openjdk-8 (8u312-b07-1) unstable; urgency=medium
* New upstream release (GA)
* Security fixes:
- JDK-
8130183, CVE-2021-35588: InnerClasses: VM permits wrong
Throw ClassFormatError if InnerClasses attribute's
inner_class_info_index is 0
- JDK-
8161016: Strange behavior of URLConnection with proxy
- JDK-
8163326, CVE-2021-35550: Update the default enabled cipher
suites preference
- JDK-
8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on
TLS session close
- JDK-
8263314: Enhance XML Dsig modes
- JDK-
8265167, CVE-2021-35556: Richer Text Editors
- JDK-
8265574: Improve handling of sheets
- JDK-
8265580, CVE-2021-35559: Enhanced style for RTF kit
- JDK-
8265776: Improve Stream handling for SSL
- JDK-
8266097, CVE-2021-35561: Better hashing support
- JDK-
8266103: Better specified spec values
- JDK-
8266109: More Resilient Classloading
- JDK-
8266115: More Manifest Jar Loading
- JDK-
8266137, CVE-2021-35564: Improve Keystore integrity
- JDK-
8266689, CVE-2021-35567: More Constrained Delegation
- JDK-
8267086: ArrayIndexOutOfBoundsException in
java.security.KeyFactory.generatePublic
- JDK-
8267712: Better LDAP reference processing
- JDK-
8267729, CVE-2021-35578: Improve TLS client handshaking
- JDK-
8267735, CVE-2021-35586: Better BMP support
- JDK-
8268193: Improve requests of certificates
- JDK-
8268199: Correct certificate requests
- JDK-
8268506: More Manifest Digests
- JDK-
8269618, CVE-2021-35603: Better session identification
- JDK-
8269624: Enhance method selection support
- JDK-
8270398: Enhance canonicalization
- JDK-
8270404: Better canonicalization
* Other changes: see
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-October/014373.html
* Policy 4.6.1, no relevant changes
* d/copyright: Apply changes since 8u302
* Upload sponsored by ⮡ tarent
[dgit import unpatched openjdk-8 8u312-b07-1]
projects / openjdk-8.git / log