- openjdk-8 (8u212-b01-1+rpi1) buster-staging; urgency=medium
++openjdk-8 (8u312-b07-1+rpi1) bullseye-staging; urgency=medium
+
++ [changes brought forward from 8u212-b01-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Fri, 29 Mar 2019 13:54:02 +0000]
+ * Add latomic to ldflags
+ * Disable testsuite.
+
- -- Peter Michael Green <plugwash@raspbian.org> Fri, 29 Mar 2019 13:54:02 +0000
++ -- Raspbian forward porter <root@raspbian.org> Tue, 28 Dec 2021 19:27:54 +0000
++
+ openjdk-8 (8u312-b07-1) unstable; urgency=medium
+
+ * New upstream release (GA)
+ * Security fixes:
+ - JDK-8130183, CVE-2021-35588: InnerClasses: VM permits wrong
+ Throw ClassFormatError if InnerClasses attribute's
+ inner_class_info_index is 0
+ - JDK-8161016: Strange behavior of URLConnection with proxy
+ - JDK-8163326, CVE-2021-35550: Update the default enabled cipher
+ suites preference
+ - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on
+ TLS session close
+ - JDK-8263314: Enhance XML Dsig modes
+ - JDK-8265167, CVE-2021-35556: Richer Text Editors
+ - JDK-8265574: Improve handling of sheets
+ - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit
+ - JDK-8265776: Improve Stream handling for SSL
+ - JDK-8266097, CVE-2021-35561: Better hashing support
+ - JDK-8266103: Better specified spec values
+ - JDK-8266109: More Resilient Classloading
+ - JDK-8266115: More Manifest Jar Loading
+ - JDK-8266137, CVE-2021-35564: Improve Keystore integrity
+ - JDK-8266689, CVE-2021-35567: More Constrained Delegation
+ - JDK-8267086: ArrayIndexOutOfBoundsException in
+ java.security.KeyFactory.generatePublic
+ - JDK-8267712: Better LDAP reference processing
+ - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking
+ - JDK-8267735, CVE-2021-35586: Better BMP support
+ - JDK-8268193: Improve requests of certificates
+ - JDK-8268199: Correct certificate requests
+ - JDK-8268506: More Manifest Digests
+ - JDK-8269618, CVE-2021-35603: Better session identification
+ - JDK-8269624: Enhance method selection support
+ - JDK-8270398: Enhance canonicalization
+ - JDK-8270404: Better canonicalization
+ * Other changes: see
+ https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-October/014373.html
+ * Policy 4.6.1, no relevant changes
+ * d/copyright: Apply changes since 8u302
+ * Upload sponsored by ⮡ tarent
+
+ -- Thorsten Glaser <tg@mirbsd.de> Fri, 05 Nov 2021 23:57:58 +0000
+
+ openjdk-8 (8u302-b08-1) unstable; urgency=medium
+
+ * New upstream release (GA)
+ * Security fixes:
+ - JDK-8256157: Improve bytecode assembly
+ - JDK-8256491: Better HTTP transport
+ - JDK-8258432, CVE-2021-2341: Improve file transfers
+ - JDK-8260453: Improve Font Bounding
+ - JDK-8260960: Signs of jarsigner signing
+ - JDK-8260967, CVE-2021-2369: Better jar file validation
+ - JDK-8262380: Enhance XML processing passes
+ - JDK-8262403: Enhanced data transfer
+ - JDK-8262410: Enhanced rules for zones
+ - JDK-8262477: Enhance String Conclusions
+ - JDK-8262967: Improve Zip file support
+ - JDK-8264066, CVE-2021-2388: Enhance compiler validation
+ - JDK-8264079: Improve abstractions
+ - JDK-8264460: Improve NTLM support
+ * Other changes: see
+ https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-July/014118.html
+ * Add or update d/copyright lines, based on diffing upstream changes
+ * Refresh all patches that are actually used and drop no longer needed
+ d/p/compare-pointer-with-literal.patch
+ * Fix spelling in d/rules
+ * Upload sponsored by ⮡ tarent
+
+ -- Thorsten Glaser <tg@mirbsd.de> Thu, 29 Jul 2021 20:45:23 +0200
+
+ openjdk-8 (8u292-b10-3) unstable; urgency=medium
+
+ * Re-upload with actually regenerated debian/control, oops
+
+ -- Thorsten Glaser <tg@mirbsd.de> Thu, 24 Jun 2021 00:05:48 +0200
+
+ openjdk-8 (8u292-b10-2) unstable; urgency=low
+
+ * Fix regression in /etc/java-8-openjdk/accessibility.properties
+ * Drop Suggests nōnexistent icedtea-8-plugin
+ * Fix binfmts error with patch from bug (Closes: #822348)
+ * Create /usr/share/man/man1 if it doesn’t exist, for crippled
+ container images (Closes: #863199)
+ * Provide java-runtime{,-headless} (Closes: #906111)
+ * Mark openjdk-8-doc as M-A:foreign
