ELSA-2020-2972

ELSA-2020-2972 - java-1.8.0-openjdk security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-07-16

Description

[1:1.8.0.262.b10-0.1]
- Update to aarch64-shenandoah-jdk8u262-b10.
- Switch to GA mode for final release.
- Update release notes for 8u262 release.
- Fix typo in jfr_arches which leads to ppc64 being wrongly excluded.
- Split JDK-8042159 patch into per-repo patches as upstream.
- Update JDK-8042159 JDK patch to apply after JDK-8238002 changes to Awt2dLibraries.gmk
- Resolves: rhbz#1838811

[1:1.8.0.262.b09-0.1.ea]
- Update to aarch64-shenandoah-jdk8u262-b09-shenandoah-merge-2020-07-03
- Resolves: rhbz#1838811

[1:1.8.0.262.b09-0.0.ea]
- With JDK-8248399 fixed, a broken jfr binary is no longer installed on architectures without JFR.
- Resolves: rhbz#1838811

[1:1.8.0.262.b09-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b09.
- Resolves: rhbz#1838811

[1:1.8.0.262.b08-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b08.
- Resolves: rhbz#1838811

[1:1.8.0.262.b07-0.2.ea]
- Update to aarch64-shenandoah-jdk8u262-b07-shenandoah-merge-2020-06-18.
- Resolves: rhbz#1838811

[1:1.8.0.262.b07-0.1.ea]
- Sync alt-java support with java-11-openjdk version.
- Resolves: rhbz#1838811

[1:1.8.0.262.b07-0.1.ea]
- Created copy of java as alt-java and adapted alternatives and man pages
- Resolves: rhbz#1838811

[1:1.8.0.262.b07-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b07.
- Require tzdata 2020a so system tzdata matches resource updates in b07
- Resolves: rhbz#1838811

[1:1.8.0.262.b06-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b06.
- Resolves: rhbz#1838811

[1:1.8.0.262.b05-0.1.ea]
- Update to aarch64-shenandoah-jdk8u262-b05-shenandoah-merge-2020-06-04.
- Resolves: rhbz#1838811

[1:1.8.0.262.b05-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b05.
- Resolves: rhbz#1838811

[1:1.8.0.262.b04-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b04.
- Resolves: rhbz#1838811

[1:1.8.0.262.b03-0.1.ea]
- Update to aarch64-shenandoah-jdk8u262-b03-shenandoah-merge-2020-05-20.
- Resolves: rhbz#1838811

[1:1.8.0.262.b03-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b03.
- Resolves: rhbz#1838811

[1:1.8.0.262.b02-0.1.ea]
- Enable JFR in our builds, ahead of upstream default.
- Only enable JFR for JIT builds, as it is not supported with Zero.
- Turn off JFR on x86 for now due to assert(SerializePageShiftCount == count) crash.
- Explicitly list jfr.jar, default.jfc & profile.jfc in the spec file.
- Introduce jfr_arches for architectures which support JFR.
- Use sa_arches for libsaproc.so inclusion.
- Resolves: rhbz#1838811

[1:1.8.0.262.b02-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b02.
- Resolves: rhbz#1838811

[1:1.8.0.262.b01-0.0.ea]
- Update to aarch64-shenandoah-jdk8u262-b01.
- Switch to EA mode.
- Adjust JDK-8143245/PR3548 patch following context changes due to JDK-8203287 for JFR
- Adjust RH1648644 following context changes due to introduction of JFR packages
- Add jfr binary to devel package and alternatives set
- Resolves: rhbz#1838811

Related CVEs

CVE-2020-14578

CVE-2020-14579

CVE-2020-14583

CVE-2020-14556

CVE-2020-14577

CVE-2020-14593

CVE-2020-14621

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.src.rpm	769c5fdebb629ade83c97ff5a3f16ce5b5d7602b4e2f0fcbe20f7a97605f1e08	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.aarch64.rpm	72b9d16faca177c726aab5b98d1fa38ed5037701d128845f8bf630aaab97a5d0	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-accessibility-1.8.0.262.b10-0.el8_2.aarch64.rpm	558ee91dc9b0d89fa931471e97ab3cbe72137307759393a278e7412206654e2a	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-demo-1.8.0.262.b10-0.el8_2.aarch64.rpm	d2eb3f074d6f747cd9fa1feb6b3a9f5caadb290d1aa8edf8679c16b71e157076	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-devel-1.8.0.262.b10-0.el8_2.aarch64.rpm	dfac67e25055ea64395ab8461087a1097024604e580ac64006a6b35ecc01be79	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-headless-1.8.0.262.b10-0.el8_2.aarch64.rpm	9c01f33731c774d78d0d4fcd8abf0fc15fb5fc833b8d28c4707a18647bde6937	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-javadoc-1.8.0.262.b10-0.el8_2.noarch.rpm	232baf188e815628154e0f22f00a9826252a9e9566abdd244fa61986cfa33d85	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-javadoc-zip-1.8.0.262.b10-0.el8_2.noarch.rpm	77950c9b0241767cf74fa43177fc154f36a213f99be7b9790fefc7058e97e6c1	-	ol8_aarch64_appstream
	java-1.8.0-openjdk-src-1.8.0.262.b10-0.el8_2.aarch64.rpm	fa586e553307105388943099048e4c9405bcc53e2448f5d9dc33f39eb219ee68	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.src.rpm	769c5fdebb629ade83c97ff5a3f16ce5b5d7602b4e2f0fcbe20f7a97605f1e08	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64.rpm	e9197e8a8866ed7d545d353ca9e55166919704dc1cf4d1552ce4ef0973e96ae2	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-accessibility-1.8.0.262.b10-0.el8_2.x86_64.rpm	86224d9b7e6573865c6e3a2d9245be4b5b877d5cf3e4b56d14ac5be52b53bb98	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-demo-1.8.0.262.b10-0.el8_2.x86_64.rpm	cd597574d4d344022760b89ef4efc320a41b8ea5d2ef86025c87c660b013bc06	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-devel-1.8.0.262.b10-0.el8_2.x86_64.rpm	545975087dbe70e26f7935355b512aad738ffc1374f239001ba717138e834841	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-headless-1.8.0.262.b10-0.el8_2.x86_64.rpm	6c0bee2aba14d3898472a98f95ecfed500985fa99767af74ae1758347b3a2a6f	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-javadoc-1.8.0.262.b10-0.el8_2.noarch.rpm	232baf188e815628154e0f22f00a9826252a9e9566abdd244fa61986cfa33d85	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-javadoc-zip-1.8.0.262.b10-0.el8_2.noarch.rpm	77950c9b0241767cf74fa43177fc154f36a213f99be7b9790fefc7058e97e6c1	-	ol8_x86_64_appstream
	java-1.8.0-openjdk-src-1.8.0.262.b10-0.el8_2.x86_64.rpm	866acbd42d06098ece521add53c6c5dc58ebe646a3c1b8efb2691e4819dd5224	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team