You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa java 1.8.0 openjdk

Sigurnosni nedostaci programskog paketa java 1.8.0 openjdk

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5290
2014-04-18 14:22:35
——————————————————————————–

Name : java-1.8.0-openjdk
Product : Fedora 19
Version : 1.8.0.5
Release : 1.b13.fc19
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

——————————————————————————–
Update Information:

This security update fixes a large number of vulnerabilities in OpenJDK 8. It corresponds to the security update release for various Java versions on 2014-04-15.

Everyone using OpenJDK8 is strongly encouraged to update to this immediately.

More information about this update is available at: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
——————————————————————————–
ChangeLog:

* Wed Apr 16 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.5-1.b13
– Update to the 2014-04-15 security update.
* Tue Mar 11 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.34.b132
– Include jdeps and jjs for aarch64. These are present in b128.
* Mon Mar 10 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.33.b132
– Update aarch64 tarball to the latest upstream release
* Fri Mar 7 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.32.b132
– Fix `java -version` output
* Fri Mar 7 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.31.b132
– updated to rc4 aarch64 tarball
– outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch
patch2021 system-libpng-aarch64.patch
* Thu Mar 6 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.30.b132
– Update to b132
* Thu Mar 6 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.29.b129
– Fix typo in STRIP_POLICY
* Mon Mar 3 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.28.b129
– Remove redundant debuginfo files
– Generate complete debug information for libjvm
* Tue Feb 25 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.27.b129
– Fix non-headless libraries
* Tue Feb 25 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.26.b129
– Fix incorrect Requires
* Thu Feb 13 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.26.b129
– Add -headless subpackage based on java-1.7.0-openjdk
– Add abrt connector support
– Add -accessibility subpackage
* Thu Feb 13 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.26.b129
– Update to b129.
* Fri Feb 7 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.25.b126
– Update to candidate Reference Implementation release.
* Fri Jan 31 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.24.b123
– Forward port more patches from java-1.7.0-openjdk
* Mon Jan 20 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.23.b123
– Update to jdk8-b123
* Thu Nov 14 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.22.b115
– Update to jdk8-b115
* Wed Oct 30 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.21.b106
– added jre/lib/security/blacklisted.certs for aarch64
– updated to preview_rc2 aarch64 tarball
* Sun Oct 6 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.20.b106
– Fix paths in tapsets to work on non-x86_64
– Use system libjpeg
* Thu Sep 5 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.19.b106
– Fix with_systemtap conditionals
* Thu Sep 5 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.18.b106
– Update to jdk8-b106
* Tue Aug 13 2013 Deepak Bhole <dbhole@redhat.com> – 1:1.8.0.0-0.17.b89x
– Updated aarch64 to latest head
– Dropped upstreamed patches
* Wed Aug 7 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.16.b89x
– The zero fix only applies on b89 tarball
* Tue Aug 6 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.16.b89x
– Add patch to fix zero on 32-bit build
* Mon Aug 5 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.16.b89x
– Added additional build fixes for aarch64
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1:1.8.0.0-0.16.b89x
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Aug 2 2013 Deepak Bhole <dbhole@redhat.com> – 1:1.8.0.0-0.15.b89
– Added a missing includes patch (#302/java-1.8.0-openjdk-arm64-missing-includes.patch)
– Added –disable-precompiled-headers for arm64 build
* Mon Jul 29 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.14.b89
– added patch 301 – removeMswitchesFromx11.patch
* Fri Jul 26 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.13.b89
– added new aarch64 tarball
* Thu Jul 25 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.12.b89
– ifarchaarch64 then –with-jvm-variants=client
* Tue Jul 23 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.11.b89
– prelink dependence excluded also for aaech64
– arm64 added to jitarches
– added source100 config.guess to repalce the outdated one in-tree
– added source101 config.sub to repalce the outdated one in-tree
– added patch2011 system-libjpegAARCH64.patch (as aarch64-port is little bit diferent)
– added patch2031 system-lcmsAARCH64.patch (as aarch64-port is little bit diferent)
– added gcc-c++ build depndece so builddep will result to better situation
* Tue Jul 23 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.10.b89
– moved to latest working osurces
* Tue Jul 23 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.10.b89
– Moved to hg clone for generating sources.
* Sun Jul 21 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.9.b89
– added aarch 64 tarball, proposed usage of clone instead of tarballs
* Mon Jul 15 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.9.b89
– Switch to xz for compression
– Fixes RHBZ#979823
* Mon Jul 15 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.9.b89
– Priority should be 0 until openjdk8 is released by upstream
– Fixes RHBZ#964409
* Mon Jun 3 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.8.b89
– Fix incorrect permissions on ct.sym
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update java-1.8.0-openjdk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5336
2014-04-18 14:25:17
——————————————————————————–

Name : java-1.8.0-openjdk
Product : Fedora 20
Version : 1.8.0.5
Release : 1.b13.fc20
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

——————————————————————————–
Update Information:

This security update fixes a large number of vulnerabilities in OpenJDK 8. It corresponds to the security update release for various Java versions on 2014-04-15.

Everyone using OpenJDK8 is strongly encouraged to update to this immediately.

More information about this update is available at: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
——————————————————————————–
ChangeLog:

* Wed Apr 16 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.5-1.b13
– Update to the 2014-04-15 security update.
* Tue Mar 11 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.34.b132
– Include jdeps and jjs for aarch64. These are present in b128.
* Mon Mar 10 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.33.b132
– Update aarch64 tarball to the latest upstream release
* Fri Mar 7 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.32.b132
– Fix `java -version` output
* Fri Mar 7 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.31.b132
– updated to rc4 aarch64 tarball
– outdated removed: patch2031 system-lcmsAARCH64.patch patch2011 system-libjpeg-aarch64.patch
patch2021 system-libpng-aarch64.patch
* Thu Mar 6 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.30.b132
– Update to b132
* Thu Mar 6 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.29.b129
– Fix typo in STRIP_POLICY
* Mon Mar 3 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.28.b129
– Remove redundant debuginfo files
– Generate complete debug information for libjvm
* Tue Feb 25 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.27.b129
– Fix non-headless libraries
* Tue Feb 25 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.26.b129
– Fix incorrect Requires
* Thu Feb 13 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.26.b129
– Add -headless subpackage based on java-1.7.0-openjdk
– Add abrt connector support
– Add -accessibility subpackage
* Thu Feb 13 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.26.b129
– Update to b129.
* Fri Feb 7 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.25.b126
– Update to candidate Reference Implementation release.
* Fri Jan 31 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.24.b123
– Forward port more patches from java-1.7.0-openjdk
* Mon Jan 20 2014 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.23.b123
– Update to jdk8-b123
* Thu Nov 14 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.22.b115
– Update to jdk8-b115
* Wed Oct 30 2013 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.0-0.21.b106
– added jre/lib/security/blacklisted.certs for aarch64
– updated to preview_rc2 aarch64 tarball
* Sun Oct 6 2013 Omair Majid <omajid@redhat.com> – 1:1.8.0.0-0.20.b106
– Fix paths in tapsets to work on non-x86_64
– Use system libjpeg
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update java-1.8.0-openjdk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa openjdk-6

Otkriveni su sigurnosni nedostaci u programskom paketu openjdk-6. Otkriveni nedostaci potencijalnim napadačima omogućuju čitanje osjetljivih podataka, pokretanje proizvoljnog programskog koda,...

Close