ELSA-2020-4347

ELSA-2020-4347 - java-1.8.0-openjdk security update

Type:SECURITY
Severity:MODERATE
Release Date:2020-10-27

Description


[1:1.8.0.272.b10-1]
- Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour'
- Resolves: rhbz#1876665

[1:1.8.0.272.b10-0]
- Update to aarch64-shenandoah-jdk8u272-b10.
- Switch to GA mode for final release.
- Update release notes for 8u272 release.
- Add backport of JDK-8254177 to update to tzdata 2020b
- Require tzdata 2020b due to resource changes in JDK-8254177
- Delay tzdata 2020b dependency until tzdata update has shipped.
- Adjust JDK-8062808/PR3548 following constantPool.hpp context change in JDK-8243302
- Adjust PR3593 following g1StringDedupTable.cpp context change in JDK-8240124 & JDK-8244955
- This tarball is embargoed until 2020-10-20 @ 1pm PT.
- Resolves: rhbz#1876665

[1:1.8.0.272.b09-0.1.ea]
- Include a test in the RPM to check the build has the correct vendor information.
- Use 'oj_' prefix on new vendor globals to avoid a conflict with RPM's vendor value.
- Improve quoting of vendor name
- Resolves: rhbz#1876665

[1:1.8.0.272.b09-0.1.ea]
- Set vendor property and vendor URLs
- Made URLs to be preconfigured by OS
- Resolves: rhbz#1876665

[1:1.8.0.272.b09-0.0.ea]
- Update to aarch64-shenandoah-jdk8u272-b09 (EA).
- Switch to EA mode.
- Add debugging output for build.
- JFR must now be explicitly disabled when unwanted (e.g. x86), following switch of upstream default.
- Remove JDK-8154313 backport now applied upstream.
- Change target from 'zip-docs' to 'docs-zip', which is the naming used upstream.
- Update tarball generation script to use PR3795, following inclusion of JDK-8177334
- Add additional s390 size_t case in g1ConcurrentMarkObjArrayProcessor.cpp introduced by JDK-8057003
- Add additional s390 log2_intptr case in shenandoahUtils.cpp introduced by JDK-8245464
- Enable JFR on x86, now we have JDK-8252096: Shenandoah: adjust SerialPageShiftCount for x86_32 and JFR
- Update tarball generation script to use PR3799, following inclusion of JDK-8245468 (TLSv1.3)
- Remove JDK-8165996/PR3506/RH1760437 as now applied upstream.
- Resolves: rhbz#1876665


Related CVEs


CVE-2020-14779
CVE-2020-14781
CVE-2020-14796
CVE-2020-14797
CVE-2020-14803
CVE-2020-14782
CVE-2020-14792

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) java-1.8.0-openjdk-1.8.0.272.b10-1.el8_2.src.rpma7f559b365fff412f187663e1be34acf-
java-1.8.0-openjdk-1.8.0.272.b10-1.el8_2.aarch64.rpmcbe29e03e095c2e1abbcef7917fe0ed6-
java-1.8.0-openjdk-accessibility-1.8.0.272.b10-1.el8_2.aarch64.rpmc470ccd803062a492970d5bfb5737f6c-
java-1.8.0-openjdk-demo-1.8.0.272.b10-1.el8_2.aarch64.rpm6b8f0ad87ab1a532931161acc296bcc8-
java-1.8.0-openjdk-devel-1.8.0.272.b10-1.el8_2.aarch64.rpm950f36860703021efbeaf973dedf00b0-
java-1.8.0-openjdk-headless-1.8.0.272.b10-1.el8_2.aarch64.rpm2222dd031e7ed881832dde9cac406be0-
java-1.8.0-openjdk-javadoc-1.8.0.272.b10-1.el8_2.noarch.rpm024113bd96c660be8a54231fc69228e0-
java-1.8.0-openjdk-javadoc-zip-1.8.0.272.b10-1.el8_2.noarch.rpm394ab904e31c7df47ccf3f3d3a653115-
java-1.8.0-openjdk-src-1.8.0.272.b10-1.el8_2.aarch64.rpmbe353798c5f026d2941d909a8100a541-
Oracle Linux 8 (x86_64) java-1.8.0-openjdk-1.8.0.272.b10-1.el8_2.src.rpma7f559b365fff412f187663e1be34acf-
java-1.8.0-openjdk-1.8.0.272.b10-1.el8_2.x86_64.rpm42ebf6ff2efdf8343cd405ef217c3f1a-
java-1.8.0-openjdk-accessibility-1.8.0.272.b10-1.el8_2.x86_64.rpm3110a8c88d03064942999d87167f36c2-
java-1.8.0-openjdk-demo-1.8.0.272.b10-1.el8_2.x86_64.rpm9f9808436fd067569dc346a9c40a8ab0-
java-1.8.0-openjdk-devel-1.8.0.272.b10-1.el8_2.x86_64.rpma9622657d1cd62302cc2d28909c38859-
java-1.8.0-openjdk-headless-1.8.0.272.b10-1.el8_2.x86_64.rpmda0d99d2db04efb896f769e5a179bc65-
java-1.8.0-openjdk-javadoc-1.8.0.272.b10-1.el8_2.noarch.rpm024113bd96c660be8a54231fc69228e0-
java-1.8.0-openjdk-javadoc-zip-1.8.0.272.b10-1.el8_2.noarch.rpm394ab904e31c7df47ccf3f3d3a653115-
java-1.8.0-openjdk-src-1.8.0.272.b10-1.el8_2.x86_64.rpmfbd7c9a58bc10929787a4905cfd1dc84-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete