ELBA-2019-4569

ELBA-2019-4569 - mercurial bug fix update

Type:BUG
Severity:NA
Release Date:2019-03-27

Description


mercurial
[1.4-5.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

papi
[5.1.1-12.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

pcp
[3.10.9-9.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

policycoreutils
[2.0.83-30.1.0.2]
- Rebuild to fix file permissions [Orabug: 28451433]

[2.0.83-30.1.0.1]
- Lazy unmount private, shared entry(Joe Jin)[orabug 12560705]

pyOpenSSL
[0.13.1-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-dmidecode
[3.10.15-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-ethtool
[0.6-6.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

cpupowerutils
[1.3-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-kerberos
[1.1-7.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

ctdb
[2.5.1-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-psycopg2
[2.0.14-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

db4
[4.7.25-22.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-pycurl
[7.19.0-9.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

file
[5.04-30.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

python-schedutils
[0.4-2.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

glibc
[2.12-1.212.0.2]
- Rebuild to fix file permissions [Orabug: 28451433]

python-urwid
[1.1.1-1.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

ipa
[3.0.0-51.0.1.el6]
- Rebuild to fix file permissions [Orabug: 28451433]

scipy
[0.7.2-8.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

java-1.6.0-openjdk
[1:1.6.0.41-1.13.13.1.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

[1:1.6.0.41-1.13.13.1]
- Update to new 1.13.13 and b41 tarballs to correct TCK failure.
- Resolves: rhbz#1381990

[1:1.6.0.41-1.13.13.0]
- Update to new 1.13.13 tarball with PR3275 and PR3276 fixes.
- Resolves: rhbz#1381990

[1:1.6.0.41-1.13.13.0]
- Update to IcedTea 1.13.13 & OpenJDK 6 b41.
- Fix context for rpath patch following PR3213.
- Resolves: rhbz#1381990

[1:1.6.0.41-1.13.13.0]
- Require a JDK with RH1334465/PR2956 fixed and turn off bootstrapping for Zero architectures.
- Resolves: rhbz#1381990

[1:1.6.0.41-1.13.13.0]
- Set install directories in configure so that @prefix@ is substituted correctly in tapset
- Resolves: rhbz#1381990

[1:1.6.0.40-1.13.12.6]
- Bump source tarballs to try and really fix TCK failures this time.
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.5]
- Bump source tarballs to missing -DNDEBUG on JDK native code.
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.4]
- Non-JIT architectures have not been bootstrapping, due to RPM reading commented macros
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.3]
- Bump source tarballs to fix TCK failures.
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.2]
- Separate bootstrap option as it should not be tied to the JDK used.
- Enable bootstrapping on JIT architectures going forward.
- Temporarily enable bootstrapping on all architectures to work around RH1334465/PR2956.
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.1]
- No longer any need to add our own mime.types symlink.
- Resolves: rhbz#1350044

[1:1.6.0.40-1.13.12.0]
- Update to IcedTea 1.13.12 & OpenJDK 6 b40.
- Separate SystemTap option from bootstrap options.
- Use configure macro and disable long-running JTreg & SystemTap tests from make check
- Remove redundant patch-ecj target invocation for bootstrap build.
- Add check section to run the new tests introduced in 1.13.12.
- Fix context for rpath patch following PR3140.
- Add RHEL version of b40 tarball.
- Require mailcap at build time as well, so configure finds /etc/mime.types (PR2800)
- Remove unneeded dependency on jakarta-commons-logging, as VisualVM is no longer included.
- Resolves: rhbz#1350044

[1:1.6.0.39-1.13.11.1]
- Bump release so it is greater than the one in 6.7.
- Resolves: rhbz#1325431

[1:1.6.0.39-1.13.11.0]
- Reset release and build in 6.8.z rather than 6.8 default
- Resolves: rhbz#1325431

[1:1.6.0.39-1.13.11.4]
- Update to IcedTea 1.13.11 & OpenJDK 6 b39.
- Resolves: rhbz#1325431

[1:1.6.0.38-1.13.10.4]
- Disable RC4 by default.
- Resolves: rhbz#1217131

[1:1.6.0.38-1.13.10.3]
- Fix duplicate mime.types in new symlink.
- Resolves: rhbz#1195203

[1:1.6.0.38-1.13.10.2]
- Add a symlink to /etc/mime.types in jre/lib.
- Resolves: rhbz#1195203

[1:1.6.0.38-1.13.10.1]
- Update to IcedTea 1.13.10 & OpenJDK 6 b38.
- Resolves: rhbz#1295774

[1:1.6.0.37-1.13.9.5]
- Update with new IcedTea & b37 tarballs, including fix for appletviewer regression.
- Resolves: rhbz#1271928

[1:1.6.0.37-1.13.9.4]
- Update with new IcedTea & b37 tarballs, including more Kerberos fixes for TCK regression.
- Resolves: rhbz#1271928

[1:1.6.0.37-1.13.9.3]
- Update with new IcedTea & b37 tarballs, including Kerberos fixes for TCK regression.
- Resolves: rhbz#1271928

[1:1.6.0.37-1.13.9.2]
- Update with newer tarball, including 6763122 fix for TCK regression.
- Use release + 1 to avoid having a lower version than the 6.7 version.
- Resolves: rhbz#1271928

[1:1.6.0.37-1.13.9.0]
- Update to IcedTea 1.13.9
- Resolves: rhbz#1271928

[1:1.6.0.36-1.13.8.1]
- Update tarball to fix TCK regression (PR2565)
- Resolves: rhbz#1235150

[1:1.6.0.36-1.13.8.0]
- Update to IcedTea 1.13.8
- Update no_pr2125.patch to work against new version.
- Resolves: rhbz#1235150

[1:1.6.0.35-1.13.7.2]
- Bump release to avoid conflict with version in 6.6.z
- Resolves: rhbz#1209066

[1:1.6.0.35-1.13.7.1]
- Repackaged source files
- Resolves: rhbz#1209066

[1:1.6.0.35-1.13.7.0]
- Update to IcedTea 1.13.7
- Regenerate add-final-location-rpaths patch so as to be less disruptive.
- Resolves: rhbz#1209066

[1:1.6.0.34-1.13.6.2]
- Bump release to avoid conflict with version in 6.6.z
- Resolves: rhbz#1180291

[1:1.6.0.34-1.13.6.1]
- Update to latest 1.13.6 release candidate tarball
- Fixes a number of issues found with b34:
- * OJ51, PR2187: Sync patch for 4873188 with 7 version
- * OJ52, PR2185: Application of 6786276 introduces compatibility issue
- * OJ53, PR2181: strict-aliasing warnings issued on PPC32
- * OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport
- * S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: 'Bad address'
- * S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
- Regenerate add-final-location-rpaths patch against new release.
- Resolves: rhbz#1180291

[1:1.6.0.34-1.13.6.0]
- Update to IcedTea 1.13.6
- Remove upstreamed patch for RH1151372.
- Regenerate add-final-location-rpaths patch against new release.
- Apply pr2125.patch in generate_rhel_zip.sh to remove unwanted elliptic curves.
- Add no_pr2125.patch to avoid repeating the procedure during the IcedTea build.
- Avoid duplicating the OpenJDK build version by making more use of %{openjdkver}.
- Add US_export_policy.jar and local_policy.jar to packages.
- Resolves: rhbz#1180291

[1:1.6.0.33-1.13.5.1]
- Backport annotation race condition fix and associated HotSpot fix
- Resolves: rhbz#1151372

[1:1.6.0.33-1.13.5.0]
- removed requires rhino
- Resolves: rhbz#1148900

[1:1.6.0.33-1.13.5.0]
- Update to IcedTea 1.13.5
- Remove upstreamed patches.
- Regenerate add-final-location-rpaths patch against new release.
- Change versioning to match java-1.7.0-openjdk so revisions work.
- Use xz for tarballs to reduce file size.
- No need to explicitly disable system LCMS any more (bug fixed upstream).
- Add icedteasnapshot to setup lines so they work with pre-release tarballs.
- Resolves: rhbz#1148900

[1:1.6.0.0-11.1.13.4]
- Add fix for ArrayIndexOutOfBoundsException when certain glyphs are processed
- Regenerate rpath patch to apply after upstreamed patch.
- Resolves: rhbz#1112806

[1:1.6.0.1-10.1.13.4]
- bumped release back to 10
- Resolves: rhbz#1115868

[1:1.6.0.1-6.1.13.4]
- moved to icedteaver 1.13.4
- moved to openjdkver b32 and openjdkdate 15_jul_2014
- reworked patch for unsyncHashMap.patch
- added upstreamed patch patch9 rh1115580-unsyncHashMap.patch
- Resolves: rhbz#1115868

