Accepting request 511816 from Java:Factory

Oracle July 2017 Patch Day OBS-URL: https://build.opensuse.org/request/show/511816 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/java-1_8_0-openjdk?expand=0&rev=48
2017-07-24 10:31:54 +00:00 · 2017-07-24 10:31:54 +00:00 · f6d8b96f55
commit f6d8b96f55
parent f117e171a0 67505c2865
13 changed files with 163 additions and 27 deletions
--- a/aarch32.tar.xz
+++ b/aarch32.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:38e24d556aa269a5168e251b1fa97e84467a722fff27fa2f81de315854f18a33
+size 6743892
--- a/corba.tar.xz
+++ b/corba.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:47210b6c69dcc6193b9bf0a3d61b75b48f4fa56e8ca348e40200cfa14eca3fd1
-size 941164
+oid sha256:1dd145802924cf378436bdd3fcb7292c238961ee66a216cc3386b9def42266f6
+size 937116
--- a/hotspot.tar.xz
+++ b/hotspot.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:973d668f312b869184665def8abe4037dcd78562bf0dda40367102aca647fd76
-size 6818648
+oid sha256:f156b07a66526d3fa5f8adf17d0f1655359ce8874da9f4cf1d546b7205b0bee1
+size 6818476
--- a/icedtea-3.4.0.tar.xz
+++ b/icedtea-3.4.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b518f389c44d45bb264d7e954b3c0b836d3d23ba9fbd620ff7c68f934a012e9a
-size 1463512
--- a/icedtea-3.5.0.tar.xz
+++ b/icedtea-3.5.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9aa89e00ecc07baa6b37a6b1e363c3d7128253e95374c74d1d2706f36c3ccab5
+size 1489740
--- a/java-1_8_0-openjdk.changes
+++ b/java-1_8_0-openjdk.changes
@ -1,3 +1,131 @@
+-------------------------------------------------------------------
+Fri Jul 21 08:27:25 UTC 2017 - fstrba@suse.com
+
+- Upgrade to version jdk8u141 (icedtea 3.5.0)
+  * Security fixes
+    - S8163958, CVE-2017-10102, bsc#1049316: Improved garbage
+      collection
+    - S8167228: Update to libpng 1.6.28
+    - S8169209, CVE-2017-10053, bsc#1049305: Improved image
+      post-processing steps
+    - S8169392, CVE-2017-10067, bsc#1049306: Additional jar
+      validation steps
+    - S8170966, CVE-2017-10081, bsc#1049309: Right parenthesis
+      issue
+    - S8171539, CVE-2017-10078, bsc#1049308: Better script
+      accessibility for JavaScript
+    - S8172204, CVE-2017-10087, bsc#1049311: Better Thread Pool
+      execution
+    - S8172461, CVE-2017-10089, bsc#1049312: Service Registration
+      Lifecycle
+    - S8172465, CVE-2017-10090, bsc#1049313: Better handling of
+      channel groups
+    - S8172469, CVE-2017-10096, bsc#1049314: Transform Transformer
+      Exceptions
+    - S8173286, CVE-2017-10101, bsc#1049315: Better reading of text
+      catalogs
+    - S8173697, CVE-2017-10107, bsc#1049318: Less Active
+      Activations
+    - S8173770, CVE-2017-10074, bsc#1049307: Image conversion
+      improvements
+    - S8174098, CVE-2017-10110, bsc#1049321: Better image fetching
+    - S8174105, CVE-2017-10108, bsc#1049319: Better naming
+      attribution
+    - S8174113, CVE-2017-10109, bsc#1049320: Better sourcing of
+      code
+    - S8174770: Check registry registration location
+    - S8174873: Improved certificate processing
+    - S8175106, CVE-2017-10115, bsc#1049324: Higher quality DSA
+      operations
+    - S8175110, CVE-2017-10118, bsc#1049326: Higher quality ECDSA
+      operations
+    - S8176055: JMX diagnostic improvements
+    - S8176067, CVE-2017-10116, bsc#1049325: Proper directory
+      lookup processing
+    - S8176760, CVE-2017-10135, bsc#1049328: Better handling of
+      PKCS8 material
+    - S8178135, CVE-2017-10176, bsc#1049329: Additional elliptic
+      curve support
+    - S8179101, CVE-2017-10193, bsc#1049330: Improve algorithm
+      constraints implementation
+    - S8179998, CVE-2017-10198, bsc#1049331: Clear certificate
+      chain connections
+    - S8181420, CVE-2017-10074, bsc#1049307: PPC: Image conversion
+      improvements
+    - S8183551, CVE-2017-10074, PR3423, bsc#1049307: AArch64: Image
+      conversion improvements
+    - S8184185, CVE-2017-10111, bsc#1049322: Rearrange MethodHandle
+      arrangements
+    - bsc#1049332, CVE-2017-10243: Unspecified vulnerability in
+      subcomponent JAX-WS
+    - bsc#1049327, CVE-2017-10125: Unspecified vulnerability in
+      subcomponent deployment
+    - bsc#1049323, CVE-2017-10114: Unspecified vulnerability in
+      subcomponent JavaFX
+    - bsc#1049317, CVE-2017-10105: Unspecified vulnerability in
+      subcomponent deployment
+    - bsc#1049310, CVE-2017-10086: Unspecified vulnerability in
+      subcomponent JavaFX
+* New features
+    - PR3392, RH1273760: Support using RSAandMGF1 with the SHA hash
+      algorithms in the PKCS11 provider
+* Import of OpenJDK 8 u141 build 15 (bsc#1049302)
+    - S8139870: sun.management.LazyCompositeData.isTypeMatched()
+      fails for composite types with items of ArrayType
+    - S8155690: Update libPNG library to the latest up-to-date
+    - S8159058: SAXParseException when sending soap message
+    - S8162461: Hang due to JNI up-call made whilst holding JNI
+      critical lock
+    - S8163889: [macosx] Can't print from browser on Mac OS X
+    - S8165231: java.nio.Bits.unaligned() doesn't return true on ppc
+    - S8165367: Additional tests for JEP 288: Disable SHA-1
+      Certificates
+    - S8173145: Menu is activated after using mnemonic Alt/Key
+      combination
+    - S8173207: Upgrade compression library
+    - S8175251: Failed to load RSA private key from pkcs12
+    - S8176329: jdeps to detect MR jar file and output a warning
+    - S8176536: Improved algorithm constraints checking
+    - S8176731: JCK tests in api/javax_xml/transform/ spec
+      conformance started failing after 8172469
+    - S8176769: Remove accidental spec change in jdk8u
+    - S8177449: (tz) Support tzdata2017b
+    - S8178996: [macos] JComboBox doesn't display popup in mixed
+      JavaFX Swing Application on 8u131 and Mac OS 10.12
+    - S8179014: JFileChooser with Windows look and feel crashes on
+      win 10
+    - S8180582: The bind to rmiregistry is rejected by
+      registryFilter even though registryFilter is set
+    - S8181591: 8u141 L10n resource file update
+    - S8181698: Remove and retag 8u141-b12 tag from source
+      repository
+    - S8181946: JDK 8 THIRD_PARTY_README - Minor Cleanup
+    - S8182054: Improve wsdl support
+    - S8184235: Backout JDK-8173207 from 8u141, 7u151 and higher
+      updates source base
+* Backports
+    - S8164293, PR3412, RH1459641: HotSpot leaking memory in
+      long-running requests
+    - S8175813, PR3394, RH1448880: PPC64: "mbind: Invalid argument"
+      when -XX:+UseNUMA is used
+    - S8175887, PR3415: C1 value numbering handling of
+      Unsafe.get*Volatile is incorrect
+    - S8179084, PR3409, RH1455694: HotSpot VM fails to start when
+      AggressiveHeap is set
+    - S8180048, PR3411, RH1449870: Interned string and symbol table
+      leak memory during parallel unlinking
+    - S8181055, PR3394, RH1448880: PPC64: "mbind: Invalid argument"
+      still seen after 8175813
+    - S8181419, PR3413, RH1463144: Race in jdwp invoker handling
+      may lead to crashes or invalid results
+* AArch64 port
+    - S7009641, PR3423: Don't fail VM when CodeCache is full
+    - S8182581, PR3423: aarch64: fix for crash caused by earlyret
+      of compiled method
+* AArch32 port
+    - PR3391: Revert PR3385 as -Xshare:dump does appear to work on
+      AArch32
+
 -------------------------------------------------------------------
 Wed May 17 10:52:18 UTC 2017 - fstrba@suse.com

