java-1_8_0-openjdk/java-1_8_0-openjdk.changes

-------------------------------------------------------------------
Thu Jul  7 14:41:06 UTC 2016 - fstrba@suse.com

- Fix script linking /usr/share/javazi/tzdb.dat for platform where
  it applies.

-------------------------------------------------------------------
Tue Jun 14 11:46:16 UTC 2016 - agraf@suse.com

- Fix aarch64 running with 48 bits va space (bsc#984684)
  * hotspot-aarch64-fix-48bit-va.patch

-------------------------------------------------------------------
Fri Jun  3 09:01:23 UTC 2016 - fstrba@suse.com

- Added patch:
  * disable-doclint-by-default-patch
    - Disable Doclint while building javadoc by default. OpenJDK 8
      adds and enables doclint by default. This catches issues in
      javadoc comments. It is too strict, breaks javadoc compilation
      and, in general, breaks the build for old code known to build
      with previous versions of OpenJDK.
- Cycle make on i586 in order to prevent some random build errors
  that are not easily reproduceable and thus fixable.

-------------------------------------------------------------------
Tue May 31 06:47:43 UTC 2016 - fstrba@suse.com

- Added patch:
  * java-1_8_0-openjdk-gcc6.patch
    + Fix build with gcc 6.1
- Add -fno-delete-null-pointer-checks -fno-lifetime-dse to try to 
  avoid some crashes

-------------------------------------------------------------------
Thu Apr 28 08:19:17 UTC 2016 - fstrba@suse.com

- Upgrade to version jdk8u91 (icedtea 3.0.1, bsc#976340)
- Icedtea changes from 2.6.5
  * Security fixes
    - S8129952, CVE-2016-0686: Ensure thread consistency
    - S8132051, CVE-2016-0687: Better byte behavior
    - S8138593, CVE-2016-0695: Make DSA more fair
    - S8139008: Better state table management
    - S8143167, CVE-2016-3425: Better buffering of XML strings
    - S8143945, CVE-2016-3426: Better GCM validation
    - S8144430, CVE-2016-3427: Improve JMX connections
    - S8146494: Better ligature substitution
    - S8146498: Better device table adjustments
  * Import of OpenJDK 8 u91 build 14
    - S8002116: This JdbReadTwiceTest.sh gets an exit 1
    - S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when
      invoked with NMT explicitly turned on
    - S8036132: Tab characters in test/com/sun/jdi files
    - S8038963: com/sun/jdi tests fail because cygwin's ps sometimes
      misses processes
    - S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when
      run under root
    - S8059661: Test SoftReference and OOM behavior
    - S8067422: Lambda method names are unnecessarily unstable
    - S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java
      got OOME
    - S8074146: [TEST_BUG] jdb has succeded to read an unreadable
      file
    - S8130212: Thread::current() might access freed memory on
      Solaris
    - S8132890: Text Overlapping on Dot Matrix Printers
    - S8134297: NPE in GSSNameElement nameType check
    - S8134650: Xsl transformation gives different results in 8u66
    - S8134828: Scrollbar thumb disappears with Nimbus L&F
    - S8138589: Correct limits on unlimited cryptography
    - S8138811: Construction of static protection domains
    - S8140268: Generate link to specification license for JavaDoc
      API documentation
    - S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp
      of cmserr.c
    - S8143002: [Parfait] JNI exception pending in fontpath.c:1300
    - S8143959: Certificates requiring blacklisting
    - S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again
    - S8146518: Zero interpreter broken with better byte behaviour
    - S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java
      should use 4-args ProtectionDomain constructor
    - S8147567: InterpreterRuntime::post_field_access not updated
      for boolean in JDK-8132051
    - S8148446: (tz) Support tzdata2016a
    - S8148475: Missing SA Bytecode updates.
    - S8148487: PPC64: Better byte behavior
    - S8148522: Backout JDK-8138811 from 2016 Apr CPU repo
    - S8149170: Better byte behavior for native arguments
    - S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with
      IOE: Invalid encoding for PolicyQualifierInfo
    - S8150012: Better byte behavior for reflection
    - S8150790: 8u75 L10n resource file translation update
  * Backports
    - S8148752, PR2943: Compiled StringBuilder code throws
      StringIndexOutOfBoundsException
    - S8154210: Zero: Better byte behaviour
    - S8154413: AArch64: Better byte behaviour
    - S4890063, PR2304, RH1214835: HPROF: default text truncated
      when using doe=n option
    - S6425769, PR2859: Allow specifying an address to bind JMX
      remote connector
    - S8000650, PR2462: unpack200.exe should check gzip crc
    - S8031668, PR2842: TOOLCHAIN_FIND_COMPILER unexpectedly
      resolves symbolic links
    - S8035341: Allow using a system installed libpng
    - S8038392: Generating prelink cache breaks JAVA 'jinfo' utility
      normal behavior
    - S8042159: Allow using a system-installed lcms2
    - S8042806: Splashscreen uses libjpeg-internal macros
    - S8043805: Allow using a system-installed libjpeg
    - S8044235: src.zip should include all sources
    - S8074839, PR2462: Resolve disabled warnings for libunpack and
      the unpack200 binary
    - S8074859, PR1937: Turn on warnings as error
    - S8087218, PR2740: Constant fold loads from final instance
      fields in VM anonymous classes
    - S8139932, PR2739: Typo in makefile changes for 8043805 [Allow
      using a system-installed libjpeg]
    - S8140483, PR2740: Atomic*FieldUpdaters final fields should be
      trusted
    - S8140620, PR2769: Find and load default.sf2 as the default
      soundbank on Linux
    - S8145096, PR2854: Undefined behaviour in HotSpot
    - S8145982, PR2859: JMXInterfaceBindingTest is failing
      intermittently
    - S8146015, PR2859: JMXInterfaceBindingTest is failing
      intermittently for IPv6 addresses
    - S8148351, PR2842: Only display resolved symlink for compiler,
      do not change path
    - S8150954, PR2866, RH1176206: AWT Robot not compatible with
      GNOME Shell
  * Bug fixes
    - PR2933: Support ccache 3.2 and later
    - PR2934: SunEC provider throwing KeyException with current NSS
    - S8041658: Use of -fdevirtualize on macroAssembler_x86.o
      (via -O2) with gcc 4.9.0 creates broken VM
    - PR94: empty install target in Makefile.am
    - PR729: GTKLookAndFeel should be the system look&feel on all
      GNU/Linux desktops
    - PR1275: Provide option to turn off downloading of tarballs
    - PR1281, RH513605: Updating/Installing OpenJDK should recreate
      the shared class-data archive
    - PR1289: Allow JARs to be optionally compressed by setting
      COMPRESS_JARS
    - PR1291: Ensure unlimited crypto policy is in place.
    - PR1325: Only add classes to rt-source-files.txt if actually
      needed
    - PR1341: Remove Rhino support
    - PR1346: Filter out -j option to make
    - PR1347: Update list of checked JDKs
    - PR1348: java -version output is broken
    - PR1357: Make XRender mandatory
    - PR1359: Check for /usr/lib64 JVMs and generic JPackage
      alternative
    - PR1364: Replace hgforest support
    - PR1367: Support using the system installation of LCMS
    - PR1368: Ensure debug data is available for all libraries and
      binaries without redundant files
    - PR1369: Remove outdated bootstrap configure tests or make them
      fail on error
    - PR1377: Forwardport javac detection / usability test from
      IcedTea 2.x
    - PR1379: Add build support for Zero AArch64
    - PR1413: Undefined reference to libz during link of unpack200
    - PR1741: Break PulseAudio provider out into IcedTea-Sound
    - PR1766: Expand architecture support
    - PR1774: Support GIF lib v5
    - PR1774: Correct #ifdef to #if
    - PR1796: make fails with "computed checksum did NOT match"
    - PR1806: Support Debian/Ubuntu 7 & 8 OpenJDK Installs as Boot
      JDK
    - PR1812: Unable to locate HotSpot checksum when downloading
    - PR1813: HotSpot URL should be used with --enable-hg
    - PR1815: Split download/extraction rules for OpenJDK so they
      can run in parallel
    - PR1829: Support AM_MAINTAINER_MODE
    - PR1834, RH1022017: Report elliptic curves supported by NSS,
      not the SunEC library
    - PR1845: jstack.stp in OpenJDK8 is broken
    - PR1869: Avoid x86 workaround when running Zero rather than a
      JIT
    - PR1889: Allow tarball checksumming to be disabled
    - PR1935: HotSpot extraction needs to depend on the tarball
      being downloaded
    - PR1937: Add configure option for -Werror
    - PR1938: Zero broken by enforced use of -Werror
    - PR1942: Bug reports lack IcedTea version & distribution
      packaging information
    - PR1950: Add build support for Zero SH
    - PR1965, G498288: Allow builds on PaX kernels
    - PR1968: Move to new OpenJDK bug URL format
    - PR1975: SystemTap probes for the garbage collector.
    - PR1977: Support using the system installation of Zlib
    - PR1979: Support using the system installation of libjpeg
    - PR1980: Support using the system installation of giflib
    - PR1981: Support using the system installation of libpng
    - PR1983: Support using the system installation of NSS with the
      SunEC provider
    - PR1994: make dist broken
    - PR2001: Synchronise HEAD tarball paths with release branch
      paths
    - PR2066: Unset OS before running OpenJDK build
    - PR2095, RH1163501: 2048-bit DH upper bound too small for
      Fedora infrastructure
    - PR2126: Synchronise elliptic curves in
      sun.security.ec.NamedCurve with those listed by NSS
    - PR2127: SunEC provider crashes when built using system NSS
    - PR2199: Support giflib 5.1.0
    - PR2212: DGifCloseFile call should check the return value, not
      the error code, for failure
    - PR2227: giflib 5.1 conditional excludes 6.0, 7.0, etc.
    - PR2237, RH1194378: ppc64le should report its os.arch as
      ppc64le so tools can detect it
    - PR2248: HotSpot tarball fails verification after download
    - PR2256: Add SystemTap tests
    - PR2257: clean-extract-nashorn rule is never run
    - PR2321: Checksum of policy JAR files changes on every build
    - PR2329: jamvm parallel unpack failures
    - PR2339: Fail early if there is no native HotSpot JIT & all
      other options are disabled
    - PR2348: Avoid following symlinks for CACAO and JamVM patches
    - PR2351: Split CACAO rule into configure and make stages
    - PR2352: Split JamVM rule into configure, make and make install
      stages
    - PR2358: Add aliases for all stamp targets
    - PR2362: Update HACKING & fsg.sh.in
    - PR2363: Remove EC source code prior to build
    - PR2369: SunEC provider is partially installed
    - PR2377: PaX mark the installed JDK so it runs on hardened
      systems
    - PR2383: Location of docs directory in install-data-local is
      incorrect
    - PR2392: Make elliptic curve removal optional
    - PR2400, RH1206656: Zero JVM crashes on startup when built with
      GCC 5
    - PR2407: Fix automatic enabling of the Zero build on non-JIT
      architectures which don't use CACAO or JamVM
    - PR2408: Enable Zero when Shark is enabled
    - PR2409: Update Zero macro to match one in IcedTea 2.x
    - PR2410: Support PPC64 JIT on ppc64le
    - PR2411: Fix references to hotspot.map following PR2001
    - PR2413: OpenJDK doesn't auto-select Zero on architectures
      where no server JVM is available
    - PR2414: CFLAGS, CXXFLAGS and LDFLAGS should be passed to
      OpenJDK build
    - PR2415: JVM -Xmx requirement is too high on s390
    - PR2428: OpenJDK build can't handle commas in LDFLAGS
    - PR2429: OpenJDK build does not copy a symlinked cacerts file
    - PR2432: ppc64 JIT doesn't support class data sharing
    - PR2433: ppc64le does not support -Xshare:dump
    - PR2434: SystemTap support is no longer optional
    - PR2439: NSS PKCS11 regression - due to java.security automatic
      loading
    - PR2443: install stage fails where
      BUILD_ARCH_DIR != INSTALL_ARCH_DIR
    - PR2447: Allow greater control of Javadoc installation
      directory
    - PR2448: Install TRADEMARK, COPYING and ChangeLog as RPM spec
      file does
    - PR2454: install-data-local needs to check that classes.jsa
      actually exists
    - PR2456: Installation path for hotspot_gc.stp is wrong, due to
      changed j2sdk-image location
    - PR2459: Policy JAR files should be timestamped with the date
      of the policy file they hold
    - PR2511: Reset success following calls in LayoutManager.cpp
    - PR2541: Allow the user to specify the cacerts file to use
    - PR2544: Desktop files do not allow installation from multiple
      versions of IcedTea 
    - PR2547: Extend tarball checksumming option to allow the
      checksum to be specified
    - PR2631: jvm.cfg missing for ppc64le
    - PR2633: s390 builds still fail as BUILD_NUM_BITS is never set
    - PR2675: Update ppc64le autotools infrastructure following
      PR2237
    - PR2691, G564746: ./configure is unable to compile using distcc
      for icedtea-3.0.0_pre06
    - PR2737: Allow multiple PKCS11 library initialisation to be a
      non-critical error.
    - PR2738: java.lang.UnsatisfiedLinkError: no javalcms in
      java.library.path
    - PR2743: Remove bad AArch64 merge fragment
    - PR2759: LCMS library should be named javalcms, not lcms, to
      avoid potential conflicts with the system library
    - PR2766: Remove all references to GCJ
    - PR2767: Remove remaining rogue binaries from OpenJDK tree
    - PR2768: Move SystemTap GCC 4.5 patch to OpenJDK tree or
      discard if no longer needed
    - PR2777: Fix MAX/MIN template usage on s390
    - PR2804: test/tapset/jstaptest.pl should be executable
    - PR2815: Race condition in SunEC provider with system NSS
    - PR2825: Placement of -lfreebl matters when using bfd linker
    - PR2826: Provide option to disable SystemTap tests
    - PR2841: Parallelism issues resulting from PR2459
    - PR2863: IcedTea doesn't pass through build and host triplets
      to OpenJDK's configure
    - PR2865: Handle uninstallation.
    - PR2869: Revert CRC fix (S8000650) backported as part of PR2462
    - PR2873: Fix make distcheck.
    - PR2880: Add missing test directory in make check.
    - PR2885: Location of 'stap' executable is hard-coded
    - PR2888: OpenJDK should check for system cacerts database (e.g.
      /etc/pki/java/cacerts)
    - PR2899: Don't use WithSeed versions of NSS functions as they
      don't fully process the seed
    - PR2906: Support prefixed variants of GNU tools used on *BSD
      systems
    - PR2907: Replace --with-abs-install-dir with usual --prefix
    - PR2917: Don't pass --with-cacerts-file to build if
      USE_ALT_CACERTS_FILE is not set
    - PR2918: Makefile handles cacerts as a symlink, but the
      configure check doesn't
    - PR2920: PaX marking fails on filesystems which don't support
      extended attributes
    - PR2921: Uninstallation of docs deletes too much
    - Don't substitute 'j' for '-j' inside -I directives
    - Extend 8041658 to all files in the HotSpot build.
    - Remove jcheck
  * AArch64 port
    - PR1970: Imported from aarch64 jdk8 repository.
    - PR2853: Fix build for aarch64/zero
    - PR2853: Remaining miscellaneous synchronisation changes from
      aarch64/jdk8u
    - PR2853: Remove AArch64-specific code in generateOptoStub.cpp.
    - PR2853: Remove some AArch64-specific code in share/.
    - PR2853: Remove some unnecessary divergences from jdk8u.
    - PR2853: Revert AArch64 jvm.cfg divergence
    - PR2853: Revert changes to libpng source code now 8078245 is in
      place.
    - PR2922: Import latest AArch64 changes from aarch64-port/jdk8u
      (aarch64-jdk8u77-b03)
    - S8150652, PR2922: Remove unused code in AArch64 back end
  * JamVM
    - JSR 292: Invoke Dynamic
    - JSR 308: Type Annotations
    - JSR 335: Lambda Expressions
    - JSR 901: VM support for method parameter reflection
    - JEP 171: Implement fence methods in sun.misc.Unsafe
    - sun.misc.Unsafe: additional methods get/putAddress.
    - FreeClassData: adjust method count for Miranda methods
    - Fix invokesuper check in invokespecial opcode
    - Fix non-direct interpreter invokespecial super-class check
    - When GC'ing a native method don't try to free code
    - Do not free unprepared Miranda method code data
    - Set anonymous class protection domain
    - JVM_IsVMGeneratedMethodIx stub
    - Dummy implementation of sun.misc.Perf natives
    - JVM_NewMultiArray: element class may be an array
    - jtreg test java/lang/reflect/Array/ExceedMaxDim
    - OpenJDK: Fix Local/Anonymous class checks
    - classlibMarkThreadTerminated should return Object*
    - Fix race-condition in constant-pool resolution code
    - JSR 292: MethodHandle constant-pool refs may be resolved
    - JSR 292: bootstrap method args error handling
    - JSR 308: update to match OpenJDK changes
    - JSR 292: correct intrinsic cache COMPARE function
    - Race condition in setting up imethod table
    - GC: Minor performance improvement
    - PR2034: --enable-jamvm builds broken, missing
      JVM_GetTemporaryDirectory impl
    - PR2336: JamVM lacks JVM_FindClassFromCaller
    - PR2523: Add executable stack markings to callNative.S on JamVM
    - PR2775: JamVM lacks JVM_GetResourceLookupCacheURLs introduced
      by jdk8u40
  * CACAO
    - PR1277: Synchronise CACAO rules between IcedTea6/7/8 where
      possible
    - PR1279: Synchronise CACAO versions between IcedTea6/7/8 where
      possible
    - PR2035: --enable-cacao builds broken, missing
      JVM_GetTemporaryDirectory impl.
    - PR2330, CA172, G453612: Add ARM hardfloat support to CACAO on
      Gentoo
    - PR2331: IcedTea8 fails to build with IcedTea7 CACAO due to low
      max heap size
    - PR2335: CACAO lacks JVM_FindClassFromCaller
    - PR2347: Fix CACAO patches to apply again
    - PR2349: 'struct jvm_version_info' has no member named
      'is_kernel_jvm'
    - PR2350: Update to latest CACAO
    - PR2354: stamps/cacao.stamp tries to touch a file in a
      directory which doesn't exist
    - PR2355: CACAO build fails to use JRE layout
    - PR2776: CACAO lacks JVM_GetResourceLookupCacheURLs introduced
      by jdk8u40
    - PR2832, CA195: typeinfo.cpp: typeinfo_merge_nonarrays:
      Assertion `dest && result && x.any && y.any' failed
    - PR2908: Add missing functions for CACAO OpenJDK JVM
      implementation
    - PR2909: Install CACAO in same way as JamVM
    - PR2910: Add rudimentary support for OpenJDK 8 class files to
      CACAO
    - PR2916: Update CACAO drop to use the latest from cacao-staging
- Removed patches:
  * PStack-808293.patch
  * aarch64-misc.patch
  * disable-doclint-by-default.patch
  * include-all-srcs.patch
  * link-with-as-needed.patch
  * memory-limits.patch
  * multiple-pkcs11-library-init.patch
  * ppc64le-8036767.patch
  * s390-java-opts.patch
  * s390-size_t.patch
  * system-lcms.patch
  * system-libjpeg.patch
  * system-libpng.patch
  * zero-dummy.patch
    - Fixed upstream
- Added patches:
  * icedtea-3.0.1-sunec.patch
    - Adapt the nss detection to SUSE packaging of mozilla-nss
  * java-1_8_0-openjdk-suse-desktop-files.patch
    - Adapt the desktop files for SUSE needs
- Modified patches:
  * 1015432.patch
  * adlc-parser.patch
  * compare-pointer-with-literal.patch
  * implicit-pointer-decl.patch
  * java-atk-wrapper-security.patch
  * ppc-zero-hotspot.patch
  * zero-javadoc-verbose.patch
    - Adapt to new directory structure

-------------------------------------------------------------------
Wed Mar 30 06:17:02 UTC 2016 - fstrba@suse.com

- Update to upstream tag jdk8u77-b03 (bsc#972468)
  *  CVE-2016-0636: Improve MethodHandle consistency

-------------------------------------------------------------------
Fri Feb 26 12:29:06 UTC 2016 - fstrba@suse.com

- Added patch:
  * ppc64le-8036767.patch
    + Change archinstall for ppc64le from ppc64 to ppc64le
      directory.

-------------------------------------------------------------------
Mon Jan 25 07:54:33 UTC 2016 - fstrba@suse.com

- Upgrade to upstream tag jdk8u72-b15
  * Oracle Critical Patch Update of January 2016 (bsc#962743)
  * Using aarch64 hotspot tag aarch64-jdk8u72-b15
- Security issues fixed:
  * CVE-2015-7575: Mozilla Network Security Services (NSS) before
    3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox
    ESR 38.x before 38.5.2, does not reject MD5 signatures in Server
    Key Exchange messages in TLS 1.2 Handshake Protocol traffic,
    which makes it easier for man-in-the-middle attackers to spoof
    servers by triggering a collision. 
  * CVE-2015-8126: Multiple buffer overflows in the (1) png_set_PLTE
    and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x
    and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x
    before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to
    cause a denial of service (application crash) or possibly have
    unspecified other impact via a small bit-depth value in an IHDR
    (aka image header) chunk in a PNG image.
  * CVE-2016-0402: Unspecified vulnerability in the Java SE and
    Java SE Embedded components in Oracle Java SE 6u105, 7u91, and
    8u66 and Java SE Embedded 8u65 allows remote attackers to affect
    integrity via unknown vectors related to Networking. 
  * CVE-2016-0448: Unspecified vulnerability in the Java SE and
    Java SE Embedded components in Oracle Java SE 6u105, 7u91, and
    8u66, and Java SE Embedded 8u65 allows remote authenticated
    users to affect confidentiality via vectors related to JMX.
  * CVE-2016-0466: Unspecified vulnerability in the Java SE, Java SE
    Embedded, and JRockit components in Oracle Java SE 6u105, 7u91,
    and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows
    remote attackers to affect availability via vectors related to
    JAXP. 
  * CVE-2016-0475: Unspecified vulnerability in the Java SE, Java SE
    Embedded, and JRockit components in Oracle Java SE 8u66; Java SE
    Embedded 8u65; and JRockit R28.3.8 allows remote attackers to
    affect confidentiality and integrity via unknown vectors related
    to Libraries. 
  * CVE-2016-0483: Unspecified vulnerability in the Java SE, Java SE
    Embedded, and JRockit components in Oracle Java SE 6u105, 7u91,
    and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows
    remote attackers to affect confidentiality, integrity, and
    availability via vectors related to AWT. 
  * CVE-2016-0494: Unspecified vulnerability in the Java SE and Java
    SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66
    and Java SE Embedded 8u65 allows remote attackers to affect
    confidentiality, integrity, and availability via unknown vectors
    related to 2D. 
- Modified patch:
  * s390-java-opts.patch
    + rediff to the changed context

-------------------------------------------------------------------
Thu Oct 22 12:19:38 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u65-b17
  * Security fix release of October 21, 2015 (bsc#951376)
- Security issues fixed:
  * CVE-2015-4734: A remote user can exploit a flaw in the Embedded
    JGSS component to partially access data
  * CVE-2015-4803: A remote user can exploit a flaw in the JRockit
    JAXP component to cause partial denial of service conditions
  * CVE-2015-4805: A remote user can exploit a flaw in the Embedded
    Serialization component to gain elevated privileges
  * CVE-2015-4806: A remote user can exploit a flaw in the Java SE
    Embedded Libraries component to partially access and partially
    modify data
  * CVE-2015-4835: A remote user can exploit a flaw in the Embedded
    CORBA component to gain elevated privileges
  * CVE-2015-4842: A remote user can exploit a flaw in the Embedded
    JAXP component to partially access data
  * CVE-2015-4843: A remote user can exploit a flaw in the Java SE
    Embedded Libraries component to gain elevated privileges
  * CVE-2015-4844: A remote user can exploit a flaw in the Embedded
    2D component to gain elevated privileges
  * CVE-2015-4860: A remote user can exploit a flaw in the Embedded
    RMI component to gain elevated privileges
  * CVE-2015-4872: A remote user can exploit a flaw in the JRockit
    Security component to partially modify data [].
  * CVE-2015-4881: A remote user can exploit a flaw in the Embedded
    CORBA component to gain elevated privileges
  * CVE-2015-4882: A remote user can exploit a flaw in the Embedded
    CORBA component to cause partial denial of service conditions
  * CVE-2015-4883: A remote user can exploit a flaw in the Embedded
    RMI component to gain elevated privileges
  * CVE-2015-4893: A remote user can exploit a flaw in the JRockit
    JAXP component to cause partial denial of service conditions
  * CVE-2015-4902: A remote user can exploit a flaw in the Java SE
    Deployment component to partially modify data
  * CVE-2015-4903: A remote user can exploit a flaw in the Embedded
    RMI component to partially access data
  * CVE-2015-4911: A remote user can exploit a flaw in the JRockit
    JAXP component to cause partial denial of service conditions
  * CVE-2015-4810: A local user can exploit a flaw in the Java SE
    Deployment component to gain elevated privileges
  * CVE-2015-4840: A remote user can exploit a flaw in the Embedded
    2D component to partially access data
  * CVE-2015-4868: A remote user can exploit a flaw in the Java SE
    Embedded Libraries component to gain elevated privileges
  * CVE-2015-4901: A remote user can exploit a flaw in the JavaFX
    component to gain elevated privileges
  * CVE-2015-4906: A remote user can exploit a flaw in the JavaFX
    component to partially access data
  * CVE-2015-4908: A remote user can exploit a flaw in the JavaFX
    component to partially access data
  * CVE-2015-4916: A remote user can exploit a flaw in the JavaFX
    component to partially access data  
- Modified patch:
  * s390-size_t.patch
    - Account for an additional uintptr_t <-> size_t mismatch

-------------------------------------------------------------------
Wed Aug 19 08:12:09 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u60-b27
  * Release of JDK 8u60
- Removed patches:
  * hotspot-support-kernel-4.patch
  * cplusplus-interpreter.patch
  * signed-overflow.patch
    - Integrated upstream
  * system-giflib5.patch
    - Fixed differently upstream
  * applet-hole.patch
    - Not needed any more with recent versions of icedtea-web
- Modified patches
  * aarch64-misc.patch
    - Rediff to correspond to the new context
    - Added bits from aarch64-port/jdk8/jdk

-------------------------------------------------------------------
Tue Aug 18 13:04:22 UTC 2015 - fstrba@suse.com

- Add constraints file

-------------------------------------------------------------------
Wed Jul 22 08:21:13 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u51-b16
  * Security fix release of July 15, 2015 (bsc#938248, bsc#937828)
- Security issues fixed:
  * CVE-2015-2590: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: Libraries).
  * CVE-2015-2597: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: Install).
  * CVE-2015-2601: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: JCE).
  * CVE-2015-2613: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: JCE).
  * CVE-2015-2619: Vulnerability in the Java SE, JavaFX, Java SE
    Embedded component of Oracle Java SE (subcomponent: 2D).
  * CVE-2015-2621: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: JMX).
  * CVE-2015-2625: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: JSSE).
  * CVE-2015-2627: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: Install).
  * CVE-2015-2628: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: CORBA).
  * CVE-2015-2632; Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: 2D).
  * CVE-2015-2637: Vulnerability in the Java SE, JavaFX, Java SE
    Embedded component of Oracle Java SE (subcomponent: 2D).
  * CVE-2015-2638: Vulnerability in the Java SE, JavaFX, Java SE
    Embedded component of Oracle Java SE (subcomponent: 2D).
  * CVE-2015-2659: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: Security).
  * CVE-2015-2664: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: Deployment).
  * CVE-2015-2808: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: JSSE).
  * CVE-2015-4000: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: JSSE).
  * CVE-2015-4729: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: Deployment).
  * CVE-2015-4731: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: JMX).
  * CVE-2015-4732: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: Libraries).
  * CVE-2015-4733: Vulnerability in the Java SE, Java SE Embedded
    component of Oracle Java SE (subcomponent: RMI).
  * CVE-2015-4736: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: Deployment).
  * CVE-2015-4748: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: Security).
  * CVE-2015-4749: Vulnerability in the Java SE, JRockit, Java SE
    Embedded component of Oracle Java SE (subcomponent: JNDI).
  * CVE-2015-4760: Vulnerability in the Java SE component of Oracle
    Java SE (subcomponent: 2D).

-------------------------------------------------------------------
Thu Jun 18 13:38:54 UTC 2015 - tchvatal@suse.com

- Use priority matching to ibm-java, always 5 bigger than it

-------------------------------------------------------------------
Wed Jun 10 08:10:23 UTC 2015 - fstrba@suse.com

- Added patch:
  * zero-dummy.patch
    - Fix crash of ZERO VM built with gcc5

-------------------------------------------------------------------
Fri Jun  5 12:58:27 UTC 2015 - fstrba@suse.com

- Added patch:
  * signed-overflow.patch
    - fix OOM due to signed overflow shown by gcc5 build

-------------------------------------------------------------------
Tue May 26 08:36:52 UTC 2015 - fstrba@suse.com

- Use the tzdb.dat from tzdata-java8 package on distributions
  that have it.

-------------------------------------------------------------------
Tue May  5 15:15:09 UTC 2015 - fstrba@suse.com

- Added patch:
  * hotspot-support-kernel-4.patch
    * fix build on systems having kernel 4.0

-------------------------------------------------------------------
Thu Apr 16 15:47:54 UTC 2015 - fstrba@suse.com

- Update the aarch64 tarball to the recent tip
  * The revision has merged changes up to jdk8u45-b14
- Apply cplusplus-interpreter.patch to the default hotspot tarball
  only (aarch64 tarball has the patch integrated)

-------------------------------------------------------------------
Wed Apr 15 08:27:37 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u45-b14
  * Security fix release of April 14, 2015

-------------------------------------------------------------------
Wed Apr  8 07:37:27 UTC 2015 - fstrba@suse.com

- Build the accelerated aarch64 hotspot anew

-------------------------------------------------------------------
Thu Mar  5 16:40:27 UTC 2015 - fstrba@suse.com

- Update the aarch64 tarball to a recent tip of the jdk8 repository

-------------------------------------------------------------------
Wed Mar  4 06:44:04 UTC 2015 - fstrba@suse.com

- jdk8u40-b25 became officially jdk8u40 release
  * Modify the package version

-------------------------------------------------------------------
Tue Feb 17 12:58:49 UTC 2015 - fstrba@suse.com

- Modified patch
  * system-libjpeg.patch
    - correct the case mismatch that prevented JPEG decoder from
      working correctly (bnc#905950)

-------------------------------------------------------------------
Mon Feb 16 08:01:42 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b25

-------------------------------------------------------------------
Thu Feb  5 09:55:30 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b24
- Upgrade the aarch64 hotspot to new tip
  * sync-ed with jdk8u40-b23
- Removed patch
  * aarch64-b12tob22.patch
    - Not needed since the aarch64 tarball is on a recent enough
      tag
- Modified patch
  * s390-size_t.patch
    - Adapt to hotspot changes

-------------------------------------------------------------------
Tue Jan 27 07:52:58 UTC 2015 - fstrba@suse.com

- Removed patch
  * aarch64-b12tob21.patch
    -  replaced by one that forward-ports to b22
- Added patch
  * aarch64-b12tob22.patch
    - forward-port the aarch64 hotspot to b22. 