+ * Update “It was downloaded from” in d/copyright (cf. #970517)
+
+ -- Thorsten Glaser <tg@mirbsd.de> Tue, 15 Jun 2021 22:23:01 +0200
+
+ openjdk-8 (8u292-b10-1) unstable; urgency=medium
+
+ * Source-only upload after the previous bootstrap binary one
+ * Change -Xmx1024m to -Xmx1000m in icedtea-sound compilation
+ to work with mipsel’s memory layout (and sh4)
+ * Don’t set old-style ALT_ environment variables, they are ignored
+ * Create the origtgz in a hopefully reproducible way
+ * Merge openjdk-8 (8u292-b10-0+deb9u1)
+ - Revert bogus reversion of changes from previous uploads
+ - Add missing changelog entry for 8u275
+ - Revert *buntu ESM-related changes
+ - Undo an inconsistency in fetch-orig
+ * Fix whitespace
+ * Upgrade aarch32 to 8u292 GA
+ * Build with reproducible LC_ALL=C setting
+ * Obtain origtgz from https or, when not possible (icedtea-sound),
+ check SHA256 against one I manually downloaded and checked, using
+ the (expired…) key from pyconfigure’s signing keyring, which,
+ unlike the keyserver network, contains the key used
+ * Abort fetching origtgz if it fails, don’t soldier on to fail later
+ * Document reasons some tests fail (more building on older releases)
+ * Update lintian overrides (for sid)
+
+ -- Thorsten Glaser <tg@mirbsd.de> Mon, 26 Apr 2021 17:00:54 +0200
+
+ openjdk-8 (8u292-b10-0+deb9u1) stretch-security; urgency=medium
+
+ * Merge with Ubuntu.
+ * Update to 8u292-b10 (GA).
+
+ -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 21 Apr 2021 13:13:15 +0200
+
+ openjdk-8 (8u292-b10-0ubuntu1) hirsute; urgency=medium
+
+ * Update to 8u292-b10 (GA).
+ * Security fixes
+ - JDK-8227467: Better class method invocations
+ - JDK-8244473: Contextualize registration for JNDI
+ - JDK-8244543: Enhanced handling of abstract classes
+ - JDK-8249906, CVE-2021-2163: Enhance opening JARs
+ - JDK-8250568, CVE-2021-2161: Less ambiguous processing
+ - JDK-8253799: Make lists of normal filenames
+ * Other changes:
+ See https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-April/013680.html
+
+ -- Matthias Klose <doko@ubuntu.com> Wed, 21 Apr 2021 12:25:15 +0200
+
+ openjdk-8 (8u282-b08-2) unstable; urgency=medium
+
+ * Reupload to sid, under new maintainership (Debian Java team);
+ cf. https://lists.debian.org/debian-java/2021/03/msg00021.html
+ (and surrounding thread); sponsored by ⮡ tarent
+ * Readd improvements from 8u275-b01-1, lost changelog entries
+ * Add NEWS to openjdk-8-jre-headless (because all other depend on
+ that) regarding OpenJDK 8 not being supported
+ * Use GCC 10 to build on bullseye, sid, groovy and hirsute (that
+ means GCC 9 on focal only) (Closes: #978519)
+ * Silence postinst warning about removed -XX:PermSize option
+ * Switch to mktemp(1)
+ * Drop unused patches (keep a couple which just need updating)
+ * Update README.source a little
+ * G/C long-dead code from postinst, too
+ * If the testsuite is disabled during generation of debian/control
+ omit test-only dependencies
+ * Upload with binaries built using the previous openjdk-8 binaries
+ because openjdk-8-jdk is required for bootstrapping; 7 works but
+ 11 cannot be used :/ a source-only upload will follow
+ * Skip testsuite for first bootstrap, saving lots of time/CPU
+ * Address some issues lintian reported; update a number of overrides
+
+ -- Thorsten Glaser <tg@mirbsd.de> Fri, 26 Mar 2021 00:48:09 +0100
+
+ openjdk-8 (8u282-b08-1) bullseye; urgency=medium
+
+ * Team upload.
+ * Provide builds for bullseye/sid (for a personal repository),
+ buster (for the same), stretch (for LTS), jessie (for ELTS)
+ and wheezy (also for that personal repository)
+ * Move @bd_bootstrap@ high up in Build-Depends so the resolver tries
+ to fulfil it first
+ * Require an openjdk-8 to bootstrap (a previous build)
+ * Let openjdk-8-jre-headless fulfill default-jre-headless (>= 2:1.8)
+ in <!nocheck>; the latter is only used with distros whose default
+ JRE is older than 8, to avoid accidental use of 11
+
+ -- Thorsten Glaser <t.glaser@tarent.de> Sun, 14 Feb 2021 00:42:46 +0100
+
+ openjdk-8 (8u282-b08-0ubuntu1) hirsute; urgency=medium
+
+ * Update to 8u282-b08 (GA).
+ * Update AArch64 hotspot to 8u282-b07 and AArch32 hotspot to 8u282-b07.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Wed, 20 Jan 2021 00:48:04 +0000
+
+ openjdk-8 (8u282-b07-0ubuntu1) hirsute; urgency=medium
+
+ * Update to 8u282-b07 (early access build).
+ * Update AArch64 hotspot to 8u282-b03 and AArch32 hotspot to 8u282-b06.
+ * Update patches.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Thu, 07 Jan 2021 00:16:35 +0000
+
+ openjdk-8 (8u275-b01-1~deb9u1) stretch-security; urgency=medium
+
+ * Team upload.
+ * Provide 8u275-b01 (GA) regression fixes
+
+ -- Thorsten Glaser <tg@mirbsd.de> Wed, 02 Dec 2020 11:15:53 +0100
+
+ openjdk-8 (8u275-b01-1) unstable; urgency=medium
+
+ * Team upload.
+ * Merge back into Debian
+ - Revert Maintainer change
+ * Drop unused patch (which is already merged upstream)
+ * Correct hg_tag, hg_tag_aarch64, hg_tag_aarch32 in debian/rules
+ * Really update the origtgz to 8u275 instead of hackedly patching
+ * Quell some lintian warnings
+
+ -- Thorsten Glaser <tg@mirbsd.de> Wed, 02 Dec 2020 09:51:35 +0100
+
+ openjdk-8 (8u275-b01-0ubuntu1) hirsute; urgency=medium
+
+ * Update to 8u275-b01 (GA). Patch aarch32 and aarch64 to 8u275-b01.
+ * Regression fixes:
+ - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate"
+ - JDK-8223940: Private key not supported by chosen signature algorithm
+ - JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding
+ - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Mon, 09 Nov 2020 02:08:45 +0000
+
+ openjdk-8 (8u272-b10-1) unstable; urgency=medium
+
+ * Team upload.
+ * Upload latest security fixes (thanks!) to sid
+
+ -- Thorsten Glaser <tg@mirbsd.de> Mon, 26 Oct 2020 21:29:16 +0100
+
+ openjdk-8 (8u272-b10-0ubuntu1) hirsute; urgency=medium
+
+ * Update to 8u272-b10 (GA). Patch aarch32 to 8u272-b10.
+ * Security fixes:
+ - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class.
+ - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts.
+ - JDK-8237995, CVE-2020-14782: Enhance certificate processing.
+ - JDK-8241114, CVE-2020-14792: Better range handling.
+ - JDK-8242680, CVE-2020-14796: Improved URI Support.
+ - JDK-8242685, CVE-2020-14797: Better Path Validation.
+ - JDK-8242695, CVE-2020-14798: Enhanced buffer support.
+ - JDK-8244136, CVE-2020-14803: Improved Buffer supports.
+ - JDK-8233624: Enhance JNI linkage.
+ - JDK-8236196: Improve string pooling.
+ - JDK-8240124: Better VM Interning.
+ - JDK-8243302: Advanced class supports.
+ - JDK-8244479: Further constrain certificates.
+ - JDK-8244955: Additional Fix for JDK-8240124.
+ - JDK-8245407: Enhance zoning of times.
+ - JDK-8245412: Better class definitions.
+ - JDK-8245417: Improve certificate chain handling.
+ - JDK-8248574: Improve jpeg processing.
+ - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit.
+ - JDK-8253019: Enhanced JPEG decoding.
+ * New features:
+ - JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Thu, 22 Oct 2020 00:12:59 +0000
+
+ openjdk-8 (8u272-b10-0+deb9u1) stretch-security; urgency=medium
+
+ * Update to 8u272-b10 (GA).
+ * Security fixes:
+ - JDK-8233624: Enhance JNI linkage
+ - JDK-8236196: Improve string pooling
+ - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
+ - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
+ - JDK-8237995, CVE-2020-14782: Enhance certificate processing
+ - JDK-8240124: Better VM Interning
+ - JDK-8241114, CVE-2020-14792: Better range handling
+ - JDK-8242680, CVE-2020-14796: Improved URI Support
+ - JDK-8242685, CVE-2020-14797: Better Path Validation
+ - JDK-8242695, CVE-2020-14798: Enhanced buffer support
+ - JDK-8243302: Advanced class supports
+ - JDK-8244136, CVE-2020-14803: Improved Buffer supports
+ - JDK-8244479: Further constrain certificates
+ - JDK-8244955: Additional Fix for JDK-8240124
+ - JDK-8245407: Enhance zoning of times
+ - JDK-8245412: Better class definitions
+ - JDK-8245417: Improve certificate chain handling
+ - JDK-8248574: Improve jpeg processing
+ - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
+ - JDK-8253019: Enhanced JPEG decoding
+
+ -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 21 Oct 2020 23:52:22 +0200
+
+ openjdk-8 (8u272~b09-0ubuntu1) groovy; urgency=medium
+
+ * Update to 8u272-b09 (early access build).
+ * Update AArch64 hotspot to 8u252-b08 (no hotspot changes to b09).
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Thu, 08 Oct 2020 14:57:35 +0000
+
+ openjdk-8 (8u265-b01-1) unstable; urgency=medium
+
+ * Team upload.
+ * Upload to unstable (no comment…). Thanks!
+
+ -- Thorsten Glaser <tg@mirbsd.de> Thu, 13 Aug 2020 21:26:36 +0200
+
+ openjdk-8 (8u265-b01-0+deb9u1) stretch-security; urgency=medium
+
+ * Non-maintainer upload by the LTS Team.
+ * Merge changes from 8u265-b01-0ubuntu2.
+
+ -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 12 Aug 2020 10:17:29 +0200
+
+ openjdk-8 (8u265-b01-0ubuntu2) groovy; urgency=medium
+
+ * Improve build times and autopkgtest runs by ignoring time
+ consuming tests when running on zerovm and armhf systems.
+ - debian/tests/hotspot: exclude slow hotspot tests for
+ zerovm hotspot or armhf machines.
+ - debian/tests/hotspot-problem-list-slow.txt: define a list
+ of long running hotspot tests.
+ - debian/tests/jdk-problem-list.txt: add a list of long
+ running jdk tests for linux-arm (armhf) systems.
+ - debian/tests/jtreg-autopkgtest.in: reduce retries from
+ 3 to 2 in order to save time.
+ - debian/tests/jtreg-autopkgtest.sh: regenerated.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Sat, 01 Aug 2020 21:41:17 +0000
+
+ openjdk-8 (8u265-b01-0ubuntu1) groovy; urgency=medium
+
+ * Update to 8u265-b01 (GA).
+ * Bug fixes:
+ - JDK-8249677: Regression in 8u after JDK-8237117: Better
+ ForkJoinPool behavior.
+ - JDK-8250546: Expect changed behaviour reported in JDK-8249846.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Sat, 01 Aug 2020 17:50:43 +0000
+
+ openjdk-8 (8u262-b10-0ubuntu2) groovy; urgency=medium
+
+ * d/p/jdk-8249677.patch: fix regression introduced by JDK-8237117.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Thu, 22 Jul 2020 20:53:08 +0000
+
+ openjdk-8 (8u262-b10-0ubuntu1) groovy; urgency=medium
+
+ * Update to 8u262-b10 (GA). Update aarch32 to 8u262-b09 (no
+ hotspot changes between b09 and b10).
+ * Security fixes:
+ - JDK-8028431, CVE-2020-14579: NullPointerException in
+ DerValue.equals(DerValue)
+ - JDK-8028591, CVE-2020-14578: NegativeArraySizeException in
+ sun.security.util.DerInputStream.getUnalignedBitString()
+ - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
+ - JDK-8237592, CVE-2020-14577: Enhance certificate verification
+ - JDK-8238002, CVE-2020-14581: Better matrix operations
+ - JDK-8238920, CVE-2020-14583: Better Buffer support
+ - JDK-8240119, CVE-2020-14593: Less Affine Transformations
+ - JDK-8242136, CVE-2020-14621: Better XML namespace handling
+ - JDK-8230613: Better ASCII conversions
+ - JDK-8231800: Better listing of arrays
+ - JDK-8232014: Expand DTD support
+ - JDK-8233255: Better Swing Buttons
+ - JDK-8234032: Improve basic calendar services
+ - JDK-8234042: Better factory production of certificates
+ - JDK-8234418: Better parsing with CertificateFactory
+ - JDK-8234836: Improve serialization handling
+ - JDK-8236191: Enhance OID processing
+ - JDK-8238804: Enhance key handling process
+ - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
+ - JDK-8238843: Enhanced font handing
+ - JDK-8238925: Enhance WAV file playback
+ - JDK-8240482: Improved WAV file playback
+ - JDK-8241379: Update JCEKS support
+ - JDK-8241522: Manifest improved jar headers redux
+ * debian/patches/zero-x32.diff: remove SocketImpl.c hunks which
+ have been applied upstream.
+ * debian/patches/default-jvm-cfg-default.diff: fixed fuzz.
+ * debian/patches/pass-extra-flags.diff: fixed fuzz.
+ * debian/patches/system-lcms.diff: fixed fuzz.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Wed, 24 Jun 2020 21:29:14 +0000
+
+ openjdk-8 (8u252-b09-1ubuntu1) focal; urgency=medium
+
+ * Build without atk-wrapper on i386 in focal.
+
+ -- Matthias Klose <doko@ubuntu.com> Thu, 16 Apr 2020 10:47:49 +0200
+
+ openjdk-8 (8u252-b09-1) unstable; urgency=medium
+
+ * Update to OpenJDK 8u252-b09 (GA). Updated aarch32 to 8u252-b08 (no
+ hotspot changes between b08 and b09).
+ * Security fixes
+ - JDK-8223898, CVE-2020-2754: Forward references to Nashorn
+ - JDK-8223904, CVE-2020-2755: Improve Nashorn matching
+ - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs
+ - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues
+ - JDK-8225603: Enhancement for big integers
+ - JDK-8227542: Manifest improved jar headers
+ - JDK-8231415, CVE-2020-2773: Better signatures in XML
+ - JDK-8233250: Better X11 rendering
+ - JDK-8233410: Better Build Scripting
+ - JDK-8234027: Better JCEKS key support
+ - JDK-8234408, CVE-2020-2781: Improve TLS session handling
+ - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers
+ - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers
+ - JDK-8235274, CVE-2020-2805: Enhance typing of methods
+ - JDK-8236201, CVE-2020-2830: Better Scanner conversions
+ - JDK-8238960: linux-i586 builds are inconsistent as the newly build
+ jdk is not able to reserve enough space for object heap
+ * Other changes
+ - JDK-8005819: Support cross-realm MSSFU
+ - JDK-8022263: use same Clang warnings on BSD as on Linux
+ - JDK-8038631: Create wrapper for awt.Robot with additional functionality
+ - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex
+ assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor
+ is invalid
+ - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and
+ some unit tests
+ - JDK-8068184: Fix for JDK-8032832 caused a deadlock
+ - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature
+ - JDK-8132130: some docs cleanup
+ - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit
+ - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods
+ is not optimal
+ - JDK-8144446: Automate the Marlin crash test
+ - JDK-8144526: Remove Marlin logging use of deleted internal API
+ - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats
+ - JDK-8144654: Improve Marlin logging
+ - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with
+ huge coordinates and round joins
+ - JDK-8166976: TestCipherPBECons has wrong @run line
+ - JDK-8167409: Invalid value passed to critical JNI function
+ - JDK-8181872: C1: possible overflow when strength reducing integer multiply
+ by constant
+ - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT
+ - JDK-8191227: issues with unsafe handle resolution
+ - JDK-8197441: Signature#initSign/initVerify for an invalid
+ private/public key fails with ClassCastException for SunPKCS11 provider
+ - JDK-8204152: SignedObject throws NullPointerException for null keys with
+ an initialized Signature object
+ - JDK-8215756: Memory leaks in the AWT on macOS
+ - JDK-8216472: (se) Stack overflow during selection operation leads to crash
+ - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from
+ mtInternal to mtThread
+ - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected
+ exceptions
+ - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts
+ test
+ - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
+ - JDK-8229022: BufferedReader performance can be improved by using
+ StringBuilder
+ - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC
+ - JDK-8229872: (fs) Increase buffer size used with getmntent
+ - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey
+ cause Exception
+ - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type
+ - JDK-8235744: PIT:
+ test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in
+ linux-x64
+ - JDK-8235904: Infinite loop when rendering huge lines
+ - JDK-8236179: C1 register allocation error with T_ADDRESS
+ - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read
+ - JDK-8240521: Revert backport of 8231584: Deadlock with
+ ClassLoader.findLibrary and System.loadLibrary call
+ - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
+ - JDK-8241307: Marlin renderer should not be the default in 8u252
+ * Build using GCC 9 in unstable. Closes: #944184.
+
+ -- Matthias Klose <doko@ubuntu.com> Wed, 15 Apr 2020 15:38:21 +0200
+
+ openjdk-8 (8u252-b07-1) unstable; urgency=medium
+
+ * Update to 8u252-b07 (early access build).
+ * Update ARM32 and AArch64 hotspot to 8u252-b06.
+ * Build using GCC 9 in recent releases.
+
+ -- Matthias Klose <doko@ubuntu.com> Thu, 26 Mar 2020 12:57:56 +0100
+
+ openjdk-8 (8u242-b08-1) unstable; urgency=medium
+
+ * Merge changes from 8u242-b08-0ubuntu3 back into Debian
+ * Fix nocheck profile (no profile support) for wheezy
+ * Version !nocheck default-jre-headless build dependency
+ to ensure at least Java 8 there as well; avoids needing to
+ install two JREs when building in pre-{stretch,xenial}
+ * Update aarch64 to GA jdk8u242-b08, aarch32 to jdk8u242-ga
+ * Bump Policy
+
+ -- Thorsten Glaser <tg@mirbsd.de> Thu, 06 Feb 2020 19:12:24 +0100
+
+ openjdk-8 (8u242-b08-0ubuntu3) focal; urgency=medium
+
+ * OpenJDK 8u242-b08 build (release).
+ - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities
+ - S8228548, CVE-2020-2593: Normalize normalization for all
+ - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets
+ - S8229951, CVE-2020-2601: Better Ticket Granting Services
+ - S8231422, CVE-2020-2604: Better serial filter handling
+ - S8231795, CVE-2020-2659: Enhance datagram socket support
+ - S8234037, CVE-2020-2654: Improve Object Identifier Processing
+ - S8037550: Update RFC references in javadoc to RFC 5280
+ - S8039438: Some tests depend on internal API sun.misc.IOUtils
+ - S8044500: Add kinit options and krb5.conf flags that allow users
+ to obtain renewable tickets and specify ticket lifetimes
+ - S8058290: JAAS Krb5LoginModule has suspect ticket-renewal logic,
+ relies on clockskew grace
+ - S8080835: Add blocking bulk read to sun.misc.IOUtils
+ - S8138978: Examine usages of sun.misc.IOUtils
+ - S8139206: Add InputStream readNBytes(int len)
+ - S8183591: Incorrect behavior when reading DER value with
+ Integer.MAX_VALUE length
+ - S8186576: KerberosTicket does not properly handle renewable
+ tickets at the end of their lifetime
+ - S8186831: Kerberos ignores PA-DATA with a non-null s2kparams
+ - S8186884: Test native KDC, Java krb5 lib, and native krb5 lib in
+ one test
+ - S8193832: Performance of InputStream.readAllBytes() could be improved
+ - S8196956: (ch) More channels cleanup
+ - S8201627: Kerberos sequence number issues
+ - S8215032: Support Kerberos cross-realm referrals (RFC 6806)
+ - S8225261: Better method resolutions
+ - S8225279: Better XRender interpolation
+ - S8226719: Kerberos login to Windows 2000 failed with "Inappropriate
+ type of checksum in message"
+ - S8227061: KDC.java test behaves incorrectly when AS-REQ contains a
+ PAData not PA-ENC-TS-ENC
+ - S8227381: GSS login fails with PREAUTH_FAILED
+ - S8227437: S4U2proxy cannot continue because server's TGT cannot be found
+ - S8227758: More valid PKIX processing
+ - S8227816: More Colorful ICC profiles
+ - S8230279: Improve Pack200 file reading
+ - S8230318: Better trust store usage
+ - S8230967: Improve Registry support of clients
+ - S8231129: More glyph images
+ - S8231139: Improved keystore support
+ - S8232381: add result NULL-checking to freetypeScaler.c
+ - S8232419: Improve Registry registration
+ - S8233944: Make KerberosPrincipal.KRB_NT_ENTERPRISE field package private
+ - S8235909: File.exists throws AccessControlException for invalid
+ paths when a SecurityManager is installed
+ - S8236983: [TESTBUG] Remove pointless catch block in
+ test/jdk/sun/security/util/DerValue/BadValue.java
+ - S8236984: Add compatibility wrapper for IOUtils.readFully
+ * Use the hotspot arch list to select between hotspot and zero as
+ the default VM for autopkgtests. This fixes s390x (zero based)
+ autopkgtest support.
+
+ -- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Fri, 17 Jan 2020 17:37:33 +0000
+
+ openjdk-8 (8u242-b04-1) unstable; urgency=medium
+
+ * Update to 8u242-b04 (early access build).
+
+ -- Matthias Klose <doko@ubuntu.com> Mon, 06 Jan 2020 20:59:40 +0100
+
+ openjdk-8 (8u232-b09-1) unstable; urgency=high
+
+ * Update to OpenJDK 8u232-b09 (GA). Updated aarch32 to 8u232-b09.
+ * Security fixes:
+ - S8167646: Better invalid FilePermission.
+ - S8213429, CVE-2019-2933: Windows file handling redux.
+ - S8218573, CVE-2019-2945: Better socket support.
+ - S8218877: Help transform transformers.
+ - S8220186: Improve use of font temporary files.
+ - S8220302, CVE-2019-2949: Better Kerberos ccache handling.
+ - S8221497: Optional Panes in Swing.
+ - S8221858, CVE-2019-2958: Build Better Processes.
+ - S8222684, CVE-2019-2964: Better support for patterns.
+ - S8222690, CVE-2019-2962: Better Glyph Images.
+ - S8223163: Better pattern recognition.
+ - S8223505, CVE-2019-2973: Better pattern compilation.
+ - S8223518, CVE-2019-2975: Unexpected exception in jjs.
+ - S8223892, CVE-2019-2978: Improved handling of jar files.
+ - S8224025: Fix for JDK-8220302 is not complete.
+ - S8224532, CVE-2019-2981: Better Path supports.
+ - S8224915, CVE-2019-2983: Better serial attributes.
+ - S8225286, CVE-2019-2987: Better rendering of native glyphs.
+ - S8225292, CVE-2019-2988: Better Graphics2D drawing.
+ - S8225298, CVE-2019-2989: Improve TLS connection support.
+ - S8225597, CVE-2019-2992: Enhance font glyph mapping.
+ - S8226765, CVE-2019-2999: Commentary on Javadoc comments.
+ - S8227129: Better ligature for subtables.
+ - S8227601: Better collection of references.
+ - S8228825, CVE-2019-2894: Enhance ECDSA operations.
+
+ -- Matthias Klose <doko@ubuntu.com> Thu, 17 Oct 2019 22:41:19 +0200
+
+ openjdk-8 (8u232-b07-2) unstable; urgency=medium
+
+ * Update to 8u232-b07 (early access build).
+
+ [ Matthias Klose ]
+ * Refresh patches.
+ * openjdk-8-jdk-headless: Add Breaks/Replaces for moved clhsdb binary.
+ LP: #1845873.
+ * debian/tests/control: Depend on g++ instead of build-essential or libc6-dev.
+ * Bump standards vesion.
+
+ [ Tiago Stürmer Daitx ]
+ * Improve and fix build tests and autopkgtests:
+ - Update debian/tests/hotspot,jdk,langtools to ignore
+ jtreg-autopkgtest.sh return code.
+ - Create debian/tests/jtdiff-autopkgtest.in as it depends
+ on debian/rules variables.
+ - debian/control.in, debian/control: add default-jre-headless
+ to Build-Depends with a nocheck clause as jtreg requires
+ a JRE in /usr/lib/jvm/default-java.
+ - debian/tests/control:
+ + Add zip and unzip test dependencies required by jdk's
+ test/sun/security/tools/jarsigner/diffend.sh and
+ test/sun/security/tools/jarsigner/emptymanifest.sh.
+ + Depend on default-jre-headless so jtreg will use the
+ JRE from /usr/lib/jvm/default-java.
+ - debian/tests/jtdiff-autopkgtest.sh:
+ + Fail only if an actual regression is detected.
+ + Add the super-diff comparison from jtdiff.
+ + Save failed jtr files for all runs.
+ - debian/tests/jtreg-autopkgtest.sh:
+ + Enable retry of failed tests to trim out flaky tests.
+ + Fix unbound variable.
+ + Keep .jtr files from failed tests only.
+ - debian/patches/jdk-problem-list.diff: ignore failing tests
+ that require more investigation.
+ - debian/rules:
+ + Preserve all JTreport directories in the test output
+ directory.
+ + Use JDK_DIR instead of JDK_TO_TEST for autopkgtest
+ generation.
+ + Package all .jtr files from JTwork as jtreg-autopkgtest.sh
+ makes sure it contains only failed tests.
+ * debian/tests/jdk: add our custom debian/tests/jdk-problem-list.txt to the
+ exclusion list.
+ * debian/tests/jdk-problem-list.txt: custom exclusion rules for jdk tests
+ that fail to run during a build or autopkgtest run.
+ * debian/rules: remove debian/patches/jdk-problem-list.diff.
+ * debian/patches/jdk-problem-list.diff: jtreg allows for extra exclusion
+ files thus there's no need to patch upstream's exclusion list.
+ * debian/tests/control: mark all autopkgtests as flaky.
+ * debian/tests/hotspot-archs: generated by debian/rules, contains a list of
+ archs that supports a hotspot vm.
+ * debian/tests/jdk: run only when the host arch is a hotspot vm - allow
+ override through an environment variable.
+ * debian/rules: update gen-autopkgtests to echo supported hotspot archs.
+
+ -- Matthias Klose <doko@ubuntu.com> Tue, 01 Oct 2019 13:49:35 +0200
+
+ openjdk-8 (8u232-b04-1) experimental; urgency=medium
+
+ * Update to 8u232-b04 (early access build).
+ * Refresh patches.
+
+ -- Matthias Klose <doko@ubuntu.com> Fri, 06 Sep 2019 18:03:11 +0200
+
+ openjdk-8 (8u222-b10-1) unstable; urgency=high
+
+ * Update to 8u222-b10 (except for AArch32, updated to b08).
+ - Security fixes:
+ - S8191073: JpegImageReader throws IndexOutOfBoundsException when
+ trying to read image data from tables-only image.
+ - S8208698, CVE-2019-2745: Improved ECC Implementation.
+ - S8212328, CVE-2019-2762: Exceptional throw cases.
+ - S8213431, CVE-2019-2766: Improve file protocol handling.
+ - S8213432, CVE-2019-2769: Better copies of CopiesList.
+ - S8216381, CVE-2019-2786: More limited privilege usage.
+ - S8217563: Improve realm maintenance.
+ - S8218863: Better endpoint checks.
+ - S8218873: Improve JSSE endpoint checking.
+ - S8218876, CVE-2019-7317: Improve PNG support options.
+ - S8219018: Adjust positions of glyphs.
+ - S8219020: Table alternate substitutions.
+ - S8219775: Certificate validation improvements.
+ - S8220192: Better outlook for SecureRandom.
+ - S8220517: Enhanced GIF support.
+ - S8221518, CVE-2019-2816: Normalize normalization.
+ - S8223511, CVE-2019-2842: Extended AES support.
+
+ [ Matthias Klose ]
+ * Bump standards version.
+
+ [ Tiago Stürmer Daitx ]
+ * Backport fix for S8223511 for AArch32.
+
+ -- Matthias Klose <doko@ubuntu.com> Thu, 18 Jul 2019 18:57:23 +0200
+
+ openjdk-8 (8u222-b07-3) unstable; urgency=medium
+
+ * Upload to unstable.
+
+ -- Matthias Klose <doko@debian.org> Sun, 07 Jul 2019 22:02:56 +0200
+
+ openjdk-8 (8u222-b07-2) experimental; urgency=medium
+
+ * Remove AArch32 patches, applied upstream.
+ * Fix build dependencies for Ubuntu precise builds.
+
+ -- Matthias Klose <doko@ubuntu.com> Sat, 29 Jun 2019 11:17:16 +0200
+
+ openjdk-8 (8u222-b07-1) experimental; urgency=medium
+
+ * Update to 8u222-b07.
+
+ -- Matthias Klose <doko@ubuntu.com> Sat, 29 Jun 2019 10:48:23 +0200
+
+ openjdk-8 (8u222-b05-1) experimental; urgency=medium
+
+ [ Matthias Klose ]
+ * Update to 8u222-b05 (except for AArch32).
+ * Apply suggested hotspot fixes for AArch32.
+ * Re-enable running the testsuite.
+
+ [ Tiago Stürmer Daitx ]
+ * Find any hs_err_pid files generated during the build and send to stdout.
+
+ -- Matthias Klose <doko@ubuntu.com> Mon, 10 Jun 2019 15:03:02 +0200
+
+ openjdk-8 (8u222-b04-3) experimental; urgency=medium
+
+ * Update ARM32 to jdk8u222-b04-aarch32-190603.
+ * Regenerate the ppc64el patch.
+ * Remove unused patches ppc64le-8036767 and zero-opt.
+
+ -- Matthias Klose <doko@ubuntu.com> Fri, 07 Jun 2019 09:14:38 +0200
+
+ openjdk-8 (8u222-b04-1) experimental; urgency=medium
+
+ * Update to 8u222-b04.
+ * Update ARM32 to jdk8u212-b04-aarch32-190430.
+ * Fix 32bit zero builds.
+
+ -- Matthias Klose <doko@ubuntu.com> Mon, 03 Jun 2019 12:11:07 +0200
+
+ openjdk-8 (8u212-b03-3) UNRELEASED; urgency=medium
+
+ * Use -a instead of -s for debhelper tools.
+
+ -- Matthias Klose <doko@ubuntu.com> Tue, 28 May 2019 14:10:32 +0200
+
+ openjdk-8 (8u212-b03-2) unstable; urgency=medium
+
+ * Don't apply the 8221355 fix for ARM builds.
+ * Don't configure --with-vendor-name on stable releases.
+ * Fix the jpeg runtime dependency for the build in unstable.
+
+ -- Matthias Klose <doko@ubuntu.com> Tue, 28 May 2019 10:14:27 +0200
+
+ openjdk-8 (8u212-b03-1) unstable; urgency=medium
+
+ [ Matthias Klose ]
+ * Configure --with-vendor-name.
+ * 8221355: Fix performance regression after JDK-8155635 backport into 8u.
+
+ [ Tiago Stürmer Daitx ]
+ * Update to 8u212-b03. LP: #1826001.
+ * Security fixes:
+ - S8211936, CVE-2019-2602: Better String parsing.
+ - S8218453, CVE-2019-2684: More dynamic RMI interactions.
+ - S8219066, CVE-2019-2698: Fuzzing TrueType fonts: setCurrGlyphID().
+ * Revert to GTK2 as default since GTK3 still has padding and component
+ issues:
+ - debian/rules: always Build-Depends on libgtk2.0-dev and Depends on
+ libgtk2.0-0 instead of relying on gtk3 for some releases.
+ * debian/control: add missing dependency on testng (required by the
+ testsuites).
+
+ [ Andrej Shadura ]
+ * debian/rules: check for nodoc instead of nodocs in DEB_BUILD_OPTIONS.
+ Closes: 922757.
+
+ [ Matthias Klose ]
+ * debian/rules, debian/tests/jtdiff-autopkgtest.sh,
+ debian/tests/jtreg-autopkgtest.in, debian/tests/jtreg-autopkgtest.sh:
+ only set the JDK under test and allow jtreg to use its default JDK
+ for running the tests.
+
+ [ Thorsten Glaser ]
+ * Improve compatibility with older releases. Closes: #925407.
+ - debian/rules: determine source date using backwards-compatible
+ dpkg-parsechangelog call.
+ - debian/control.in: put @bd_cross@ onto same line as @bd_nss@ as
+ it can be empty.
+
+ -- Matthias Klose <doko@ubuntu.com> Mon, 29 Apr 2019 14:51:40 +0200
openjdk-8 (8u212-b01-1) unstable; urgency=medium
projects / openjdk-8.git / commitdiff