@ -76,7 +204,7 @@ Wed May 17 10:52:18 UTC 2017 - fstrba@suse.com
    - S8171952: [macosx]
      AWT_Modality/Automated/ModalExclusion/NoExclusion/ModelessDialog
      test fails as DummyButton on Dialog did not gain focus when
-	  clicked.
+      clicked.
    - S8173030: Temporary backout fix #8035568 from 8u131-b03
    - S8173031: Temporary backout fix #8171952 from 8u131-b03
    - S8173783, PR3328: IllegalArgumentException:
--- a/java-1_8_0-openjdk.spec
+++ b/java-1_8_0-openjdk.spec
@ -17,8 +17,8 @@


 %{!?aarch64:%global aarch64 aarch64 arm64 armv8}
-%global jit_arches %{ix86} x86_64 ppc64 ppc64le %{aarch64}
-%global icedtea_version 3.4.0
+%global jit_arches %{ix86} x86_64 ppc64 ppc64le %{aarch64} %{arm}
+%global icedtea_version 3.5.0
 %global icedtea_sound_version 1.0.1
 %global buildoutputdir openjdk.build/
 # Convert an absolute path to a relative path.  Each symbolic link is
@ -32,7 +32,7 @@
 # priority must be 6 digits in total
 %global priority        1805
 %global javaver         1.8.0
-%global updatever       131
+%global updatever       141
 # Standard JPackage directories and symbolic links.
 %global sdklnk          java-%{javaver}-openjdk
 %global archname        %{sdklnk}
@ -182,9 +182,10 @@ Source5:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_v
 Source6:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/jdk.tar.xz
 Source7:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/langtools.tar.xz
 Source8:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/hotspot.tar.xz
-Source9:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/nashorn.tar.xz
+Source9:        http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/aarch32.tar.xz
+Source10:       http://icedtea.classpath.org/download/drops/icedtea8/%{icedtea_version}/nashorn.tar.xz
 # Test
-Source10:       TestECDSA.java
+Source11:       TestECDSA.java
 # RPM/distribution specific patches
 # RHBZ 1015432
 Patch2:         1015432.patch
@ -535,8 +536,12 @@ sh autogen.sh
        --with-jaxws-src-zip=%{SOURCE5} \
        --with-jdk-src-zip=%{SOURCE6} \
        --with-langtools-src-zip=%{SOURCE7} \
+%ifarch %{arm}
+        --with-hotspot-src-zip=%{SOURCE9} \
+%else
        --with-hotspot-src-zip=%{SOURCE8} \
-        --with-nashorn-src-zip=%{SOURCE9}
+%endif
+        --with-nashorn-src-zip=%{SOURCE10}

 make patch %{?_smp_mflags}

@ -884,7 +889,7 @@ fi
 export JAVA_HOME=$(pwd)/%{buildoutputdir}images/j2sdk-image

 # Check ECC is working
-$JAVA_HOME/bin/javac -d . %{SOURCE10}
+$JAVA_HOME/bin/javac -d . %{SOURCE11}
 $JAVA_HOME/bin/java TestECDSA

 %endif
--- a/jaxp.tar.xz
+++ b/jaxp.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:c74a8a27f1d2dfeaabfce3b5b46623e367fb0fbd5938a3aca8fcd23eb2ce1d53
-size 2303260
+oid sha256:3c1e16c1223e58f3abfb7987e0bd208153f04c273002777193b1cfa289ea89c7
+size 2296728
--- a/jaxws.tar.xz
+++ b/jaxws.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:90642e9131f4c8922576305224278fcae72d8363956b76d4cdbf813027836cac
-size 2270028
+oid sha256:47579cf8bc588d77536fda473f8ecf9597f550a8d541d21a2b90179424a1e292
+size 2267392
--- a/jdk.tar.xz
+++ b/jdk.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:ec71e37b98b4baa6831c5cb30bcc1ab18cd95993744dbc4d37a28b2dc5049896
-size 39004216
+oid sha256:19908a408068f3cf0ed2a391a2e711e3d0e8e91072b8005093c7b2b8015a95e3
+size 39030960
--- a/langtools.tar.xz
+++ b/langtools.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:489799c6a86fbfb7da2f2c0ec48e44970a152ea38b97bb40cc04bc09155ab39f
-size 2067092
+oid sha256:49fd3c277600bd125d113c36fa16762c6ef620aca5aaa593dd0cee98af88b79c
+size 2066416
--- a/nashorn.tar.xz
+++ b/nashorn.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:3f3861e7268a3986fa8d5c940b85a0de1003f7ebb212df157a9b421ac621d6ae
-size 2233268
+oid sha256:f995d94f726e74030c414cad2da5401afddf0606a21ecbedce90cfb48abbf54f
+size 2230868
--- a/openjdk.tar.xz
+++ b/openjdk.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:f1eb8c8e45965adcaa1e9cc70df043a825d52409e96712d266167994ff88456d
-size 337556
+oid sha256:557380dfe3b19fb73de62a51867528b1a0c982c0c1b9aae7cde6061d7d7d2736
+size 333272