You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa java-openjdk 1.7.0 i 1.8.0

Sigurnosni nedostaci programskog paketa java-openjdk 1.7.0 i 1.8.0

——————————————————————————–
Fedora Update Notification
FEDORA-2015-6397
2015-04-18 05:44:42
——————————————————————————–

Name : java-1.7.0-openjdk
Product : Fedora 20
Version : 1.7.0.79
Release : 2.5.5.0.fc20
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

——————————————————————————–
Update Information:

Updated to security icedtea-forest7 2.5.5
——————————————————————————–
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.75-2.5.5.0
– repacked sources
* Thu Apr 9 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.75-2.5.5.0
– Bump to 2.5.5 using OpenJDK 7u79 b14.
– Update OpenJDK tarball creation comments
– Drop AArch64 version of RH1191652 HotSpot patch as included upstream.
– added Patch406: fixPtraceInclude.patch, Patch404: rh1191652-hotspot.patch
Patch405: rh1191652-jdk.patch
* Wed Jan 21 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.75-2.5.4.2
– Updated to security update of 20.1.2015
– Replace unmodified java.security file via headless post scriptlet.
– Fix macro expansion in changelog
– Fix elliptic curve list as part of fsg.sh
– Bump release so that the RHEL 7.1 version is built on AArch64.
– Bump to 2.5.4 using OpenJDK 7u75 b13.
– Bump AArch64 port to 2.6.0pre17.
– Fix abrt_friendly_hs_log_jdk7.patch to apply again and enable on all archs.
– Remove OpenJDK 8 / AArch64 version of PStack patch as this is no longer needed.
* Tue Dec 16 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.71-2.5.3.3
– aarch64 sources updated to most recent stable tag
– adapted patch4030 PStack-808293-aarch64.patch
* Tue Dec 9 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.71-2.5.3.2
– added and applied patch404 rh1155012-jdk-speedup.patch
* Mon Dec 1 2014 Jiri Vanek <jvanek@redhat.com> – 1:1.7.0.71-2.5.3.1
– removed source14 remove-origin-from-rpaths (11690970)
– removed build requirement for chrpath
* Wed Oct 15 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.71-2.5.3.0
– updated to security icedtea-forest 2.5.3
* Thu Sep 11 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.65-2.5.2.5
– fixed headless to become headless again
– jre/lib/archinstall/libjavagtk.so
– jre/bin/policytool
– jre-abrt/lib/archinstall/libjavagtk.so
– all three added to not headless exclude list
* Tue Sep 2 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.65-2.5.2
– updated to icedtea7-forest 2.5.2
– removed patch404 gtk3ToBeReverted.patch
– removed patch405 pr1864_smartcardIO.patch
* Tue Jul 22 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.65-2.5.1.4
– excluded libmawt.so from autorequires/autoprovides
– see https://bugzilla.redhat.com/show_bug.cgi?id=1111349
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> – 1.7.0.65-2.5.1.3
– rebuild (for pulseaudio, bug #1117683)
* Mon Jul 14 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.65-2.5.1.2
– added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch
* Mon Jul 7 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.65-2.5.1.1
– updated to security patched icedtea7-forest-2.5.1
* Wed Jul 2 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.60-2.5.0.3
– Added arrch64 support
* Tue Jul 1 2014 Andrew Hughes <gnu.andrew@redhat.com> – 1.7.0.60-2.5.0.2
– Add nss-softokn dependency for SunEC provider
– Add support for ppc64le
– Enable SunEC provider with system NSS support.
– Ensure java-1.7.0-openjdk is used to build, not 8
– Set INSTALL_LOCATION so it can be used in the rpath.
* Thu Jun 19 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.60-2.5.0.1.f20
– added and applied as reverted patch404 gtk3ToBeReverted.patch
– reverting controversial fix of http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=729
* Wed Jun 18 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.60-2.5.0.f20
– updated to icedtea7-forest 2.5.0
– removed icedtea_version_presuffix
– removed hardcoded 60
– removed upstreamed patch412 add-final-location-rpaths.patch
– removed upstreamed patch413 rh1064383-prelink_fix.patch
* Thu May 22 2014 Andrew Hughes <gnu.andrew@redhat.com – 1.7.0.51-2.4.7.4.fc20
– Fix jinfo behaviour when prelink cache is present
– Resolves: rhbz#1064383
* Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.7.3.fc20
– debug turned off (0)
– python added to line %{SOURCE14} $files to preven access denied
– added build requires for python
* Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.7.2.fc20
– bumped release
– changed buildoutputdir to contains “-debug” in case of debug on
– rewritten (long unmaintained) java-1.7.0-openjdk-debugdocs.patch and
java-1.7.0-openjdk-debuginfo.patch
– debug turned on (1)
* Tue Apr 22 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.55-2.4.7.1.fc20
– Added Omair’s fix for RH1059925
– added and used Source14, remove-origin-from-rpaths
– added and applied patch412 add-final-location-rpaths.patch
– added build requires chrpath
– adde INSTALL_LOCATION=_jvmdir/sdkdir to make swithces
– added missing OrderWithRequires (sync with master)
– removed rhino requires (sync with master)
– added libattr-devel build requires (sync with master)
– added conditional chmod on sa-jdi.jar (sync with master)
– added comment to fiels about lua (sync with master)
– added few more owned dirs (sync with master)
* Mon Apr 7 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.55-2.4.7.0.fc20
– Added check to lua according to already exisitng same jvm
– bumped to future icedtea-forest 2.4.7
– updatever set to 55, buildver se to 13, release reset to 0
– removed upstreamed patch402 gstackbounds.patch
– included config(norepalce) lua script
* Wed Mar 26 2014 Omair Majid <omajid@redhat.com> – 1.7.0.60-2.4.5.2.fc20
– Switch to a new tapset tarball without trailing space in file name
* Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.5.1.f20
– removed or cleaning alternatives remove in posts
* Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.5.0.f20
– removed buildRequires: pulseaudio >= 0.9.11, as not neccessary
– but kept libs-devel
– updated to icedtea 2.4.5
– http://blog.fuseyism.com/index.php/2014/01/29/icedtea-2-4-5-released/
– removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them out)
– patch410 1015432.patch (upstreamed)
– patch411 1029588.patch
– patch412 zero-x32.diff
– patch104 java-1.7.0-ppc-zero-jdk.patch
– patch105 java-1.7.0-ppc-zero-hotspot.patch
– patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always
(again thanx to gnu_andrew)
– merged other gnu_andrew’s changes
– FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls
– buildver bumbed to 31
– added build requires nss-devel
– removed build requires mercurial
– added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call
* Fri Jan 17 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.4.1.f20
– removed 2.3 tarball due to security issues
– this causes zero arm32 jit to not exists eny more (aprox 30% slowdown)
– removed declarations:
– global icedtea_version_arm32 2.3.13
– source100 openjdk-icedtea-%{icedtea_version_arm32}.tar.xz
– removed:
– patch30 java-1.7.0-openjdk-java-access-bridge-security-2.3.patch
– patch1000 rhino-2.3.patch
– patch4020 gstackbounds-2.3.patch
– patch4110 1029588-2.3.patch
– patch302 systemtap.patch
– patch401 657854-openjdk7.patch
– with all follwing ifarch arm calls
– patch410 and TestCryptoLevel are now used always
– US_export_policy.jar and local_policy.jar are now listed always
– make:
– always used DISABLE_INTREE_EC, UNLIMITED_CRYPTO
– removed arm32 specific DISTRO_PACKAGE_VERSION JDK_UPDATE_VERSION JDK_BUILD_NUMBER
– added patch412 zero-x32.diff to try to fix zero builds build
* Fri Jan 10 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.51-2.4.4.0.f20
– updated to security icedtea 2.4.4
– and arm tarball updated to security icedtea 2.3.13
– icedtea_version set to 2.4.4
– updatever bumped to 51
– release reset to 0
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.40-2.4.3.4.f19
– added and applied patch411 1029588.patch (for 2.4)
– added and applied patch4110 1029588-2.3.patch (for 2.3)
– resolves rhbz#1029588
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.40-2.4.3.3.f19
– added and applied for icedtea 2.4 patch410, 1015432.patch
– resolves rhbz#1015432
* Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> – 1.7.0.40-2.4.3.2.f20
– changed Provides: jre-headless = 1.7.0
to Provides: jre-headless = 1:1.7.0
– resolves rhbz#1046050
* Fri Oct 18 2013 Jiri Vanek <jvanek@redhat.com> – 1.7.0.40-2.4.3.1.f20
– arm tarball updated to new CPU sources 2.3.13
– removed upstreamed patch 501 callerclass-01.patch
– removed upstreamed patch 502 callerclass-02.patch
– removed upstreamed patch 503 callerclass-02.patch
– removed upstreamed patch 504 callerclass-02.patch
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update java-1.7.0-openjdk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-6369
2015-04-18 05:43:39
——————————————————————————–

Name : java-1.8.0-openjdk
Product : Fedora 21
Version : 1.8.0.45
Release : 31.b13.fc21
URL : http://openjdk.java.net/
Summary : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

——————————————————————————–
Update Information:

Updated to security update u45
——————————————————————————–
ChangeLog:

* Fri Apr 10 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.45-31.b13
– repacked sources
* Tue Apr 7 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.45-30.b13
– updated to security u45
– added patch d318d83c4e74.patch
– added rhbz1206656_fix_current_stack_pointer.patch
– renamed PStack-808293.patch -> java-1.8.0-openjdk-PStack-808293.patch
– renamed remove-intree-libraries.sh -> java-1.8.0-openjdk-remove-intree-libraries.sh
– renamed to preven conflix with jdk7
* Thu Apr 2 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.40-27.b25
– bumped release. Needed rebuild by itself on arm
* Tue Mar 31 2015 Severin Gehwolf <sgehwolf@redhat.com> – 1:1.8.0.40-26.b25
– Make Zero build-able on ARM32.
Resolves: RHBZ#1206656
* Fri Mar 27 2015 Dan Horák <dan[at]danny.cz> – 1:1.8.0.40-25.b25
– refresh s390 patches
* Fri Mar 27 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.40-24.b25
– added patch501 1182011_JavaPrintApiDoesNotPrintUmlautCharsWithPostscriptOutputCorrectly.patch
– added patch502 1182694_javaApplicationMenuMisbehave.patch
– both upstreamed, will be gone with u60
* Wed Mar 25 2015 Omair Majid <omajid@redhat.com> – 1:1.8.0.40-23.b25
– Disable various EC algorithms in configuration
* Mon Mar 23 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.40-22.b25
– sytemtap made working for dual package
* Tue Mar 3 2015 Severin Gehwolf <sgehwolf@redhat.com> – 1:1.8.0.40-21.b25
– Added compiler no-warn-
* Fri Feb 20 2015 Omair Majid <omajid@redhat.com> – 1:1.8.0.40-21.b25
– Fix zero interpreter build.
* Thu Feb 12 2015 Omair Majid <omajid@redhat.com> – 1:1.8.0.40-21.b25
– Fix building with gcc 5 by ignoring return-local-addr warning
– Include additional debugging info for java class files and test that they are
present
* Thu Feb 12 2015 Jiri Vanek <jvanek@redhat.com> – 1:1.8.0.40-20.b25
– bumped to b25
– removed upstreamed patch11 hotspot-build-j-directive.patch
– policies repacked to stop spamming yum update
– added and used source20 repackReproduciblePolycies.sh
– added mehanism to force priority size
* Fri Jan 9 2015 Dan Horák <dan[at]danny.cz> – 1:1.8.0.40-19.b12
– refresh s390 patches
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update java-1.8.0-openjdk’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa spatialite-tools

Otkriveni su sigurnosni nedostaci u programskom paketu spatialite-tools za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close