[1:1.6.0.0-10.1.13.3]
- Recreate 7027300 backport patch, due to breakage from RH1059925 patch.
- Resolves: rhbz#1098399

[1:1.6.0.1-5.1.13.8]
- Work when capabilities are set on the binary
- Include hardcoded install path as well as in RPATH
- Don't Expect LD_LIBRARY_PATH to be set in the launcher
- Resolves: rhbz#1059925

[1:1.6.0.0-9.1.13.3]
- Backport fix (7027300) replacing HashMap with ConcurrentHashMap to avoid deadlock
- Also includes related backport (7183251) to fix issue revealed by fixing 7027300
- Resolves: rhbz#1098399

[1:1.6.0.1-5.1.13.7]
- debug turned off (0)
- Resolves: rhbz#1059925

[1:1.6.0.1-5.1.13.6]
- fixed outdated debug build
- debug set (temporarily) on (1)
- fixed java-1.6.0-openjdk-debugdocs.patch and ava-1.6.0-openjdk-debuginfo.patch
- redeffined debugbuild and buildoutputdir (for debug on)
- added and applied it6-mkfile-tmp.patch (upstreamed already)
- Resolves: rhbz#1059925

[1:1.6.0.1-5.1.13.3]
- updated to icedtea 1.13.3
- updated to openjdk-6-src-b31-15_apr_2014
- renmoved upstreamed patch7, 1.13_fixes.patch
- renmoved upstreamed patch9, 1051245.patch
- Resolves: rhbz#1085010

[1:1.6.0.1-4.1.13.0]
- added and applied patch9 1051245.patch
- Resolves: rhbz#1051245

[1:1.6.0.1-3.1.13.0]
- updated to icedtea 1.13.1
- http://blog.fuseyism.com/index.php/2014/01/23/security-icedtea-1-12-8-1-13-1-for-openjdk-6-released/
- updated to jdk6, b30, 21_jan_2014
- https://openjdk6.java.net/OpenJDK6-B30-Changes.html
- adapted patch7 1.13_fixes.patch
- pre 2011 changelog moved to (till now wrong) pre-2009-spec-changelog (rh1043611)
- added --disable-system-lcms to configure options to pass build
- adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch
- Resolves: rhbz#1050191

[1:1.6.0.1-1.66.1.13.0]
- updated to icedtea 1.13
- updated to openjdk-6-src-b28-04_oct_2013
- added --disable-lcms2 configure switch to fix tck
- removed upstreamed patch7,java-1.6.0-openjdk-jstack.patch
- added patch7 1.13_fixes.patch to fix 1.13 build issues
- adapted patch0 java-1.6.0-openjdk-optflags.patch
- adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch
- adapted patch8 java-1.6.0-openjdk-timezone-id.patch
- removed useless runtests parts
- included also java.security.old files
- Resolves: rhbz#1017621

[1:1.6.0.1-1.65.1.11.13]
- added patch8, java-1.6.0-openjdk-timezone-id.patch to 995488
- Resolves: rhbz#983411

[1:1.6.0.0-1.63.1.11.13]
- removed upstreamed patch100 8000791-regression-fix.patch
- bumped release
- updated to icedtea-1.11.13
- Resolves: rhbz#983411

[1:1.6.0.0-1.63.1.11.11.90]
- added patch100 8000791-regression-fix.patch
- bumped release
- updated to icedtea-1.11.12
- Resolves: rhbz#976897
- Resolves: rhbz#983411

[1:1.6.0.0-1.62.1.11.11.90]
- updated to icedtea6-1.11.11.90.tar.gz
- removed upstreamed patch9 jaxp-backport-factoryfinder.patch
- removed upstreamed patch10 fixToFontSecurityFix.patch.
- modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch
- Resolves: rhbz#973130

[1:1.6.0.0-1.61.1.11.11]
- added and applied (temporally) patch10 fixToFontSecurityFix.patch.
- fixing regression in fonts introduced by one security patch.
- Resolves: rhbz#950387

[1:1.6.0.0-1.60.1.11.11]
- added and applied (temporally) one more patch to xalan/xerces privileges
- patch9 jaxp-backport-factoryfinder.patch
- will be upstreamed
- Resolves: rhbz#950387

[1:1.6.0.0-1.59.1.11.11]
- Updated to icedtea6 1.11.11 - fixed xalan/xerxes privledges
- removed patch 8 - removingOfAarch64.patch.patch - fixed upstream
- Resolves: rhbz#950387

[1:1.6.0.0-1.58.1.11.10]
- Updated to icedtea6 1.11.10
- rewritten java-1.6.0-openjdk-java-access-bridge-security.patch
- excluded aarch64.patch
- by patch 8 - removingOfAarch64.patch.patch
- Resolves: rhbz#950387

[1:1.6.0.0-1.56.1.11.8]
- Rebuild with updated sources
- Resolves: rhbz#912256

[1:1.6.0.0-1.34.1.11.8]
- Updated to icedtea6 1.11.8
- Removed patch9 7201064.patch
- Removed patch10 8005615.patch
- Removed not-applied patch 6664509.patch
- Removed mauve as deadly outdated and run on QA
- jtreg kept, useless, but working
- Resolves: rhbz#911525

[1:1.6.0.0-1.54.1.11.6]
- removed patch8 revertTwoWrongSecurityPatches2013-02-06.patch
- added patch8: 7201064.patch to be reverted
- added patch9: 8005615.patch to fix the 6664509.patch
- Resolves: rhbz#906708

[1:1.6.0.0-1.53.1.11.6]
- added patch8 revertTwoWrongSecurityPatches2013-02-06.patch
to remove 6664509 and 7201064 from 1.11.6 tarball
- Resolves: rhbz#906708

[1:1.6.0.0-1.51.1.11.6]
- Updated to icedtea6 1.11.6
- Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch
- Access gnome bridge jar is forced to have 644 permissions
- Resolves: rhbz#906708

[1:1.6.0.0-1.48.1.11.3]
- Access gnome bridge jar is forced to have 644 permissions
- Resolves: rhbz#828752

[1:1.6.0.0-1.47.1.11.3]
- Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch:
- com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
- packages added also to package.definition
- Resolves: rhbz#828752

[1:1.6.0.0-1.46.1.11.3]
- Updated to IcedTea6 1.11.3
- Removed upstreamed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch
- Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch:
- com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
- packages added to patch
- Resolves: rhbz#828752

[1:1.6.0.0-1.45.1.11.1]
- Resolves: rhbz#804632
- Tweak java-1.6.0-openjdk-jstack.patch stack to remove two uses of sprintf
to make it work against systemtap 1.7.

[1:1.6.0.0-1.44.1.11.1]
- Applied ptisnovs's patch8
- Resolves: rhbz#807324

[1:1.6.0.0-1.43.1.11.1]
- Applied Mark's patch7
- Resolves: rhbz#804632

[1:1.6.0.0-1.42.1.11.1]
- Resolves: rhbz#804632
- Added patch7 java-1.6.0-openjdk-jstack.patch based on upstream patches:
http://thread.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/17667

[1:1.6.0.0-1.41.1.11.1]
- Resolves: rhbz#771971
- Updated to IcedTea6 1.11.1
- Security fixes:
- S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
- S7082299, CVE-2011-3571: AtomicReferenceArray insufficient array type check
- S7110687, CVE-2012-0503: Unrestricted use of TimeZone.setDefault
- S7110700, CVE-2012-0505: Incomplete info in the deserialization exception
- S7110683, CVE-2012-0502: KeyboardFocusManager focus stealing
- S7088367, CVE-2011-3563: JavaSound incorrect bounds check
- S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server
- S7118283, CVE-2012-0501: Off-by-one bug in ZIP reading code
- S7110704, CVE-2012-0506: CORBA fix

[1:1.6.0.0-1.41.1.10.4]
- Bump to IcedTea6 1.10.4
- Resolves: rhbz#744789

[1:1.6.0.0-1.40.1.10.3]
- Bump to IcedTea6 1.10.3, HotSpot 20
- Resolves: rhbz#722310

[1:1.6.0.0-39.1.9.7]
- added requires: fontconfig
- resolves: rhbz#708201

suitesparse
[3.4.0-9.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

libreswan
[3.15-7.5.0.2]
- Rebuild to fix file permissions [Orabug: 28451433]

[3.15-7.5.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro

system-config-printer
[1.1.16-26.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

libvpx
[1.3.0-5.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

tcp_wrappers
[7.6-58.0.1]
- Rebuild to fix file permissions [Orabug: 28451433]

luci
[0.26.0-93.0.2]
- Rebuild to fix file permissions [Orabug: 28451433]




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete