 2012 cfarrellAATTsuse.com- license update: GPL-2.0-with-classpath-exception Use a license from http://www.spdx.org/licenses (or from the spreadsheet linked at license.opensuse.org if spdx.org does not have a suitable entry) * Mon May 14 2012 mvyskocilAATTsuse.cz- update to 1.11.2 * Bug fixes - RH789154: javac error messages no longer contain the full path to the offending file: - PR797: Compiler error message does not display entire file name and path - PR881: Sign tests (wsse.policy.basic) failures with OpenJDK6 - PR886: 6-1.11.1 fails to build CACAO on ppc - Specify both source and target in IT_GET_DTDTYPE_CHECK. - Install nss.cfg into j2re-image too. - PR584: Don\'t use shared Eden in incremental mode. * Backports - S6792400: Avoid loading of Normalizer resources for simple uses- fix fileconflict with java-1_7_0-openjdk- add openjdk-6-src-b24-zero-increase-stack-size.patch by Dinar Valeev * Wed Apr 04 2012 reddwarfAATTopensuse.org- Add xorg-x11 BuildRequires to have xprop * Mon Feb 27 2012 dmuellerAATTsuse.de- fix build on ARM * Thu Feb 16 2012 mvyskocilAATTsuse.cz- update to 1.11.1 (bnc#747208) * Security fixes - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass - S7110704, CVE-2012-0506: Issues with some method in corba - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing - S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server * Bug fixes - PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch * Fri Feb 03 2012 roAATTsuse.de- apply ppc patch also on s390/s390x- add a 3 more void-return fixes to ppc patch * Fri Feb 03 2012 mvyskocilAATTsuse.cz- update to icedtea6-1.11, openjdk b24- ARM assembly language port reinstated and updated- Allow selection of test suites using the jtreg_checks argument e.g. jtreg_checks=\"langtools\"- Drop the outdated NIO2 backport. Users who want NIO2 should use IcedTea 2.x.- Shark has been disabled- Fixed build with GCC 4.7 * Tue Jan 17 2012 mvyskocilAATTsuse.cz- update to 1.10.5 (bugfix release) * Backports - S7034464: Support transparent large pages on Linux - S7037939: NUMA: Disable adaptive resizing if SHM large pages are used - S7102369: remove java.rmi.server.codebase property parsing from registyimpl - S7094468: rmiregistry clean up - S7103725, RH767129: REGRESSION - 6u29 breaks ssl connectivity using TLS_DH_anon_WITH_AES_128_CBC_SHA - S6851973, PR830: ignore incoming channel binding if acceptor does not set one - S7091528: javadoc attempts to parse .class files * Sat Dec 10 2011 meissnerAATTsuse.de- adjusted patch110 to fix ppc build. * Fri Dec 09 2011 mvyskocilAATTsuse.cz- there is no architecture called arm, so use macro instead * Thu Dec 08 2011 mvyskocilAATTsuse.cz- fix a stuff needed for gjc-based build * change compiler flags in configure to gjc compatible * added no-werror patch for openjdk-ecj * avoid all aditional checking packages in this mode * temporary remove memory size increase * exclude patch110 in this case - TBD later- definitelly drop noarch feature as it never worked well- add arm to 32bit architectures- remove rhino as a runtime dependency, as it\'s repackaged and installed in the jvm\'s tree- enable build --with-parallel-jobs * Wed Nov 30 2011 cooloAATTsuse.com- add automake as buildrequire to avoid implicit dependency * Fri Oct 21 2011 mvyskocilAATTsuse.cz- update to 1.10.4 (bnc#725167)- Security fixes * S7000600, CVE-2011-3547: InputStream skip() information leak * S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor * S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow * S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager * S7046794, CVE-2011-3553: JAX-WS stack-traces information leak * S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine * S7055902, CVE-2011-3521: IIOP deserialization code execution * S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks * S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) * S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer * S7077466, CVE-2011-3556: RMI DGC server remote code execution * S7083012, CVE-2011-3557: RMI registry privileged code execution * S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection- Bug