From: Raspbian automatic forward porter Date: Tue, 28 Dec 2021 19:27:54 +0000 (+0000) Subject: Merge version 8u212-b01-1+rpi1 and 8u312-b07-1 to produce 8u312-b07-1+rpi1 X-Git-Tag: archive/raspbian/8u312-b07-1+rpi1~1 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b931a45570c81fce7312e50f67b3d0ecbbd151d4;p=openjdk-8.git Merge version 8u212-b01-1+rpi1 and 8u312-b07-1 to produce 8u312-b07-1+rpi1 --- b931a45570c81fce7312e50f67b3d0ecbbd151d4 diff --cc debian/changelog index b1b137d,6da3d57..a89ed8f --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,781 +1,789 @@@ - openjdk-8 (8u212-b01-1+rpi1) buster-staging; urgency=medium ++openjdk-8 (8u312-b07-1+rpi1) bullseye-staging; urgency=medium + ++ [changes brought forward from 8u212-b01-1+rpi1 by Peter Michael Green at Fri, 29 Mar 2019 13:54:02 +0000] + * Add latomic to ldflags + * Disable testsuite. + - -- Peter Michael Green Fri, 29 Mar 2019 13:54:02 +0000 ++ -- Raspbian forward porter Tue, 28 Dec 2021 19:27:54 +0000 ++ + openjdk-8 (8u312-b07-1) unstable; urgency=medium + + * New upstream release (GA) + * Security fixes: + - JDK-8130183, CVE-2021-35588: InnerClasses: VM permits wrong + Throw ClassFormatError if InnerClasses attribute's + inner_class_info_index is 0 + - JDK-8161016: Strange behavior of URLConnection with proxy + - JDK-8163326, CVE-2021-35550: Update the default enabled cipher + suites preference + - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on + TLS session close + - JDK-8263314: Enhance XML Dsig modes + - JDK-8265167, CVE-2021-35556: Richer Text Editors + - JDK-8265574: Improve handling of sheets + - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit + - JDK-8265776: Improve Stream handling for SSL + - JDK-8266097, CVE-2021-35561: Better hashing support + - JDK-8266103: Better specified spec values + - JDK-8266109: More Resilient Classloading + - JDK-8266115: More Manifest Jar Loading + - JDK-8266137, CVE-2021-35564: Improve Keystore integrity + - JDK-8266689, CVE-2021-35567: More Constrained Delegation + - JDK-8267086: ArrayIndexOutOfBoundsException in + java.security.KeyFactory.generatePublic + - JDK-8267712: Better LDAP reference processing + - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking + - JDK-8267735, CVE-2021-35586: Better BMP support + - JDK-8268193: Improve requests of certificates + - JDK-8268199: Correct certificate requests + - JDK-8268506: More Manifest Digests + - JDK-8269618, CVE-2021-35603: Better session identification + - JDK-8269624: Enhance method selection support + - JDK-8270398: Enhance canonicalization + - JDK-8270404: Better canonicalization + * Other changes: see + https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-October/014373.html + * Policy 4.6.1, no relevant changes + * d/copyright: Apply changes since 8u302 + * Upload sponsored by ⮡ tarent + + -- Thorsten Glaser Fri, 05 Nov 2021 23:57:58 +0000 + + openjdk-8 (8u302-b08-1) unstable; urgency=medium + + * New upstream release (GA) + * Security fixes: + - JDK-8256157: Improve bytecode assembly + - JDK-8256491: Better HTTP transport + - JDK-8258432, CVE-2021-2341: Improve file transfers + - JDK-8260453: Improve Font Bounding + - JDK-8260960: Signs of jarsigner signing + - JDK-8260967, CVE-2021-2369: Better jar file validation + - JDK-8262380: Enhance XML processing passes + - JDK-8262403: Enhanced data transfer + - JDK-8262410: Enhanced rules for zones + - JDK-8262477: Enhance String Conclusions + - JDK-8262967: Improve Zip file support + - JDK-8264066, CVE-2021-2388: Enhance compiler validation + - JDK-8264079: Improve abstractions + - JDK-8264460: Improve NTLM support + * Other changes: see + https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-July/014118.html + * Add or update d/copyright lines, based on diffing upstream changes + * Refresh all patches that are actually used and drop no longer needed + d/p/compare-pointer-with-literal.patch + * Fix spelling in d/rules + * Upload sponsored by ⮡ tarent + + -- Thorsten Glaser Thu, 29 Jul 2021 20:45:23 +0200 + + openjdk-8 (8u292-b10-3) unstable; urgency=medium + + * Re-upload with actually regenerated debian/control, oops + + -- Thorsten Glaser Thu, 24 Jun 2021 00:05:48 +0200 + + openjdk-8 (8u292-b10-2) unstable; urgency=low + + * Fix regression in /etc/java-8-openjdk/accessibility.properties + * Drop Suggests nōnexistent icedtea-8-plugin + * Fix binfmts error with patch from bug (Closes: #822348) + * Create /usr/share/man/man1 if it doesn’t exist, for crippled + container images (Closes: #863199) + * Provide java-runtime{,-headless} (Closes: #906111) + * Mark openjdk-8-doc as M-A:foreign + * Update “It was downloaded from” in d/copyright (cf. #970517) + + -- Thorsten Glaser Tue, 15 Jun 2021 22:23:01 +0200 + + openjdk-8 (8u292-b10-1) unstable; urgency=medium + + * Source-only upload after the previous bootstrap binary one + * Change -Xmx1024m to -Xmx1000m in icedtea-sound compilation + to work with mipsel’s memory layout (and sh4) + * Don’t set old-style ALT_ environment variables, they are ignored + * Create the origtgz in a hopefully reproducible way + * Merge openjdk-8 (8u292-b10-0+deb9u1) + - Revert bogus reversion of changes from previous uploads + - Add missing changelog entry for 8u275 + - Revert *buntu ESM-related changes + - Undo an inconsistency in fetch-orig + * Fix whitespace + * Upgrade aarch32 to 8u292 GA + * Build with reproducible LC_ALL=C setting + * Obtain origtgz from https or, when not possible (icedtea-sound), + check SHA256 against one I manually downloaded and checked, using + the (expired…) key from pyconfigure’s signing keyring, which, + unlike the keyserver network, contains the key used + * Abort fetching origtgz if it fails, don’t soldier on to fail later + * Document reasons some tests fail (more building on older releases) + * Update lintian overrides (for sid) + + -- Thorsten Glaser Mon, 26 Apr 2021 17:00:54 +0200 + + openjdk-8 (8u292-b10-0+deb9u1) stretch-security; urgency=medium + + * Merge with Ubuntu. + * Update to 8u292-b10 (GA). + + -- Emilio Pozuelo Monfort Wed, 21 Apr 2021 13:13:15 +0200 + + openjdk-8 (8u292-b10-0ubuntu1) hirsute; urgency=medium + + * Update to 8u292-b10 (GA). + * Security fixes + - JDK-8227467: Better class method invocations + - JDK-8244473: Contextualize registration for JNDI + - JDK-8244543: Enhanced handling of abstract classes + - JDK-8249906, CVE-2021-2163: Enhance opening JARs + - JDK-8250568, CVE-2021-2161: Less ambiguous processing + - JDK-8253799: Make lists of normal filenames + * Other changes: + See https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-April/013680.html + + -- Matthias Klose Wed, 21 Apr 2021 12:25:15 +0200 + + openjdk-8 (8u282-b08-2) unstable; urgency=medium + + * Reupload to sid, under new maintainership (Debian Java team); + cf. https://lists.debian.org/debian-java/2021/03/msg00021.html + (and surrounding thread); sponsored by ⮡ tarent + * Readd improvements from 8u275-b01-1, lost changelog entries + * Add NEWS to openjdk-8-jre-headless (because all other depend on + that) regarding OpenJDK 8 not being supported + * Use GCC 10 to build on bullseye, sid, groovy and hirsute (that + means GCC 9 on focal only) (Closes: #978519) + * Silence postinst warning about removed -XX:PermSize option + * Switch to mktemp(1) + * Drop unused patches (keep a couple which just need updating) + * Update README.source a little + * G/C long-dead code from postinst, too + * If the testsuite is disabled during generation of debian/control + omit test-only dependencies + * Upload with binaries built using the previous openjdk-8 binaries + because openjdk-8-jdk is required for bootstrapping; 7 works but + 11 cannot be used :/ a source-only upload will follow + * Skip testsuite for first bootstrap, saving lots of time/CPU + * Address some issues lintian reported; update a number of overrides + + -- Thorsten Glaser Fri, 26 Mar 2021 00:48:09 +0100 + + openjdk-8 (8u282-b08-1) bullseye; urgency=medium + + * Team upload. + * Provide builds for bullseye/sid (for a personal repository), + buster (for the same), stretch (for LTS), jessie (for ELTS) + and wheezy (also for that personal repository) + * Move @bd_bootstrap@ high up in Build-Depends so the resolver tries + to fulfil it first + * Require an openjdk-8 to bootstrap (a previous build) + * Let openjdk-8-jre-headless fulfill default-jre-headless (>= 2:1.8) + in ; the latter is only used with distros whose default + JRE is older than 8, to avoid accidental use of 11 + + -- Thorsten Glaser Sun, 14 Feb 2021 00:42:46 +0100 + + openjdk-8 (8u282-b08-0ubuntu1) hirsute; urgency=medium + + * Update to 8u282-b08 (GA). + * Update AArch64 hotspot to 8u282-b07 and AArch32 hotspot to 8u282-b07. + + -- Tiago Stürmer Daitx Wed, 20 Jan 2021 00:48:04 +0000 + + openjdk-8 (8u282-b07-0ubuntu1) hirsute; urgency=medium + + * Update to 8u282-b07 (early access build). + * Update AArch64 hotspot to 8u282-b03 and AArch32 hotspot to 8u282-b06. + * Update patches. + + -- Tiago Stürmer Daitx Thu, 07 Jan 2021 00:16:35 +0000 + + openjdk-8 (8u275-b01-1~deb9u1) stretch-security; urgency=medium + + * Team upload. + * Provide 8u275-b01 (GA) regression fixes + + -- Thorsten Glaser Wed, 02 Dec 2020 11:15:53 +0100 + + openjdk-8 (8u275-b01-1) unstable; urgency=medium + + * Team upload. + * Merge back into Debian + - Revert Maintainer change + * Drop unused patch (which is already merged upstream) + * Correct hg_tag, hg_tag_aarch64, hg_tag_aarch32 in debian/rules + * Really update the origtgz to 8u275 instead of hackedly patching + * Quell some lintian warnings + + -- Thorsten Glaser Wed, 02 Dec 2020 09:51:35 +0100 + + openjdk-8 (8u275-b01-0ubuntu1) hirsute; urgency=medium + + * Update to 8u275-b01 (GA). Patch aarch32 and aarch64 to 8u275-b01. + * Regression fixes: + - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate" + - JDK-8223940: Private key not supported by chosen signature algorithm + - JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding + - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) + + -- Tiago Stürmer Daitx Mon, 09 Nov 2020 02:08:45 +0000 + + openjdk-8 (8u272-b10-1) unstable; urgency=medium + + * Team upload. + * Upload latest security fixes (thanks!) to sid + + -- Thorsten Glaser Mon, 26 Oct 2020 21:29:16 +0100 + + openjdk-8 (8u272-b10-0ubuntu1) hirsute; urgency=medium + + * Update to 8u272-b10 (GA). Patch aarch32 to 8u272-b10. + * Security fixes: + - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class. + - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts. + - JDK-8237995, CVE-2020-14782: Enhance certificate processing. + - JDK-8241114, CVE-2020-14792: Better range handling. + - JDK-8242680, CVE-2020-14796: Improved URI Support. + - JDK-8242685, CVE-2020-14797: Better Path Validation. + - JDK-8242695, CVE-2020-14798: Enhanced buffer support. + - JDK-8244136, CVE-2020-14803: Improved Buffer supports. + - JDK-8233624: Enhance JNI linkage. + - JDK-8236196: Improve string pooling. + - JDK-8240124: Better VM Interning. + - JDK-8243302: Advanced class supports. + - JDK-8244479: Further constrain certificates. + - JDK-8244955: Additional Fix for JDK-8240124. + - JDK-8245407: Enhance zoning of times. + - JDK-8245412: Better class definitions. + - JDK-8245417: Improve certificate chain handling. + - JDK-8248574: Improve jpeg processing. + - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit. + - JDK-8253019: Enhanced JPEG decoding. + * New features: + - JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7. + + -- Tiago Stürmer Daitx Thu, 22 Oct 2020 00:12:59 +0000 + + openjdk-8 (8u272-b10-0+deb9u1) stretch-security; urgency=medium + + * Update to 8u272-b10 (GA). + * Security fixes: + - JDK-8233624: Enhance JNI linkage + - JDK-8236196: Improve string pooling + - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class + - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts + - JDK-8237995, CVE-2020-14782: Enhance certificate processing + - JDK-8240124: Better VM Interning + - JDK-8241114, CVE-2020-14792: Better range handling + - JDK-8242680, CVE-2020-14796: Improved URI Support + - JDK-8242685, CVE-2020-14797: Better Path Validation + - JDK-8242695, CVE-2020-14798: Enhanced buffer support + - JDK-8243302: Advanced class supports + - JDK-8244136, CVE-2020-14803: Improved Buffer supports + - JDK-8244479: Further constrain certificates + - JDK-8244955: Additional Fix for JDK-8240124 + - JDK-8245407: Enhance zoning of times + - JDK-8245412: Better class definitions + - JDK-8245417: Improve certificate chain handling + - JDK-8248574: Improve jpeg processing + - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit + - JDK-8253019: Enhanced JPEG decoding + + -- Emilio Pozuelo Monfort Wed, 21 Oct 2020 23:52:22 +0200 + + openjdk-8 (8u272~b09-0ubuntu1) groovy; urgency=medium + + * Update to 8u272-b09 (early access build). + * Update AArch64 hotspot to 8u252-b08 (no hotspot changes to b09). + + -- Tiago Stürmer Daitx Thu, 08 Oct 2020 14:57:35 +0000 + + openjdk-8 (8u265-b01-1) unstable; urgency=medium + + * Team upload. + * Upload to unstable (no comment…). Thanks! + + -- Thorsten Glaser Thu, 13 Aug 2020 21:26:36 +0200 + + openjdk-8 (8u265-b01-0+deb9u1) stretch-security; urgency=medium + + * Non-maintainer upload by the LTS Team. + * Merge changes from 8u265-b01-0ubuntu2. + + -- Emilio Pozuelo Monfort Wed, 12 Aug 2020 10:17:29 +0200 + + openjdk-8 (8u265-b01-0ubuntu2) groovy; urgency=medium + + * Improve build times and autopkgtest runs by ignoring time + consuming tests when running on zerovm and armhf systems. + - debian/tests/hotspot: exclude slow hotspot tests for + zerovm hotspot or armhf machines. + - debian/tests/hotspot-problem-list-slow.txt: define a list + of long running hotspot tests. + - debian/tests/jdk-problem-list.txt: add a list of long + running jdk tests for linux-arm (armhf) systems. + - debian/tests/jtreg-autopkgtest.in: reduce retries from + 3 to 2 in order to save time. + - debian/tests/jtreg-autopkgtest.sh: regenerated. + + -- Tiago Stürmer Daitx Sat, 01 Aug 2020 21:41:17 +0000 + + openjdk-8 (8u265-b01-0ubuntu1) groovy; urgency=medium + + * Update to 8u265-b01 (GA). + * Bug fixes: + - JDK-8249677: Regression in 8u after JDK-8237117: Better + ForkJoinPool behavior. + - JDK-8250546: Expect changed behaviour reported in JDK-8249846. + + -- Tiago Stürmer Daitx Sat, 01 Aug 2020 17:50:43 +0000 + + openjdk-8 (8u262-b10-0ubuntu2) groovy; urgency=medium + + * d/p/jdk-8249677.patch: fix regression introduced by JDK-8237117. + + -- Tiago Stürmer Daitx Thu, 22 Jul 2020 20:53:08 +0000 + + openjdk-8 (8u262-b10-0ubuntu1) groovy; urgency=medium + + * Update to 8u262-b10 (GA). Update aarch32 to 8u262-b09 (no + hotspot changes between b09 and b10). + * Security fixes: + - JDK-8028431, CVE-2020-14579: NullPointerException in + DerValue.equals(DerValue) + - JDK-8028591, CVE-2020-14578: NegativeArraySizeException in + sun.security.util.DerInputStream.getUnalignedBitString() + - JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior + - JDK-8237592, CVE-2020-14577: Enhance certificate verification + - JDK-8238002, CVE-2020-14581: Better matrix operations + - JDK-8238920, CVE-2020-14583: Better Buffer support + - JDK-8240119, CVE-2020-14593: Less Affine Transformations + - JDK-8242136, CVE-2020-14621: Better XML namespace handling + - JDK-8230613: Better ASCII conversions + - JDK-8231800: Better listing of arrays + - JDK-8232014: Expand DTD support + - JDK-8233255: Better Swing Buttons + - JDK-8234032: Improve basic calendar services + - JDK-8234042: Better factory production of certificates + - JDK-8234418: Better parsing with CertificateFactory + - JDK-8234836: Improve serialization handling + - JDK-8236191: Enhance OID processing + - JDK-8238804: Enhance key handling process + - JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable + - JDK-8238843: Enhanced font handing + - JDK-8238925: Enhance WAV file playback + - JDK-8240482: Improved WAV file playback + - JDK-8241379: Update JCEKS support + - JDK-8241522: Manifest improved jar headers redux + * debian/patches/zero-x32.diff: remove SocketImpl.c hunks which + have been applied upstream. + * debian/patches/default-jvm-cfg-default.diff: fixed fuzz. + * debian/patches/pass-extra-flags.diff: fixed fuzz. + * debian/patches/system-lcms.diff: fixed fuzz. + + -- Tiago Stürmer Daitx Wed, 24 Jun 2020 21:29:14 +0000 + + openjdk-8 (8u252-b09-1ubuntu1) focal; urgency=medium + + * Build without atk-wrapper on i386 in focal. + + -- Matthias Klose Thu, 16 Apr 2020 10:47:49 +0200 + + openjdk-8 (8u252-b09-1) unstable; urgency=medium + + * Update to OpenJDK 8u252-b09 (GA). Updated aarch32 to 8u252-b08 (no + hotspot changes between b08 and b09). + * Security fixes + - JDK-8223898, CVE-2020-2754: Forward references to Nashorn + - JDK-8223904, CVE-2020-2755: Improve Nashorn matching + - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs + - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues + - JDK-8225603: Enhancement for big integers + - JDK-8227542: Manifest improved jar headers + - JDK-8231415, CVE-2020-2773: Better signatures in XML + - JDK-8233250: Better X11 rendering + - JDK-8233410: Better Build Scripting + - JDK-8234027: Better JCEKS key support + - JDK-8234408, CVE-2020-2781: Improve TLS session handling + - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers + - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers + - JDK-8235274, CVE-2020-2805: Enhance typing of methods + - JDK-8236201, CVE-2020-2830: Better Scanner conversions + - JDK-8238960: linux-i586 builds are inconsistent as the newly build + jdk is not able to reserve enough space for object heap + * Other changes + - JDK-8005819: Support cross-realm MSSFU + - JDK-8022263: use same Clang warnings on BSD as on Linux + - JDK-8038631: Create wrapper for awt.Robot with additional functionality + - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex + assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor + is invalid + - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and + some unit tests + - JDK-8068184: Fix for JDK-8032832 caused a deadlock + - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature + - JDK-8132130: some docs cleanup + - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit + - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods + is not optimal + - JDK-8144446: Automate the Marlin crash test + - JDK-8144526: Remove Marlin logging use of deleted internal API + - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats + - JDK-8144654: Improve Marlin logging + - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with + huge coordinates and round joins + - JDK-8166976: TestCipherPBECons has wrong @run line + - JDK-8167409: Invalid value passed to critical JNI function + - JDK-8181872: C1: possible overflow when strength reducing integer multiply + by constant + - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT + - JDK-8191227: issues with unsafe handle resolution + - JDK-8197441: Signature#initSign/initVerify for an invalid + private/public key fails with ClassCastException for SunPKCS11 provider + - JDK-8204152: SignedObject throws NullPointerException for null keys with + an initialized Signature object + - JDK-8215756: Memory leaks in the AWT on macOS + - JDK-8216472: (se) Stack overflow during selection operation leads to crash + - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from + mtInternal to mtThread + - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected + exceptions + - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts + test + - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test + - JDK-8229022: BufferedReader performance can be improved by using + StringBuilder + - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC + - JDK-8229872: (fs) Increase buffer size used with getmntent + - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey + cause Exception + - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type + - JDK-8235744: PIT: + test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in + linux-x64 + - JDK-8235904: Infinite loop when rendering huge lines + - JDK-8236179: C1 register allocation error with T_ADDRESS + - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read + - JDK-8240521: Revert backport of 8231584: Deadlock with + ClassLoader.findLibrary and System.loadLibrary call + - JDK-8241296: Segfault in JNIHandleBlock::oops_do() + - JDK-8241307: Marlin renderer should not be the default in 8u252 + * Build using GCC 9 in unstable. Closes: #944184. + + -- Matthias Klose Wed, 15 Apr 2020 15:38:21 +0200 + + openjdk-8 (8u252-b07-1) unstable; urgency=medium + + * Update to 8u252-b07 (early access build). + * Update ARM32 and AArch64 hotspot to 8u252-b06. + * Build using GCC 9 in recent releases. + + -- Matthias Klose Thu, 26 Mar 2020 12:57:56 +0100 + + openjdk-8 (8u242-b08-1) unstable; urgency=medium + + * Merge changes from 8u242-b08-0ubuntu3 back into Debian + * Fix nocheck profile (no profile support) for wheezy + * Version !nocheck default-jre-headless build dependency + to ensure at least Java 8 there as well; avoids needing to + install two JREs when building in pre-{stretch,xenial} + * Update aarch64 to GA jdk8u242-b08, aarch32 to jdk8u242-ga + * Bump Policy + + -- Thorsten Glaser Thu, 06 Feb 2020 19:12:24 +0100 + + openjdk-8 (8u242-b08-0ubuntu3) focal; urgency=medium + + * OpenJDK 8u242-b08 build (release). + - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities + - S8228548, CVE-2020-2593: Normalize normalization for all + - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets + - S8229951, CVE-2020-2601: Better Ticket Granting Services + - S8231422, CVE-2020-2604: Better serial filter handling + - S8231795, CVE-2020-2659: Enhance datagram socket support + - S8234037, CVE-2020-2654: Improve Object Identifier Processing + - S8037550: Update RFC references in javadoc to RFC 5280 + - S8039438: Some tests depend on internal API sun.misc.IOUtils + - S8044500: Add kinit options and krb5.conf flags that allow users + to obtain renewable tickets and specify ticket lifetimes + - S8058290: JAAS Krb5LoginModule has suspect ticket-renewal logic, + relies on clockskew grace + - S8080835: Add blocking bulk read to sun.misc.IOUtils + - S8138978: Examine usages of sun.misc.IOUtils + - S8139206: Add InputStream readNBytes(int len) + - S8183591: Incorrect behavior when reading DER value with + Integer.MAX_VALUE length + - S8186576: KerberosTicket does not properly handle renewable + tickets at the end of their lifetime + - S8186831: Kerberos ignores PA-DATA with a non-null s2kparams + - S8186884: Test native KDC, Java krb5 lib, and native krb5 lib in + one test + - S8193832: Performance of InputStream.readAllBytes() could be improved + - S8196956: (ch) More channels cleanup + - S8201627: Kerberos sequence number issues + - S8215032: Support Kerberos cross-realm referrals (RFC 6806) + - S8225261: Better method resolutions + - S8225279: Better XRender interpolation + - S8226719: Kerberos login to Windows 2000 failed with "Inappropriate + type of checksum in message" + - S8227061: KDC.java test behaves incorrectly when AS-REQ contains a + PAData not PA-ENC-TS-ENC + - S8227381: GSS login fails with PREAUTH_FAILED + - S8227437: S4U2proxy cannot continue because server's TGT cannot be found + - S8227758: More valid PKIX processing + - S8227816: More Colorful ICC profiles + - S8230279: Improve Pack200 file reading + - S8230318: Better trust store usage + - S8230967: Improve Registry support of clients + - S8231129: More glyph images + - S8231139: Improved keystore support + - S8232381: add result NULL-checking to freetypeScaler.c + - S8232419: Improve Registry registration + - S8233944: Make KerberosPrincipal.KRB_NT_ENTERPRISE field package private + - S8235909: File.exists throws AccessControlException for invalid + paths when a SecurityManager is installed + - S8236983: [TESTBUG] Remove pointless catch block in + test/jdk/sun/security/util/DerValue/BadValue.java + - S8236984: Add compatibility wrapper for IOUtils.readFully + * Use the hotspot arch list to select between hotspot and zero as + the default VM for autopkgtests. This fixes s390x (zero based) + autopkgtest support. + + -- Tiago Stürmer Daitx Fri, 17 Jan 2020 17:37:33 +0000 + + openjdk-8 (8u242-b04-1) unstable; urgency=medium + + * Update to 8u242-b04 (early access build). + + -- Matthias Klose Mon, 06 Jan 2020 20:59:40 +0100 + + openjdk-8 (8u232-b09-1) unstable; urgency=high + + * Update to OpenJDK 8u232-b09 (GA). Updated aarch32 to 8u232-b09. + * Security fixes: + - S8167646: Better invalid FilePermission. + - S8213429, CVE-2019-2933: Windows file handling redux. + - S8218573, CVE-2019-2945: Better socket support. + - S8218877: Help transform transformers. + - S8220186: Improve use of font temporary files. + - S8220302, CVE-2019-2949: Better Kerberos ccache handling. + - S8221497: Optional Panes in Swing. + - S8221858, CVE-2019-2958: Build Better Processes. + - S8222684, CVE-2019-2964: Better support for patterns. + - S8222690, CVE-2019-2962: Better Glyph Images. + - S8223163: Better pattern recognition. + - S8223505, CVE-2019-2973: Better pattern compilation. + - S8223518, CVE-2019-2975: Unexpected exception in jjs. + - S8223892, CVE-2019-2978: Improved handling of jar files. + - S8224025: Fix for JDK-8220302 is not complete. + - S8224532, CVE-2019-2981: Better Path supports. + - S8224915, CVE-2019-2983: Better serial attributes. + - S8225286, CVE-2019-2987: Better rendering of native glyphs. + - S8225292, CVE-2019-2988: Better Graphics2D drawing. + - S8225298, CVE-2019-2989: Improve TLS connection support. + - S8225597, CVE-2019-2992: Enhance font glyph mapping. + - S8226765, CVE-2019-2999: Commentary on Javadoc comments. + - S8227129: Better ligature for subtables. + - S8227601: Better collection of references. + - S8228825, CVE-2019-2894: Enhance ECDSA operations. + + -- Matthias Klose Thu, 17 Oct 2019 22:41:19 +0200 + + openjdk-8 (8u232-b07-2) unstable; urgency=medium + + * Update to 8u232-b07 (early access build). + + [ Matthias Klose ] + * Refresh patches. + * openjdk-8-jdk-headless: Add Breaks/Replaces for moved clhsdb binary. + LP: #1845873. + * debian/tests/control: Depend on g++ instead of build-essential or libc6-dev. + * Bump standards vesion. + + [ Tiago Stürmer Daitx ] + * Improve and fix build tests and autopkgtests: + - Update debian/tests/hotspot,jdk,langtools to ignore + jtreg-autopkgtest.sh return code. + - Create debian/tests/jtdiff-autopkgtest.in as it depends + on debian/rules variables. + - debian/control.in, debian/control: add default-jre-headless + to Build-Depends with a nocheck clause as jtreg requires + a JRE in /usr/lib/jvm/default-java. + - debian/tests/control: + + Add zip and unzip test dependencies required by jdk's + test/sun/security/tools/jarsigner/diffend.sh and + test/sun/security/tools/jarsigner/emptymanifest.sh. + + Depend on default-jre-headless so jtreg will use the + JRE from /usr/lib/jvm/default-java. + - debian/tests/jtdiff-autopkgtest.sh: + + Fail only if an actual regression is detected. + + Add the super-diff comparison from jtdiff. + + Save failed jtr files for all runs. + - debian/tests/jtreg-autopkgtest.sh: + + Enable retry of failed tests to trim out flaky tests. + + Fix unbound variable. + + Keep .jtr files from failed tests only. + - debian/patches/jdk-problem-list.diff: ignore failing tests + that require more investigation. + - debian/rules: + + Preserve all JTreport directories in the test output + directory. + + Use JDK_DIR instead of JDK_TO_TEST for autopkgtest + generation. + + Package all .jtr files from JTwork as jtreg-autopkgtest.sh + makes sure it contains only failed tests. + * debian/tests/jdk: add our custom debian/tests/jdk-problem-list.txt to the + exclusion list. + * debian/tests/jdk-problem-list.txt: custom exclusion rules for jdk tests + that fail to run during a build or autopkgtest run. + * debian/rules: remove debian/patches/jdk-problem-list.diff. + * debian/patches/jdk-problem-list.diff: jtreg allows for extra exclusion + files thus there's no need to patch upstream's exclusion list. + * debian/tests/control: mark all autopkgtests as flaky. + * debian/tests/hotspot-archs: generated by debian/rules, contains a list of + archs that supports a hotspot vm. + * debian/tests/jdk: run only when the host arch is a hotspot vm - allow + override through an environment variable. + * debian/rules: update gen-autopkgtests to echo supported hotspot archs. + + -- Matthias Klose Tue, 01 Oct 2019 13:49:35 +0200 + + openjdk-8 (8u232-b04-1) experimental; urgency=medium + + * Update to 8u232-b04 (early access build). + * Refresh patches. + + -- Matthias Klose Fri, 06 Sep 2019 18:03:11 +0200 + + openjdk-8 (8u222-b10-1) unstable; urgency=high + + * Update to 8u222-b10 (except for AArch32, updated to b08). + - Security fixes: + - S8191073: JpegImageReader throws IndexOutOfBoundsException when + trying to read image data from tables-only image. + - S8208698, CVE-2019-2745: Improved ECC Implementation. + - S8212328, CVE-2019-2762: Exceptional throw cases. + - S8213431, CVE-2019-2766: Improve file protocol handling. + - S8213432, CVE-2019-2769: Better copies of CopiesList. + - S8216381, CVE-2019-2786: More limited privilege usage. + - S8217563: Improve realm maintenance. + - S8218863: Better endpoint checks. + - S8218873: Improve JSSE endpoint checking. + - S8218876, CVE-2019-7317: Improve PNG support options. + - S8219018: Adjust positions of glyphs. + - S8219020: Table alternate substitutions. + - S8219775: Certificate validation improvements. + - S8220192: Better outlook for SecureRandom. + - S8220517: Enhanced GIF support. + - S8221518, CVE-2019-2816: Normalize normalization. + - S8223511, CVE-2019-2842: Extended AES support. + + [ Matthias Klose ] + * Bump standards version. + + [ Tiago Stürmer Daitx ] + * Backport fix for S8223511 for AArch32. + + -- Matthias Klose Thu, 18 Jul 2019 18:57:23 +0200 + + openjdk-8 (8u222-b07-3) unstable; urgency=medium + + * Upload to unstable. + + -- Matthias Klose Sun, 07 Jul 2019 22:02:56 +0200 + + openjdk-8 (8u222-b07-2) experimental; urgency=medium + + * Remove AArch32 patches, applied upstream. + * Fix build dependencies for Ubuntu precise builds. + + -- Matthias Klose Sat, 29 Jun 2019 11:17:16 +0200 + + openjdk-8 (8u222-b07-1) experimental; urgency=medium + + * Update to 8u222-b07. + + -- Matthias Klose Sat, 29 Jun 2019 10:48:23 +0200 + + openjdk-8 (8u222-b05-1) experimental; urgency=medium + + [ Matthias Klose ] + * Update to 8u222-b05 (except for AArch32). + * Apply suggested hotspot fixes for AArch32. + * Re-enable running the testsuite. + + [ Tiago Stürmer Daitx ] + * Find any hs_err_pid files generated during the build and send to stdout. + + -- Matthias Klose Mon, 10 Jun 2019 15:03:02 +0200 + + openjdk-8 (8u222-b04-3) experimental; urgency=medium + + * Update ARM32 to jdk8u222-b04-aarch32-190603. + * Regenerate the ppc64el patch. + * Remove unused patches ppc64le-8036767 and zero-opt. + + -- Matthias Klose Fri, 07 Jun 2019 09:14:38 +0200 + + openjdk-8 (8u222-b04-1) experimental; urgency=medium + + * Update to 8u222-b04. + * Update ARM32 to jdk8u212-b04-aarch32-190430. + * Fix 32bit zero builds. + + -- Matthias Klose Mon, 03 Jun 2019 12:11:07 +0200 + + openjdk-8 (8u212-b03-3) UNRELEASED; urgency=medium + + * Use -a instead of -s for debhelper tools. + + -- Matthias Klose Tue, 28 May 2019 14:10:32 +0200 + + openjdk-8 (8u212-b03-2) unstable; urgency=medium + + * Don't apply the 8221355 fix for ARM builds. + * Don't configure --with-vendor-name on stable releases. + * Fix the jpeg runtime dependency for the build in unstable. + + -- Matthias Klose Tue, 28 May 2019 10:14:27 +0200 + + openjdk-8 (8u212-b03-1) unstable; urgency=medium + + [ Matthias Klose ] + * Configure --with-vendor-name. + * 8221355: Fix performance regression after JDK-8155635 backport into 8u. + + [ Tiago Stürmer Daitx ] + * Update to 8u212-b03. LP: #1826001. + * Security fixes: + - S8211936, CVE-2019-2602: Better String parsing. + - S8218453, CVE-2019-2684: More dynamic RMI interactions. + - S8219066, CVE-2019-2698: Fuzzing TrueType fonts: setCurrGlyphID(). + * Revert to GTK2 as default since GTK3 still has padding and component + issues: + - debian/rules: always Build-Depends on libgtk2.0-dev and Depends on + libgtk2.0-0 instead of relying on gtk3 for some releases. + * debian/control: add missing dependency on testng (required by the + testsuites). + + [ Andrej Shadura ] + * debian/rules: check for nodoc instead of nodocs in DEB_BUILD_OPTIONS. + Closes: 922757. + + [ Matthias Klose ] + * debian/rules, debian/tests/jtdiff-autopkgtest.sh, + debian/tests/jtreg-autopkgtest.in, debian/tests/jtreg-autopkgtest.sh: + only set the JDK under test and allow jtreg to use its default JDK + for running the tests. + + [ Thorsten Glaser ] + * Improve compatibility with older releases. Closes: #925407. + - debian/rules: determine source date using backwards-compatible + dpkg-parsechangelog call. + - debian/control.in: put @bd_cross@ onto same line as @bd_nss@ as + it can be empty. + + -- Matthias Klose Mon, 29 Apr 2019 14:51:40 +0200 openjdk-8 (8u212-b01-1) unstable; urgency=medium diff --cc debian/rules index a12273c,e651525..ef17f6b --- a/debian/rules +++ b/debian/rules @@@ -125,11 -131,12 +131,12 @@@ ifneq (,$(filter parallel=%,$(subst $(C endif with_check = $(if $(findstring nocheck, $(DEB_BUILD_OPTIONS)),,yes) -ifneq (,$(filter $(DEB_HOST_ARCH), armel)) +ifneq (,$(filter $(DEB_HOST_ARCH), armel armhf)) with_check = disabled running check on $(DEB_HOST_ARCH) endif + #with_check = disabled for this build - with_docs = $(if $(findstring nodocs, $(DEB_BUILD_OPTIONS)),,yes) + with_docs = $(if $(findstring nodoc, $(DEB_BUILD_OPTIONS)),,yes) ifneq (,$(findstring shark, $(PKGSOURCE))) with_docs = disabled for shark endif