ELSA-2019-0435

ELSA-2019-0435 - java-1.8.0-openjdk security update

Type:SECURITY
Severity:MODERATE
Release Date:2019-03-02

Description


[1:1.8.0.201.b09-0]
- Update to aarch64-shenandoah-jdk8u201-b09.
- Resolves: rhbz#1661577

[1:1.8.0.192.b12-0]
- Add port of 8189170 to AArch64 which is missing from upstream 8u version.
- Resolves: rhbz#1661577

[1:1.8.0.192.b12-0]
- Add 8160748 for AArch64 which is missing from upstream 8u version.
- Resolves: rhbz#1661577

[1:1.8.0.192.b12-0]
- Update to aarch64-shenandoah-jdk8u192-b12.
- Remove patches included upstream
- JDK-8031668/PR2842
- JDK-8148351/PR2842
- JDK-6260348/PR3066
- JDK-8061305/PR3335/RH1423421
- JDK-8188030/PR3459/RH1484079
- JDK-8205104/PR3539/RH1548475
- JDK-8185723/PR3553
- JDK-8186461/PR3557
- JDK-8201509/PR3579
- JDK-8075942/PR3602
- JDK-8203182/PR3603
- JDK-8206406/PR3610/RH1597825
- JDK-8206425
- JDK-8036003
- JDK-8201495/PR2415
- JDK-8150954/PR2866/RH1176206
- Re-generate patches (mostly due to upstream build changes)
- JDK-8073139/PR1758/RH1191652
- JDK-8143245/PR3548 (due to JDK-8202600)
- JDK-8197429/PR3546/RH1536622 (due to JDK-8189170)
- JDK-8199936/PR3533
- JDK-8199936/PR3591
- JDK-8207057/PR3613
- JDK-8210761/RH1632174 (due to JDK-8207402)
- PR3559 (due to JDK-8185723/JDK-8186461/JDK-8201509)
- PR3593 (due to JDK-8081202)
- RH1566890/CVE-2018-3639 (due to JDK-8189170)
- RH1649664 (due to JDK-8196516)
- Resolves: rhbz#1661577

[1:1.8.0.191.b14-1]
- Add 8131048 & 8164920 (PR3574/RH1498936) to provide a CRC32 intrinsic for PPC64.
- Resolves: rhbz#1661577

[1:1.8.0.191.b14-0]
- Update to aarch64-shenandoah-jdk8u191-b14.
- Adjust JDK-8073139/PR1758/RH1191652 to apply following 8155627 backport.
- Resolves: rhbz#1661577

[1:1.8.0.191.b13-0]
- Update to aarch64-shenandoah-jdk8u191-b13.
- Update tarball generation script in preparation for PR3667/RH1656676 SunEC changes.
- Use remove-intree-libraries.sh to remove the remaining SunEC code for now.
- Resolves: rhbz#1661577

[1:1.8.0.191.b13-0]
- Fix jdk8073139-pr1758-rh1191652-ppc64_le_says_its_arch_is_ppc64_not_ppc64le_jdk.patch paths to pass git apply
- Resolves: rhbz#1633817

[1:1.8.0.191.b13-0]
- Revise Shenandoah PR3634 patch following upstream discussion.
- Resolves: rhbz#1633817

[1:1.8.0.191.b13-0]
- Headful Requires of cups, replaced by Requires of cups-libs in headless
- Resolves: rhbz#1633817

[1:1.8.0.191.b13-0]
- Note why PR1834/RH1022017 is not suitable to go upstream in its current form.
- Resolves: rhbz#1633817

[1:1.8.0.191.b13-0]
- Document patch sections.
- Resolves: rhbz#1633817

[1:1.8.0.191.b13-0]
- Fix patch organisation in the spec file:
* Move ECC patches back to upstreamable section
* Move system cacerts patches to upstreamable section
* Merge 'Local fixes' and 'RPM fixes' which amount to the same thing
* Move system libpng & lcms patches back to 8u upstreamable section
* Make it clearer that 'Non-OpenJDK fixes' is currently empty
- Resolves: rhbz#1633817

[1:1.8.0.191.b12-8]
- added Patch583 jdk8172850-rh1640127-01-register_allocator_crash.patch
- added Patch584 jdk8209639-rh1640127-02-coalesce_attempted_spill_non_spillable.patch

[1:1.8.0.191.b12-7]
- Add patch jdk8210425-rh1632174-03-compile_with_o2_and_ffp_contract_off_as_for_fdlibm_zero.patch:
- Annother fix for optimization gaps (annocheck issues)
- Zero 8u version fix was missing. Hence, only shows up on Zero arches.

[1:1.8.0.191.b12-6]
- Add fixes for optimization gaps (annocheck issues):
- 8210761: libjsig is being compiled without optimization
- 8210647: libsaproc is being compiled without optimization
- 8210416: [linux] Poor StrictMath performance due to non-optimized compilation
- 8210425: [x86] sharedRuntimeTrig/sharedRuntimeTrans compiled without optimization
8u upstream and aarch64/jdk8u upstream versions.

[1:1.8.0.191.b12-5]
- Removed patch, rh1214835.patch, since it's invalid:
See https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2304#c3

[1:1.8.0.191.b12-4]
- Update(s) from upstreamed patches:
- jdk8036003-add_with_native_debug_symbols_configure_flag.patch
- jdk8150954-pr2866-rh1176206-screenshot_xcomposite_jdk.patch =>
jdk8150954-pr2866-rh1176206-screenshot_xcomposite_jdk.patch
Deleted rh1176206-root.patch as thats no longer needed with
upstream 8150954.
- 8207057-pr3613-hotspot-assembler-debuginfo.patch =>
jdk8207057-pr3613-no_debug_info_for_assembler_files_hotspot.patch and
jdk8207057-pr3613-no_debug_info_for_assembler_files_root.patch. From JDK 8u
backport.
- Use --with-native-debug-symbols=internal which JDK-8036003 adds.
- Remove comment for make invocation since it's no longer valid.
--with-native-debug-symbols=internal will do everything we need.

[1:1.8.0.191.b12-3]
- cups moved to headful package
- enabled gtk2 in headful package (RH1598152)
- Resolves: rhbz#1633817

[1:1.8.0.191.b12-2]
- made rhpkg and srpm or rebuild working on fedora again
- cosmetic changes - using macros where possible
- fixed issues in desktop files (missing vendor, unexpandedmacros, missing information)
- README.src renamed to README.md
- Resolves: rhbz#1633817


Related CVEs


CVE-2019-2422

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.src.rpm81daec8820de8487ce9db9834fc0d28c-
java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.aarch64.rpm8aedcb9fa1b20cb44ac3f1bef85f1aca-
java-1.8.0-openjdk-accessibility-1.8.0.201.b09-0.el7_6.aarch64.rpmb8acf2cc58114e415e966052cdbd6d80-
java-1.8.0-openjdk-accessibility-debug-1.8.0.201.b09-0.el7_6.aarch64.rpmc7df47f7d5088ec5a78931f64c832c14-
java-1.8.0-openjdk-debug-1.8.0.201.b09-0.el7_6.aarch64.rpm82714fffe20f89aef96fc9dd177883f8-
java-1.8.0-openjdk-demo-1.8.0.201.b09-0.el7_6.aarch64.rpm655c20fa12f085ec2973f9425f5b786a-
java-1.8.0-openjdk-demo-debug-1.8.0.201.b09-0.el7_6.aarch64.rpm4f6fa3105e2d517bd325711aa55624e0-
java-1.8.0-openjdk-devel-1.8.0.201.b09-0.el7_6.aarch64.rpmcc4cd6388e3c694eed3e34f51e5d7bf8-
java-1.8.0-openjdk-devel-debug-1.8.0.201.b09-0.el7_6.aarch64.rpm91fb2f507e08011731b7914c39bb9eaa-
java-1.8.0-openjdk-headless-1.8.0.201.b09-0.el7_6.aarch64.rpm962d68115f9d7c312219bfda61ff5c9d-
java-1.8.0-openjdk-headless-debug-1.8.0.201.b09-0.el7_6.aarch64.rpm7f5be7c546a22fddc558f4e9be0a8f8d-
java-1.8.0-openjdk-javadoc-1.8.0.201.b09-0.el7_6.noarch.rpm585db9def2b686d1b29d90bc8d344c3f-
java-1.8.0-openjdk-javadoc-debug-1.8.0.201.b09-0.el7_6.noarch.rpm3e61c7fe06106d54b95aaf4da116d0c4-
java-1.8.0-openjdk-javadoc-zip-1.8.0.201.b09-0.el7_6.noarch.rpmcf24db933a0e0167360552f147ba43cc-
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.201.b09-0.el7_6.noarch.rpmfe04076c7164acaf25afe4dd03c7dbcb-
java-1.8.0-openjdk-src-1.8.0.201.b09-0.el7_6.aarch64.rpm31b682b7ee2048a601c87f211a8fd4d7-
java-1.8.0-openjdk-src-debug-1.8.0.201.b09-0.el7_6.aarch64.rpmd5ab9074b97e8d3f06b62abf0cd3f891-
Oracle Linux 7 (x86_64) java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.src.rpm81daec8820de8487ce9db9834fc0d28c-
java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.i686.rpm292a54323c5e6f4a35efdf153fe7a221-
java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.x86_64.rpm2aeb54bc894783d21840674705ca86c1-
java-1.8.0-openjdk-accessibility-1.8.0.201.b09-0.el7_6.i686.rpmf099ad30ebe0a0f7d8c90ccd4cf206f1-
java-1.8.0-openjdk-accessibility-1.8.0.201.b09-0.el7_6.x86_64.rpmb0f441c349919acd28328f14d8e2b1e6-
java-1.8.0-openjdk-accessibility-debug-1.8.0.201.b09-0.el7_6.i686.rpm718f64910b04a761a386561c27e813d6-
java-1.8.0-openjdk-accessibility-debug-1.8.0.201.b09-0.el7_6.x86_64.rpmf328e7f2a3c363b69e8f55c2d09895c3-
java-1.8.0-openjdk-debug-1.8.0.201.b09-0.el7_6.i686.rpm110688e2a00eb27c84577528d7ae9da9-
java-1.8.0-openjdk-debug-1.8.0.201.b09-0.el7_6.x86_64.rpm64020ddf9768c30b050723d3d3b63f39-
java-1.8.0-openjdk-demo-1.8.0.201.b09-0.el7_6.i686.rpmc96de61b2b5e2287a9f13845fd19c5b2-
java-1.8.0-openjdk-demo-1.8.0.201.b09-0.el7_6.x86_64.rpme38951d946543ab3c41e61b44585f854-
java-1.8.0-openjdk-demo-debug-1.8.0.201.b09-0.el7_6.i686.rpm6f8d33ca3cc26300d6af15a3e72d2135-
java-1.8.0-openjdk-demo-debug-1.8.0.201.b09-0.el7_6.x86_64.rpm4db96d299290c082f59912d1e011bd64-
java-1.8.0-openjdk-devel-1.8.0.201.b09-0.el7_6.i686.rpm25b52a2a1a5bef230eb2adb1a3702921-
java-1.8.0-openjdk-devel-1.8.0.201.b09-0.el7_6.x86_64.rpmbbe1467e47aff38c00feb6089e77eacb-
java-1.8.0-openjdk-devel-debug-1.8.0.201.b09-0.el7_6.i686.rpm458fbf9da7dddf7848c025d38ab9ac86-
java-1.8.0-openjdk-devel-debug-1.8.0.201.b09-0.el7_6.x86_64.rpmd4d035f42749c773d4bdf3e2eaf5551f-
java-1.8.0-openjdk-headless-1.8.0.201.b09-0.el7_6.i686.rpm34a30d3527788af66ccbd7951da1733a-
java-1.8.0-openjdk-headless-1.8.0.201.b09-0.el7_6.x86_64.rpm771c116c9276c4129f027438f6c3e630-
java-1.8.0-openjdk-headless-debug-1.8.0.201.b09-0.el7_6.i686.rpme05206a649783f154f0d6986cdf96245-
java-1.8.0-openjdk-headless-debug-1.8.0.201.b09-0.el7_6.x86_64.rpmac09cdf85139df6ac82ceb08c3a3c29b-
java-1.8.0-openjdk-javadoc-1.8.0.201.b09-0.el7_6.noarch.rpm585db9def2b686d1b29d90bc8d344c3f-
java-1.8.0-openjdk-javadoc-debug-1.8.0.201.b09-0.el7_6.noarch.rpm3e61c7fe06106d54b95aaf4da116d0c4-
java-1.8.0-openjdk-javadoc-zip-1.8.0.201.b09-0.el7_6.noarch.rpmcf24db933a0e0167360552f147ba43cc-
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.201.b09-0.el7_6.noarch.rpmfe04076c7164acaf25afe4dd03c7dbcb-
java-1.8.0-openjdk-src-1.8.0.201.b09-0.el7_6.i686.rpm330d20c315350988059b28347328c7fd-
java-1.8.0-openjdk-src-1.8.0.201.b09-0.el7_6.x86_64.rpm10e8e9651286478f1cacff69818bc9e4-
java-1.8.0-openjdk-src-debug-1.8.0.201.b09-0.el7_6.i686.rpm288bb17473253627530c18e41c9ac96a-
java-1.8.0-openjdk-src-debug-1.8.0.201.b09-0.el7_6.x86_64.rpm5c7e739e86457459e62f70b11f4d1ec7-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete