From 2098fba855bb8621d5865961945865a8ef2b60765ecba9fa3a85719e2c4f3455 Mon Sep 17 00:00:00 2001 From: Fridrich Strba Date: Wed, 22 Jul 2015 08:38:46 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/Java:Factory/java-1_8_0-openjdk?expand=0&rev=114 --- java-1_8_0-openjdk.changes | 55 ++++++++++++++++++++++++++++++++++++++ java-1_8_0-openjdk.spec | 2 +- 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/java-1_8_0-openjdk.changes b/java-1_8_0-openjdk.changes index c482c15..7078bfd 100644 --- a/java-1_8_0-openjdk.changes +++ b/java-1_8_0-openjdk.changes @@ -1,3 +1,58 @@ +------------------------------------------------------------------- +Wed Jul 22 08:21:13 UTC 2015 - fstrba@suse.com + +- Upgrade to upstream tag jdk8u51-b16 + * Security fix release of July 15, 2015 (bsc#938248, bsc#937828) +- Security issues fixed: + * CVE-2015-2590: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Libraries). + * CVE-2015-2597: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Install). + * CVE-2015-2601: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JCE). + * CVE-2015-2613: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JCE). + * CVE-2015-2619: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2621: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JMX). + * CVE-2015-2625: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-2627: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Install). + * CVE-2015-2628: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: CORBA). + * CVE-2015-2632; Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: 2D). + * CVE-2015-2637: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2638: Vulnerability in the Java SE, JavaFX, Java SE + Embedded component of Oracle Java SE (subcomponent: 2D). + * CVE-2015-2659: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Security). + * CVE-2015-2664: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-2808: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-4000: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JSSE). + * CVE-2015-4729: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-4731: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: JMX). + * CVE-2015-4732: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: Libraries). + * CVE-2015-4733: Vulnerability in the Java SE, Java SE Embedded + component of Oracle Java SE (subcomponent: RMI). + * CVE-2015-4736: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: Deployment). + * CVE-2015-4748: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: Security). + * CVE-2015-4749: Vulnerability in the Java SE, JRockit, Java SE + Embedded component of Oracle Java SE (subcomponent: JNDI). + * CVE-2015-4760: Vulnerability in the Java SE component of Oracle + Java SE (subcomponent: 2D). + ------------------------------------------------------------------- Thu Jun 18 13:38:54 UTC 2015 - tchvatal@suse.com diff --git a/java-1_8_0-openjdk.spec b/java-1_8_0-openjdk.spec index b119016..191a7cf 100644 --- a/java-1_8_0-openjdk.spec +++ b/java-1_8_0-openjdk.spec @@ -183,7 +183,7 @@ Source7: http://hg.openjdk.java.net/%{root_project}/%{root_repository}/na # Hotspot version from aarch64-port repository (using the _tip_ of the http://hg.openjdk.java.net/%{aarch64_project}/%{aarch64_repository}/hotspot) Source8: http://hg.openjdk.java.net/%{aarch64_project}/%{aarch64_repository}/hotspot/archive/%{aarch64_hotspot_revision}.tar.bz2 # Pulseaudio plugin -Source9: http://icedtea.wildebeest.org/download/source/icedtea-sound-%{icedtea_sound_version}.tar.xz +Source9: http://icedtea.classpath.org/download/source/icedtea-sound-%{icedtea_sound_version}.tar.xz # Systemtap tapsets. Zipped up to keep it small. Source10: systemtap-tapset.tar.gz # Desktop files. Adapated from IcedTea.