[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-distro-pkg-dev
Subject: [SECURITY] IcedTea 3.0.1 for OpenJDK 8 Released!
From: Andrew Hughes <gnu_andrew () member ! fsf ! org>
Date: 2016-04-24 7:19:59
Message-ID: 20160424071959.GA28518 () carrie ! the212 ! com
[Download RAW message or body]
The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools, along with additional
features such as the ability to build against system libraries and
support for alternative virtual machines and architectures beyond
those supported by OpenJDK.
This release updates our OpenJDK 8 support in the 3.0.x series with
the April 2016 security fixes from OpenJDK 8 u91.
If you find an issue with the release, please report it to our bug
database (http://icedtea.classpath.org/bugzilla) under the appropriate
component. Development discussion takes place on the
distro-pkg-dev@openjdk.java.net mailing list and patches are
always welcome.
Full details of the release can be found below.
What's New?
===========
New in release 3.0.1 (2016-04-23):
* Security fixes
- S8129952, CVE-2016-0686: Ensure thread consistency
- S8132051, CVE-2016-0687: Better byte behavior
- S8138593, CVE-2016-0695: Make DSA more fair
- S8139008: Better state table management
- S8143167, CVE-2016-3425: Better buffering of XML strings
- S8143945, CVE-2016-3426: Better GCM validation
- S8144430, CVE-2016-3427: Improve JMX connections
- S8146494: Better ligature substitution
- S8146498: Better device table adjustments
* Import of OpenJDK 8 u91 build 14
- S8002116: This JdbReadTwiceTest.sh gets an exit 1
- S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when invoked with NMT \
explicitly turned on
- S8036132: Tab characters in test/com/sun/jdi files
- S8038963: com/sun/jdi tests fail because cygwin's ps sometimes misses processes
- S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when run under root
- S8059661: Test SoftReference and OOM behavior
- S8067422: Lambda method names are unnecessarily unstable
- S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java got OOME
- S8074146: [TEST_BUG] jdb has succeded to read an unreadable file
- S8130212: Thread::current() might access freed memory on Solaris
- S8132890: Text Overlapping on Dot Matrix Printers
- S8134297: NPE in GSSNameElement nameType check
- S8134650: Xsl transformation gives different results in 8u66
- S8134828: Scrollbar thumb disappears with Nimbus L&F
- S8138589: Correct limits on unlimited cryptography
- S8138811: Construction of static protection domains
- S8140268: Generate link to specification license for JavaDoc API documentation
- S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp of cmserr.c
- S8143002: [Parfait] JNI exception pending in fontpath.c:1300
- S8143959: Certificates requiring blacklisting
- S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
- S8146518: Zero interpreter broken with better byte behaviour
- S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java \
should use 4-args ProtectionDomain constructor
- S8147567: InterpreterRuntime::post_field_access not updated for boolean in \
JDK-8132051
- S8148446: (tz) Support tzdata2016a
- S8148475: Missing SA Bytecode updates.
- S8148487: PPC64: Better byte behavior
- S8148522: Backout JDK-8138811 from 2016 Apr CPU repo
- S8149170: Better byte behavior for native arguments
- S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with IOE: Invalid \
encoding for PolicyQualifierInfo
- S8150012: Better byte behavior for reflection
- S8150790: 8u75 L10n resource file translation update
* Backports
- S8148752, PR2943: Compiled StringBuilder code throws \
StringIndexOutOfBoundsException
- S8154210: Zero: Better byte behaviour
- S8154413: AArch64: Better byte behaviour
* Bug fixes
- PR2933: Support ccache 3.2 and later
- PR2934: SunEC provider throwing KeyException with current NSS
The tarballs can be downloaded from:
* http://icedtea.classpath.org/download/source/icedtea-3.0.1.tar.gz
* http://icedtea.classpath.org/download/source/icedtea-3.0.1.tar.xz
We provide both gzip and xz tarballs, so that those who are able to
make use of the smaller tarball produced by xz may do so.
The tarballs are accompanied by digital signatures available at:
* http://icedtea.classpath.org/download/source/icedtea-3.0.1.tar.gz.sig
* http://icedtea.classpath.org/download/source/icedtea-3.0.1.tar.xz.sig
These are produced using my public key. See details below.
PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
GnuPG >= 2.1 is required to be able to handle this key.
SHA256 checksums:
8babade1717fff48bcc4e1e2f3159c2c7d97cfb44ef10124bbab3f7dc34a0582 \
icedtea-3.0.1.tar.gz 8a5e702a114117ed301a632b1a41651d0577c9c59cfae4d10ff41f6a52185fc7 \
icedtea-3.0.1.tar.gz.sig \
346ce30de1de6c493729b79b246f250438fc5b8df7eae47229a97f9000a73af2 \
icedtea-3.0.1.tar.xz b440f83a05788157b752cc3b1a239261bcbb52bf82211c93173e93cb4f3fa760 \
icedtea-3.0.1.tar.xz.sig
The checksums can be downloaded from:
* http://icedtea.classpath.org/download/source/icedtea-3.0.1.sha256
The following people helped with these releases:
* James Le Cuirot (PR2933)
* Andrew Haley (S8154210 & S8154413)
* Andrew Hughes (all other backports & bug fixes, release management)
We would also like to thank the bug reporters and testers!
To get started:
$ tar xzf icedtea-3.0.1.tar.gz
or:
$ tar x -I xz -f icedtea-3.0.1.tar.xz
then:
$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-3.0.1/configure
$ make
Full build requirements and instructions are available in the INSTALL file.
Happy hacking!
--
Andrew :)
Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic