-
Wed Jul 26 2023 Lukáš Lipinský <lukas.lipinsky@oracle.com> - 1:17.0.8.0.7-2.0.1
- OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036)
- OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041)
- OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049)
- harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193)
- OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006)
- OpenJDK: modulo operator array indexing issue (8304460) (CVE-2023-22044)
- OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045)
- Add Oracle vendor bug URL [Orabug: 34340155]
-
Thu Jul 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.8.0.6-0.1.ea
- Update to jdk-17.0.8+6 (EA)
- Sync the copy of the portable specfile with the latest update
- Resolves: rhbz#2217716
-
Wed Jul 12 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.8.0.1-0.1.ea
- Update to jdk-17.0.8+1 (EA)
- Update release notes to 17.0.8+1
- Switch to EA mode
- Drop local inclusion of JDK-8274864 & JDK-8305113 as they are included in 17.0.8+1
- Bump bundled LCMS version to 2.15 as in jdk-17.0.8+1.
- Bump bundled HarfBuzz version to 7.0.1 as in jdk-17.0.8+1
- Use tapsets from the misc tarball
- Introduce 'prelease' for the portable release versioning, to handle EA builds
- Make sure root installation directory is created first
- Use in-place substitution for all but the first of the tapset changes
- Related: rhbz#2217716
-
Tue Jul 11 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-4
- Introduce vm_variant global for consistency with future JDK builds
- Related: rhbz#2203412
-
Mon May 15 2023 Jiri Vanek <jvanek@redhat.com> - 1:17.0.7.0.7-4
- Exclude classes_nocoops.jsa on i686 and arm32
- Related: rhbz#2203412
-
Mon May 15 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-4
- Following JDK-8005165, class data sharing can be enabled on all JIT architectures
- Related: rhbz#2203412
-
Wed May 10 2023 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.7.0.7-4
- Fix packaging of CDS archives
- Resolves: rhbz#2203412
-
Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-3
- Sync portable spec file with current version
- Related: rhbz#2189326
-
Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.7.0.7-2
- Update to jdk-17.0.7.0+7
- Update release notes to 17.0.7.0+7
- Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113
- Update generate_tarball.sh to add support for passing a boot JDK to the configure run
- Add POSIX-friendly error codes to generate_tarball.sh and fix whitespace
- Remove .jcheck and GitHub support when generating tarballs, as done in upstream release tarballs
- Update FIPS support against 17.0.7+6 and bring in latest changes:
- * RH2134669: Add missing attributes when registering services in FIPS mode.
- * test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class
- * RH1940064: Enable XML Signature provider in FIPS mode
- * RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized
- Fix trailing '.' in tarball name
- Use portablerelease in vendor version to avoid inclusion of dist tag
- ** This tarball is embargoed until 2023-04-18 @ 1pm PT. **
- Resolves: rhbz#2185182
- Resolves: rhbz#2186803
- Resolves: rhbz#2186810
- Resolves: rhbz#2186806
-
Wed Apr 26 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.6.0.10-6
- Include the java-17-openjdk-portable.spec file with instructions on how to rebuild.
- Related: rhbz#2189326