fixes - RH727195: Japanese font mappings are broken- Backports - S6826104, RH730015: Getting a NullPointer exception when clicked on Application & Toolkit Modal dialog * Thu Aug 04 2011 mvyskocilAATTsuse.cz- update to 1.10.3- Bug fixes * PR748: Icedtea6 fails to build with Linux 3.0. * PR744: icedtea6-1.10.2 : patching error- Backports: * S7037283, RH712211: Null Pointer Exception in SwingUtilities2. * S6769607, PR677: Modal frame hangs for a while. * S6578583: Modality is broken in windows vista home premium from jdk1.7 b02 onwards. * S6610244: modal dialog closes with fatal error if -Xcheck:jni is set- don\'t touch java and javac alternatives anymore * Tue Jun 14 2011 mvyskocilAATTsuse.cz- fix build on 11.1/i586 distros * add icedtea6-replace-gcc-stack-marking.patch * Wed Jun 08 2011 mvyskocilAATTsuse.cz- fix bnc#698739: icedtea6-1.10.2 released- Security fixes * S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) * S6618658, CVE-2011-0865: Vulnerability in deserialization * S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() * S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code * S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings * S7013971, CVE-2011-0869: Vulnerability in SAAJ * S7016340, CVE-2011-0870: Vulnerability in SAAJ * S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero * S7020198, CVE-2011-0871: ImageIcon creates Component with null acc * S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables- Backports * S7043054: REGRESSION - wrong userBounds in Paint.createContext() * S7043963, RH698295: Window manager workaround in AWT was not applied to mutter. Now it is.- add commented bouncycastle provider into java.security allowing easy enable it from rpm requested by rgarrigue * Thu Jun 02 2011 mvyskocilAATTsuse.cz- fix bnc#695858 - call update-ca-certificates in posttrans * Thu Apr 14 2011 mvyskocilAATTsuse.cz- Fix the keystore handling * remove the default (32 bytes long) keystore, if installed * install symlinks in %posttrans, because older file not dissapear in post * Tue Apr 05 2011 mvyskocilAATTsuse.cz- Update to icedtea6-1.10.1, openjdk b22, hotdpot 20b11 see following links for more details http://blog.fuseyism.com/index.php/2011/04/04/icedtea6-1101-released/ http://blog.fuseyism.com/index.php/2011/03/02/icedtea6-110-released/- Backports: * S7023591, S7027667: Clipped antialiased rectangles are filled, not drawn. Add missing privileged block around access to the sun.awt.nativedebug property. * S7032388, PR682: Make HotSpot work on machines without cmov instruction again * S7031385, PR680: Incorrect register allocation in orderAccess_linux_x86.inline.hpp Bug fixes: * G356743: Support libpng 1.5. * RH661505: JPEGs with sRGB IEC61966-2.1 color profiles have wrong colors * PR600: HS19 upgrade broke CACAO build on ARM * PR616, PR99: Don’t statically link libstdc++ or libgcc * PR632: patches/security/20110215/6878713.patch breaks shark zero build * PR103: Usage of native2ascii during bootstrap * PR633: IcedTea installs javaws manpages on x86 even with –disable-webstart * PR635: zero fails to build on icedtea6 trunk 20110217 with hs20 * PR586: Sources missing from src.zip * PR639: Add missing include line, paths and LLVM flags for Shark. * PR640: JamVM fails to build - Unrecognised option: -XX:ThreadStackSize. * PR641: Increase stack size for PPC * PR497: Mercurial revision detection not very reliable * PR585: Freenet throws java.lang.UnsatisfiedLinkError with OpenJDK/CACAO- remove webstart and plugin, as they are now in separate icedtwa-web project- fix bnc#596177 - generate java cacerts at runtime (enabled for openSUSE 11.3+) * Tue Mar 15 2011 mvyskocilAATTsuse.cz- remove policytool from javac alternative * Thu Feb 24 2011 mvyskocilAATTsuse.cz- fix bnc#671714 - VUL-0: java-1_6_0-openjdk: permissions assigned to applets with multiple JARs (icedtea6-1.9.7)- Security updates * S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption * S6907662, CVE-2010-4465: Swing timer-based security manager bypass * S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation * S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets * S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries * S6985453, CVE-2010-4471: Java2D font-related system property leak * S6927050, CVE-2010-4470: JAXP untrusted component state manipulation * RH677332, CVE-2011-0706: Multiple signers privilege escalation- Bug fixes * RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken * G344659: Fix issue when building on SPARC * Fix latent JAXP bug caused by missing import- fix bnc#670304 - VUL-1: java-1_6_0-openjdk: denial of service using floats (icedtea6-1.9.6)- Security updates * S4421494, CVE-2010-4476: infinite loop while parsing double literal- patches changes: * obsoletes stack-protector patches (already upstreamed) * modified openjdk-6-src-b20-initialized-after.patch * modified openjdk-6-src-b20-no-werror.patch * openjdk-ecj-6-src-b20-no-return-in-nonvoid-function.patch * add openjdk-6-src-b20-stringcompare.patch * add openjdk-ecj-6-src-b20-no-return-in-nonvoid-function.patch * add openjdk-6-src-b20-gcj-workaround.patch (11.2/x86_64 workaround) * Tue Feb 01 2011 mvyskocilAATTsuse.cz- fix bnc#667313 - VUL-0: embargoed java icedtea issues- Security updates * RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass- Backports * S6687968: PNGImageReader leaks native memory through an Inflater * S6541476, RH665355: PNG imageio plugin incorrectly handles iTXt chunk * S6782079: PNG: reading metadata may cause OOM on truncated images- Fixes * PR619: Improper finalization by the plugin can crash the browser * Mon Jan 31 2011 mvyskocilAATTsuse.cz- fix bmo#582130 - symbol clash between moonlight and icedtea plugin * icedtea6-1.9.4-moonlight-symbol-clash.patch- mark cursor.properties a config * Mon Jan 17 2011 mvyskocilAATTsuse.cz- fix bnc#664298 - VUL-0: java-1_6_0-openjdk: JNLPSecurityManager in some cases silently returns when a permission is denied- Security updates: * RH663680, CVE-2010-4351: IcedTea JNLP SecurityManager bypass- Backports * S4356282: RFE: JDK should support OpenType/CFF fonts * S6954424, RH525870: Support OpenType/CFF fonts in JDK 7 * S6795356, PR590: Leak caused by javax.swing.UIDefaults.ProxyLazyValue.acc * S6967436, RH597227: lines longer than 2^15 can fill window. * S6967433: dashed lines broken when using scaling transforms. * S6976265: No STROKE_CONTROL * S6967434, PR450, RH530642: Round joins/caps of scaled up lines have poor quality. * S6438179, RH569121: XToolkit.isTraySupported() result has nothing to do with the system tray- Fixes - S7003777, RH647674: JTextPane produces incorrect content after parsing the html text- fix bnc#635365 - icedtea update broke java from firefox - bogus java path * icedtea6-1.9.4-realpath.patch use realpath to resolve the double symlinks * Tue Jan 11 2011 mvyskocilAATTsuse.cz- Update to icedtea6-1.9.3 * Re-enable compressed oops by default now 7002666 is fixed. * bakckport S7002666: Eclipse CDT projects crash with compressed oops * fix reapply ia64 fix from S6896043 which was reverted by S6953477- fix bnc#635365 - icedtea update broke java from firefox - bogus java path * wrote a proposal readlink-recursive.patch * sent upstream - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=613 * Wed Dec 01 2010 mvyskocilAATTsuse.cz- update to icedtea6-1.9.2 (bnc#656742)- Latest security updates and hardening patches: * RH645843, CVE-2010-3860: IcedTea System property information leak via public static- Upgrade to latest revision of hs19 (b09).- Allow the building of NetX to be disabled.- Backports * S6622432: RFE: Performance improvements to java.math.BigDecimal * S6850606: Regression from JDK 1.6.0_12 * S6876282: BigDecimal’s divide(BigDecimal bd, RoundingFormat r) produces incorrect result * S6991430, PR579: Zero PowerPC fix. * S6703377: freetype: glyph vector outline is not translated correctly * S6853592: VM test nsk.regression.b4261880 fails with “X Error of failed request: BadWindow” inconsistently.- Bug fixes * RH647737: Disable compressed oops in hs19 to avoid Eclipse failures. * RH643674: Update fontconfig files for Fedora 11, 12, 13 and 14.- NetX * Do not prompt user multiple times for the same certificate. * PR592: NetX can create invalid desktop entry files * Fri Oct 22 2010 mvyskocilAATTsuse.cz- update to icedtea6-1.9.1 (bnc#642531)- update to openjdk-6-b20 * fixes listed on http://blog.fuseyism.com/index.php/2010/09/10/icedtea6-19-released/- Latest security updates and hardening patches: * S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation * S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition * S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities * S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free * S6938813, CVE-2010-3557: OpenJDK Swing mutable static * S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak * S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability * S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution * S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution * S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies * S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage * S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host * S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting) * S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code * S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection * S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts * S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection * S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection * (See: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html) - IcedTeaPlugin: * PR519: 100% CPU usage when displaying applets in Webkit based browsers * Classes are no longer added to rt.jar, but to plugin.jar - NetX: * New man page for javaws * Classes are no longer added to rt.jar, but to netx.jar - bug fixes and backports * S6990437: Update with correct copyright info for source and test files from SSR10_02 fixes * S6638712: Inference with wildcard types causes selection of inapplicable method * S6650759: Inference of formal type parameter (unused in formal parameters) is not performed * S6623943: javax.swing.TimerQueue’s thread occasionally fails to start * RH633510: OpenJDK should use NUMA even if glibc doesn’t provide it - misc: * VisualVM support removed; now available in its own package at http://icedtea.classpath.org/hg/visualvm * A separate build directory is now used for the OpenJDK build: openjdk.build-ecj (stage 1) and openjdk.build (stage 2) - fix bnc#637224 - delta RPM for java-1_6_0-openjdk patch does not match installed data * mark fontconfig and much more files as config noreplace - fix bnc#648260 - update-alternatives: error: alternative pack200 can\'t be slave of java: it is a slave of javac * move *pack200 * from JRE to SDK * add workaround into post removing the *pack * slaves from java alternative - few more filters of rpmlint warnings - Patches changes: * openjdk-6-src-b16-lcms.patch - already included in b20 * openjdk-6-src-b17-enumeration-value.patch - already included in b20 * openjdk-6-src-b17-no-multiline-comments.patch - refresh for b20 * openjdk-6-src-b17-suggest-parentheses.patch - refresh for b20 * openjdk-6-src-b17-initialized-after.patch - refresh for b20 * openjdk-6-src-b20-defined-but-not-used.patch - new warn fix * openjdk-6-src-b20-may-be-used-uninitialized.patch - new fix 2 * openjdk-6-src-b20-array-subscript-has-type-char.patch - new fix 3 * openjdk-6-src-b20-no-werror.patch - remove -Werror from more locations than before * use quilt for applying of SUSE patches -> 2 new BR quilt and vim * Wed Jul 28 2010 mvyskocilAATTsuse.cz- update to icedtea6-1.8.1 (bnc#623905)- update to openjdk-6-b18- Latest security updates and hardening patches: * (CVE-2010-0837): JAR \"unpack200\" must verify input parameters (6902299) * (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) * (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653) * (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217) * (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) * (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390) * (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703) * (CVE-2010-0088): Inflater/Deflater clone issues (6745393) * (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) * (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) * (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) * (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) * (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) * (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823) * (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866) * (CVE-2009-3555): TLS: MITM attacks via session renegotiation- IcedTeaNPPlugin. * RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error * Set context classloader for all threads in an applet\'s threadgroup * PR436: Close all applet threads on exit * PR480: NPPlugin with NoScript extension. * PR488: Question mark changing into underscore in URL. * RH592553: Fix bug causing 100% CPU usage. * Don\'t generate a random pointer from a pthread_t in the debug output. * Add ForbiddenTargetException for legacy support. * Use variadic macro for plugin debug message printing. * Don\'t link the plugin with libxul libraries. * Fix race conditions in plugin initialization code that were causing hangs. * RH506730: BankID (Norwegian common online banking authentication system) applet fails to load. * Fix policy evaluation to match the proprietary JDK. * PR491: pass java_{code,codebase,archive} parameters to Java. * Adds javawebstart.version property and give user permission to read that property. * Old plugin removed; NPPlugin is now the default and is controlled by - -enable/disable-plugin. As with the old plugin, it produces a IcedTeaPlugin.so library rather than IcedTeaNPPlugin.so. * Dependence on the binary plugs mechanism removed. The plugin and NetX code is now imported into the JDK build in the same manner as langtools, CORBA, JAXP and JAXWS. * Fix for plugin buffer overflow: https://bugzilla.mozilla.org/show_bug.cgi?id=555342- NetX: * Fix security flaw in NetX that allows arbitrary unsigned apps to set any java property. * Fix a flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it. * Make path sanitization consistent; use a blacklisting approach. * Make the SingleInstanceServer thread a daemon thread. * Handle JNLP files which use native libraries but do not indicate it * Allow JNLP classloaders to share native libraries * Added encoding support- bug fixes * Nimbus Look \'n\' Feel backported from OpenJDK7. * JAXP and JAXWS now external dependencies rather than being in-tree. * 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups * 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs * 6910590: Application can modify command array in ProcessBuilder * 6909597: JPEGImageReader stepX Integer Overflow Vulnerability * 6932480: Crash in CompilerThread/Parser. Unloaded array klass? * 6678385: Fixes jvm crashes when window is resized. * Produces the \"expected\" behavior for full screen applications, when running the Metacity window manager. * Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code * Zero/Shark * Shark is now able to build itself. * For ARM, add Thumb2 JIT. * Fixed Shark sharkCompiler mattr memory corruption bug when using llvm 2.7. * others http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html * Eliminate spurious exception throwing when using PulseAudio * PR shark/483: Fix miscompilation of sun.misc.Unsafe::getByte. * PR PR icedtea/324, icedtea/481: Fix Shark VM crash. * Fix Zero build on Hitachi SH. * PR476: Enable building SystemTap support on GCC 4.5.- disabled systemtap support on openSUSE 11.2, as it requires more recent version- require xulrunner191 on 11.1 too * Thu May 20 2010 mvyskocilAATTsuse.cz- Change the policytool.desktop category to Utilities * Wed May 19 2010 roAATTsuse.de- set locale to utf-8 variant to fix build (broke when going over certificates with utf-8 filenames) * Thu May 13 2010 mvyskocilAATTsuse.cz- fix bnc#603316: openjdk run out of file descriptors * add openjdk-6-src-b17-stack-protector-fclose.patch add the missing fclose to the stack-protector patch * Wed Apr 28 2010 mvyskocilAATTsuse.cz- fixes ppc build * enable nio2 only for ix86 and x86_64 * refresh openjdk-6-src-b17-no-return-in-nonvoid-function-ppc.patch- ignore old libopenssl on 11.3+- use patch -i, instead of shell redirection * Mon Apr 12 2010 mvyskocilAATTsuse.cz- update to icedtea6-1.7.3 (bnc#594415)- security and hardending * (CVE-2010-0837): JAR “unpack200″ must verify input parameters (6902299) * (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807 * (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653) * (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217) * (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) * (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390) * (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703) * (CVE-2010-0088): Inflater/Deflater clone issues (6745393) * (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) * (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) * (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) * (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) * (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) * (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823) * (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866) * (CVE-2009-3555): TLS: MITM attacks via session renegotiation * 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups * 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs * 6910590: Application can modify command array in ProcessBuilder * 6909597: JPEGImageReader stepX Integer Overflow Vulnerability * 6932480: Crash in CompilerThread/Parser. Unloaded array klass?- Bug fixes: * Backport of 6822370: ReentrantReadWriteLock: threads hung when there are no threads holding onto the lock * Increase ThreadStackSize by 512kb on 32-bit Zero platforms * Check cacerts database is valid * Fix for plugin buffer overflow: Mozilla bug 555342 * Fix issue with ant -diagnostics on ant 1.8.0 due to changed exit code * Thu Mar 18 2010 mvyskocilAATTsuse.cz- fix bnc#589021 - Better protect java stack * openjdk-6-src-b17-stack-protector.patch * Thu Mar 04 2010 mvyskocilAATTsuse.cz- Updates: * icedtea6-1.7 * openjdk6 b17 14_oct_2009- Enabled NPPlugin - fix [bnc#582206]- patches changes: * obsolete java-1.6.0-openjdk-sparc-fixes.patch * obsolete java-1.6.0-openjdk-sparc-hotspot.patch * obsolete icedtea6-1.6-npplugin-xulrunner191.patch * obsolete icedtea6-1.6-no-return-in-nonvoid-function.patch * obsolete icedtea6-ecc-support-b387a64caa08.patch * add a lot of patches fixes a build of openjdk6 with gcc4.5 using - Werror -Wall openjdk-6-src-b17-no-multiline-comments.patch openjdk-6-src-b17-enumeration-value.patch openjdk-6-src-b17-suggest-parentheses.patch openjdk-6-src-b17-no-efect.patch openjdk-6-src-b17-initialized-after.patch openjdk-6-src-b17-unused-variable.patch * openjdk-6-src-b17-no-werror.patch (suppress the errors in autogenerated code) * icedtea6-1.7-no-return-in-non-void.patch- move the noarch content to %%{_datadir}/ and create symlinks in usual locations- move demo/jvmti to the -devel package as it contains so files- enable the --short-circuit in %%install section- new alternatives - policytool and policytool.1.gz * Tue Feb 09 2010 prusnakAATTsuse.cz- enable noarch subpackages * Mon Nov 23 2009 mvyskocilAATTsuse.cz- Removed openjdk-6-src-b14-confluence-crash.patch from source dir * Tue Nov 10 2009 mvyskocilAATTsuse.cz- Fixed bnc#554069 - VUL-0: Icedtea6 1.6.2 released * a lot of security patches in icedtea6-1.6.2 * Improved jar performance, http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/b35f1e5075a4- Obsoleted java-1.6.0-openjdk-makefile.patch * Wed Oct 14 2009 mvyskocilAATTsuse.cz- Fixed bnc#546468: openjdk fails on certificate creation applied upstream patch icedtea6-ecc-support-b387a64caa08.patch http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=356- Moved back from npplugin, as its not mature http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=385#c5 * Thu Oct 08 2009 mvyskocilAATTsuse.cz- Use 1.6.0 instead of javamajver macro to supress percent in provides error. * Tue Sep 29 2009 mvyskocilAATTsuse.cz- fixed bnc#542545: added 32/64bit specific provides to be compatible with other JVM and OpenOffice.org * Thu Sep 10 2009 mvyskocilAATTsuse.cz- Updates: * icedtea6-1.6 - fixes bnc#537969 * hospot 09f7962b8b44- patches changes: * added icedtea6-1.6-npplugin-xulrunner191.patch * added java-1.6.0-openjdk-sparc-fixes.patch (from Fedora) * added java-1.6.0-openjdk-sparc-hotspot.patch (from Fedora) * added icedtea6-1.6-no-return-in-nonvoid-function.patch (allows build on 11.1) * regenerated java-1.6.0-openjdk-java-access-bridge-security.patch * regenerated java-1.6.0-openjdk-makefile.patch * removed icedtead6-1.5-npplugin-xulrunner191.patch * removed java-1.6.0-openjdk-execvpe.patch * removed java-1.6.0-openjdk-netx.patch * Wed Aug 19 2009 mvyskocilAATTsuse.cz- Fixed bnc#530046 - jmap fails: NoSuchSymbolException: Could not find symbol \"gHotSpotVMTypeEntryTypeNameOffset\" keep non debug symbols in libjvm.so * Tue Aug 11 2009 mvyskocilAATTsuse.cz- Updates: * icedtea6-1.5.1 contains a lot of security fixes from Sun JDK6u15 This includes fixes for: * bnc#524505: Vulnerability in OpenJDK/NetX * bnc#514421: XML Signature weakness (HMAC truncation)- Fixed bnc#521512: lcms pointer dereference- Dropped some s390 patches, because they was obsoleted and not used- Fixed bnc#525097 - openjdk installs dead .desktop files * now removed *.desktop from %%files of openjdk * Wed Jul 29 2009 mvyskocilAATTsuse.cz- Updates: * icedtea-1.5 * visualvm-111 * hotspot 25a020f13592- Fixed bnc#525097 - openjdk installs dead .desktop files- Remove archsuffix usage- patches changes: * added java-1.6.0-openjdk-accessible-toolkit.patch * added java-1.6.0-openjdk-netx.patch * added java-1.6.0-openjdk-execvpe.patch * added icedtead6-1.5-nppplugin-xulrunner191.patch * removed openjdk-6-src-b14-confluence-crash.patch * refreshed java-1.6.0-openjdk-makefile.patch- new features and fixes: * Fixed security handling to prevent access denials when there is a site specific exception in the policy file * Allow extentions (chrome) to run Java code with full permissions * Added non-trusted SSL support to WebStart (javaws) * Added proxy support * Other improvements that were breaking specific sites (tag parser fix, nested jar support, etc.) * Added JVM Console (used by http://chrispederick.com/work/web-developer/) * Many gervill, java2d, nio2, pulse java, zero/shark, jtreg fixes. * New IcedTeaNPPlugin * Thu Jun 11 2009 mvyskocilAATTsuse.cz- Merged fontfonfig for openjdk and Sun: * Use Sazanami Mincho for monospaced fonts * Added AWT X11 font paths * Mon May 25 2009 mvyskocilAATTsuse.cz- Enabled systemtap only for jit architectures only- Refreshed non-return-in-non-void ppc patch * Fri May 15 2009 mvyskocilAATTsuse.cz- \'used systemtap-sdt-devel (see bnc#503088)\' * Thu May 14 2009 mvyskocilAATTsuse.cz- Change version system for openjdk, now it uses a %%{javaver}.%%{buildver}_%{{openjdkver}- Enabled systemtap support- Moved jpackage macro definitions upper in spec * Wed May 13 2009 mvyskocilAATTsuse.cz- updates: * openjdk b16 * icedtea snapshot cc658d9f4a64 * hotspot snapshot fc6a5ae3fef5- new features: * systemtap support (not yet enabled in SUSE) * removed gcjwebplugin * fixed lcms breakage https://bugs.openjdk.java.net/show_bug.cgi?id=100050 * fixes in JNLP runtime * various improvements in support of third party VMs (shark, cacao, zero)- patches changes: * removed obsoleted pulseaudio patch * added openjdk-6-src-b16-no-return-in-nonvoid-function.patch- enabled tests- build using xulrunner 1.9.1 on 11.2 * Tue Apr 21 2009 mvyskocilAATTsuse.cz- fixed bnc#496378: openjdk has an empty keystore * Tue Apr 14 2009 mvyskocilAATTsuse.cz- fixed bnc#493146: pulse-java integer overflow * Tue Apr 07 2009 mvyskocilAATTsuse.cz- fixed bnc#492555: tomcat6 and confluence causes a JVM crash http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/039a914095f4 * Fri Apr 03 2009 mvyskocilAATTsuse.cz- icedtea 1.4.1: - Fixed version string: Set PRODUCT_NAME to OpenJDK, unless doing a CACAO build (set to IcedTea). - Plugin fixes: icedtead bug#264. - Re-implemented visualvm. * Mon Mar 02 2009 mvyskocilAATTsuse.cz- fixed ppc/ppc64 build bnc#471829 comment#28 - added openjdk-6-src-b14-no-return-in-nonvoid-function-ppc.patch
|
|
|