java-17-openj9/java-17-openj9.changes

-------------------------------------------------------------------
Tue Aug  6 08:24:25 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.12 with OpenJ9 0.46.0 virtual machine
- Including Oracle July 2024 CPU changes
  * CVE-2024-21131 (bsc#1228046), CVE-2024-21138 (bsc#1228047),
    CVE-2024-21140 (bsc#1228048), CVE-2024-21147 (bsc#1228052),
    CVE-2024-21145 (bsc#1228051)
- Removed patch:
  * openj9-no-narrowing.patch
    + fixed in upstream code

-------------------------------------------------------------------
Thu May 23 17:42:26 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.11 with OpenJ9 0.44.0 virtual machine
- Including Oracle April 2024 CPU changes
  * CVE-2024-21012 (bsc#1222987), CVE-2024-21094 (bsc#1222986),
    CVE-2024-21011 (bsc#1222979), CVE-2024-21068 (bsc#1222983)
  * OpenJ9 changes, see 
    https://www.eclipse.org/openj9/docs/version0.44/
- Added patch:
  * openj9-openssl.patch
    + fix build with older openssl that does not define
      SSL_R_UNEXPECTED_EOF_WHILE_READING

-------------------------------------------------------------------
Thu Mar  7 12:44:28 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Removed patch:
  * alternative-tzdb_dat.patch
    + Remove the possibility to use the system timezone-java. It
      creates more problems then it solves (bsc#1213470)

-------------------------------------------------------------------
Tue Feb 20 15:41:46 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Use %patch -P N instead of deprecated %patchN.

-------------------------------------------------------------------
Mon Feb 12 16:18:17 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.10 with OpenJ9 0.43.0 virtual machine
- Including Oracle January 2024 CPU changes
  * CVE-2024-20918 (bsc#1218907), CVE-2024-20919 (bsc#1218903),
    CVE-2024-20921 (bsc#1218905), CVE-2024-20932 (bsc#1218908),
    CVE-2024-20945 (bsc#1218909), CVE-2024-20952 (bsc#1218911)
  * OpenJ9 changes, see 
    https://www.eclipse.org/openj9/docs/version0.43/
- Modified patches:
  * alternative-tzdb_dat.patch
  * openj9-nogit.patch.in
    + rediff to changed context

-------------------------------------------------------------------
Thu Nov 23 07:20:07 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.9 with OpenJ9 0.41.0 virtual machine
- Including Oracle October 2023 CPU changes
  * CVE-2023-22081, bsc#1216374
  * CVE-2023-22025, bsc#1216339
- Including Openj9 0.41.0 fixes of CVE-2023-5676, bsc#1217214
  * For other OpenJ9 changes, see
    https://www.eclipse.org/openj9/docs/version0.41   

-------------------------------------------------------------------
Sat Aug 26 12:48:19 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.8.1 with OpenJ9 0.40.0 virtual machine
  * JDK-8313765: Invalid CEN header (invalid zip64 extra data
    field size)

-------------------------------------------------------------------
Tue Aug 15 07:23:28 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.8 with OpenJ9 0.40.0 virtual machine
- Including Oracle July 2023 CPU changes
  * CVE-2023-22006 (bsc#1213473), CVE-2023-22036 (bsc#1213474),
    CVE-2023-22041 (bsc#1213475), CVE-2023-22044 (bsc#1213479),
    CVE-2023-22045 (bsc#1213481), CVE-2023-22049 (bsc#1213482),
    CVE-2023-25193 (bsc#1207922)
  * OpenJ9 changes, see
    https://www.eclipse.org/openj9/docs/version0.40
- Modified patch:
  * stringop-overflow.patch
    + rediff to changed context

-------------------------------------------------------------------
Mon Aug 14 19:58:17 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.7 with OpenJ9 0.38.0 virtual machine
- Including Oracle April 2023 CPU changes
  * CVE-2023-21930 (bsc#1210628), CVE-2023-21937 (bsc#1210631),
    CVE-2023-21938 (bsc#1210632), CVE-2023-21939 (bsc#1210634),
    CVE-2023-21954 (bsc#1210635), CVE-2023-21967 (bsc#1210636),
    CVE-2023-21968 (bsc#1210637)
  * OpenJ9 specific vulnerability: CVE-2023-2597 (bsc#1211615)
  * OpenJ9 changes, see
    https://www.eclipse.org/openj9/docs/version0.38

-------------------------------------------------------------------
Tue Mar 28 10:02:44 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Added patch:
  * stringop-overflow.patch
    + disable -Wstringop-overflow and fix build in Factory

-------------------------------------------------------------------
Mon Mar  6 09:09:45 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.6 with OpenJ9 0.36.0 virtual machine
  * including Oracle January 2023 CPU changes
    + CVE-2023-21835, bsc#1207246
    + CVE-2023-21843, bsc#1207248
  * OpenJ9 changes, see 
    https://www.eclipse.org/openj9/docs/version0.36

-------------------------------------------------------------------
Fri Feb 17 13:19:03 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Remove the accessibility sub-package, since it was never really
  working and creates another problems (bsc#1206549). It can
  eventually be built as standalone if needed
- Removed patches:
  * jaw-jdk10.patch
  * jaw-misc.patch
  * jaw-nogtk.patch
    + not needed after the removal of the accessibility sub-package

-------------------------------------------------------------------
Mon Oct 31 12:04:30 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.5 with OpenJ9 0.35.0 virtual machine
  * Including Oracle October 2022 CPU changes
    CVE-2022-21618 (bsc#1204468), CVE-2022-21619 (bsc#1204473),
    CVE-2022-21626 (bsc#1204471), CVE-2022-21624 (bsc#1204475),
    CVE-2022-21628 (bsc#1204472), CVE-2022-39399 (bsc#1204480)
  * Fixes OpenJ9 vulnerability bsc#1204703, CVE-2022-3676
  * OpenJ9 changes, see 
    https://www.eclipse.org/openj9/docs/version0.35

-------------------------------------------------------------------
Tue Aug 16 06:55:36 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Update to OpenJDK 17.0.4 with OpenJ9 0.33.0 virtual machine
  * Including Oracle July 2022 CPU changes
    CVE-2022-21540 (bsc#1201694), CVE-2022-21541 (bsc#1201692),
    CVE-2022-21549 (bsc#1201685), CVE-2022-34169 (bsc#1201684)
  * OpenJ9 changes, see
    https://www.eclipse.org/openj9/docs/version0.33
- Modified template patch:
  * openj9-nogit.patch.in
    + The git commit hash code became more generic, so redo the
      template patch
- Added patch:
  * openj9-no-narrowing.patch
    + Fix narrowing conversion error

-------------------------------------------------------------------
Tue Jul 12 07:30:36 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Initial packaging of OpenJDK 17.0.3 with OpenJ9 0.32.0 virtual
  machine
  * OpenJ9 changes, see
    https://www.eclipse.org/openj9/docs/version0.32
OBS-URL: https://build.opensuse.org/package/show/Java:Factory/java-17-openj9?expand=0&rev=70 2024-08-06 10:27:12 +02:00			`-------------------------------------------------------------------`
			`Tue Aug 6 08:24:25 UTC 2024 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.12 with OpenJ9 0.46.0 virtual machine`
			`- Including Oracle July 2024 CPU changes`
			`* CVE-2024-21131 (bsc#1228046), CVE-2024-21138 (bsc#1228047),`
			`CVE-2024-21140 (bsc#1228048), CVE-2024-21147 (bsc#1228052),`
			`CVE-2024-21145 (bsc#1228051)`
			`- Removed patch:`
			`* openj9-no-narrowing.patch`
			`+ fixed in upstream code`

OBS-URL: https://build.opensuse.org/package/show/Java:Factory/java-17-openj9?expand=0&rev=69 2024-08-05 16:04:05 +02:00			`-------------------------------------------------------------------`
			`Thu May 23 17:42:26 UTC 2024 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.11 with OpenJ9 0.44.0 virtual machine`
			`- Including Oracle April 2024 CPU changes`
			`* CVE-2024-21012 (bsc#1222987), CVE-2024-21094 (bsc#1222986),`
			`CVE-2024-21011 (bsc#1222979), CVE-2024-21068 (bsc#1222983)`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.44/`
			`- Added patch:`
			`* openj9-openssl.patch`
			`+ fix build with older openssl that does not define`
			`SSL_R_UNEXPECTED_EOF_WHILE_READING`

			`-------------------------------------------------------------------`
			`Thu Mar 7 12:44:28 UTC 2024 - Fridrich Strba <fstrba@suse.com>`

			`- Removed patch:`
			`* alternative-tzdb_dat.patch`
			`+ Remove the possibility to use the system timezone-java. It`
			`creates more problems then it solves (bsc#1213470)`

			`-------------------------------------------------------------------`
			`Tue Feb 20 15:41:46 UTC 2024 - Fridrich Strba <fstrba@suse.com>`

			`- Use %patch -P N instead of deprecated %patchN.`

			`-------------------------------------------------------------------`
			`Mon Feb 12 16:18:17 UTC 2024 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.10 with OpenJ9 0.43.0 virtual machine`
			`- Including Oracle January 2024 CPU changes`
			`* CVE-2024-20918 (bsc#1218907), CVE-2024-20919 (bsc#1218903),`
			`CVE-2024-20921 (bsc#1218905), CVE-2024-20932 (bsc#1218908),`
			`CVE-2024-20945 (bsc#1218909), CVE-2024-20952 (bsc#1218911)`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.43/`
			`- Modified patches:`
			`* alternative-tzdb_dat.patch`
			`* openj9-nogit.patch.in`
			`+ rediff to changed context`

			`-------------------------------------------------------------------`
			`Thu Nov 23 07:20:07 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.9 with OpenJ9 0.41.0 virtual machine`
			`- Including Oracle October 2023 CPU changes`
			`* CVE-2023-22081, bsc#1216374`
			`* CVE-2023-22025, bsc#1216339`
			`- Including Openj9 0.41.0 fixes of CVE-2023-5676, bsc#1217214`
			`* For other OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.41`

			`-------------------------------------------------------------------`
			`Sat Aug 26 12:48:19 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.8.1 with OpenJ9 0.40.0 virtual machine`
			`* JDK-8313765: Invalid CEN header (invalid zip64 extra data`
			`field size)`

			`-------------------------------------------------------------------`
			`Tue Aug 15 07:23:28 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.8 with OpenJ9 0.40.0 virtual machine`
			`- Including Oracle July 2023 CPU changes`
			`* CVE-2023-22006 (bsc#1213473), CVE-2023-22036 (bsc#1213474),`
			`CVE-2023-22041 (bsc#1213475), CVE-2023-22044 (bsc#1213479),`
			`CVE-2023-22045 (bsc#1213481), CVE-2023-22049 (bsc#1213482),`
			`CVE-2023-25193 (bsc#1207922)`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.40`
			`- Modified patch:`
			`* stringop-overflow.patch`
			`+ rediff to changed context`

			`-------------------------------------------------------------------`
			`Mon Aug 14 19:58:17 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.7 with OpenJ9 0.38.0 virtual machine`
			`- Including Oracle April 2023 CPU changes`
			`* CVE-2023-21930 (bsc#1210628), CVE-2023-21937 (bsc#1210631),`
			`CVE-2023-21938 (bsc#1210632), CVE-2023-21939 (bsc#1210634),`
			`CVE-2023-21954 (bsc#1210635), CVE-2023-21967 (bsc#1210636),`
			`CVE-2023-21968 (bsc#1210637)`
			`* OpenJ9 specific vulnerability: CVE-2023-2597 (bsc#1211615)`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.38`

			`-------------------------------------------------------------------`
			`Tue Mar 28 10:02:44 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Added patch:`
			`* stringop-overflow.patch`
			`+ disable -Wstringop-overflow and fix build in Factory`

			`-------------------------------------------------------------------`
			`Mon Mar 6 09:09:45 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.6 with OpenJ9 0.36.0 virtual machine`
			`* including Oracle January 2023 CPU changes`
			`+ CVE-2023-21835, bsc#1207246`
			`+ CVE-2023-21843, bsc#1207248`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.36`

			`-------------------------------------------------------------------`
			`Fri Feb 17 13:19:03 UTC 2023 - Fridrich Strba <fstrba@suse.com>`

			`- Remove the accessibility sub-package, since it was never really`
			`working and creates another problems (bsc#1206549). It can`
			`eventually be built as standalone if needed`
			`- Removed patches:`
			`* jaw-jdk10.patch`
			`* jaw-misc.patch`
			`* jaw-nogtk.patch`
			`+ not needed after the removal of the accessibility sub-package`

			`-------------------------------------------------------------------`
			`Mon Oct 31 12:04:30 UTC 2022 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.5 with OpenJ9 0.35.0 virtual machine`
			`* Including Oracle October 2022 CPU changes`
			`CVE-2022-21618 (bsc#1204468), CVE-2022-21619 (bsc#1204473),`
			`CVE-2022-21626 (bsc#1204471), CVE-2022-21624 (bsc#1204475),`
			`CVE-2022-21628 (bsc#1204472), CVE-2022-39399 (bsc#1204480)`
			`* Fixes OpenJ9 vulnerability bsc#1204703, CVE-2022-3676`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.35`

			`-------------------------------------------------------------------`
			`Tue Aug 16 06:55:36 UTC 2022 - Fridrich Strba <fstrba@suse.com>`

			`- Update to OpenJDK 17.0.4 with OpenJ9 0.33.0 virtual machine`
			`* Including Oracle July 2022 CPU changes`
			`CVE-2022-21540 (bsc#1201694), CVE-2022-21541 (bsc#1201692),`
			`CVE-2022-21549 (bsc#1201685), CVE-2022-34169 (bsc#1201684)`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.33`
			`- Modified template patch:`
			`* openj9-nogit.patch.in`
			`+ The git commit hash code became more generic, so redo the`
			`template patch`
			`- Added patch:`
			`* openj9-no-narrowing.patch`
			`+ Fix narrowing conversion error`

			`-------------------------------------------------------------------`
			`Tue Jul 12 07:30:36 UTC 2022 - Fridrich Strba <fstrba@suse.com>`

			`- Initial packaging of OpenJDK 17.0.3 with OpenJ9 0.32.0 virtual`
			`machine`
			`* OpenJ9 changes, see`
			`https://www.eclipse.org/openj9/docs/version0.32`