-------------------------------------------------------------------
Sun Jan 25 18:06:11 UTC 2015 - fstrba@suse.com

- Modify patch: system-giflib5.patch
  * Fix build with giflib 5.1.x

-------------------------------------------------------------------
Thu Jan 22 09:42:50 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b22
  * Security update from 2015-01-20

-------------------------------------------------------------------
Wed Jan 21 08:22:26 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b21
- Removed patch:
  * aarch64-b12tob20.patch
    - replaced by new version
- Added patch:
  * aarch64-b12tob21.patch
    - port the relevant changes between builds b12 and b21 to the
      aarch64 tarball that is on the upstream tag of jdk8u40-b12

-------------------------------------------------------------------
Mon Jan 12 07:58:48 UTC 2015 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b20
  * Switch to the jdk8u40 stabilisation branch that will result in
    the jdk8u40 release
- Removed patch:
  * hotspot-build-j-directive.patch
    - integrated in the jdk8u40-b20 version of hotspot
- Added patches:
  * aarch64-b12tob20.patch
    - port the relevant changes between builds b12 and b20 to the
      aarch64 tarball that is on the upstream tag of jdk8u40-b12
  * cplusplus-interpreter.patch
    - fix a build of C++ interpreter that is used with Zero virtual
      machine.

-------------------------------------------------------------------
Sun Jan  4 22:00:21 UTC 2015 - schwab@suse.de

- zero-javadoc-verbose.patch: Avoid triggering inactivity timeout while
  generating javadoc in zero VM

-------------------------------------------------------------------
Mon Dec  8 13:32:25 UTC 2014 - fstrba@suse.com

- Require version of tzdata-java compatible with this version
  of Java.

-------------------------------------------------------------------
Sun Nov 23 13:46:44 UTC 2014 - schwab@linux-m68k.org

- Define bits to %__isa_bits if defined

-------------------------------------------------------------------
Tue Nov 11 17:18:21 UTC 2014 - fstrba@suse.com

- Modified patches:
  * s390-size_t.patch
    - rediff and drop unnecessary chunks
  * s390-java-opts.patch
    - modify to correspond to the changed context

-------------------------------------------------------------------
Mon Nov 10 14:55:35 UTC 2014 - fstrba@suse.com

- Put manpage alternative for policy-tool to the right package

-------------------------------------------------------------------
Tue Nov  4 19:25:03 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b12
  * Unstable snapshot in view of jdk8u40 release
  * aarch64 hotspot merged to the level of jdk8u40-b12
- Remove unneeded aarch64-jdk8u40-b09_b10.patch:
  * the aarch64 hotspot merge contains all the changes

-------------------------------------------------------------------
Wed Oct 29 08:38:44 UTC 2014 - fstrba@suse.com

- Update config.sub and config.guess to the recent master of
  http://git.savannah.gnu.org/cgit/config.git

-------------------------------------------------------------------
Fri Oct 17 07:18:59 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b10
  * Unstable snapshot in view of jdk8u40 release
  * Contains security fixes from 14 october 2014
- Add aarch64-jdk8u40-b09_b10.patch
  * Manually upgrade the aarch64 hotspot tarball with the changes
    between b09 and b10

-------------------------------------------------------------------
Thu Oct 16 20:07:56 UTC 2014 - fstrba@suse.com

- Allow building for SLE11
  * Conditionalize BuildRequires
  * Conditionalize cxxflags not understood by gcc 4.3
  * Conditionalize javadoc noarch build for distributions that
    understand the per-package BuildArch
- Try to make the jre-32 and jre-64 provides more automatic
- Disable brp-check-bytecode-version during install
  * java8 will have bytecode version 8 in its jars

-------------------------------------------------------------------
Tue Oct  7 06:25:32 UTC 2014 - fstrba@suse.com

- Force Zero VM for aarch64, since from the beginning we did not
  manage to finish a build of Hotspot for this architecture.

-------------------------------------------------------------------
Thu Oct  2 14:57:03 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b08
  * Unstable snapshot in view of jdk8u40 release

-------------------------------------------------------------------
Mon Sep 29 06:36:58 UTC 2014 - fstrba@suse.com

- Build template jvm interpreter on ppc64le
  * It was ported for this architecture in jdk8u49-b06
- Build depend on the generic java-bootstrap-devel
  * Allows to build against java-1_7_0-openjdk-bootstrap
- Reformat the spec file with spec-cleaner

-------------------------------------------------------------------
Fri Sep 26 07:35:47 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u40-b07
  * Unstable snapshot in view of jdk8u40 release
- Removed patch: aarch64-jni-update.patch
  * Upstreamed changes
- Modified patch: aarch64-misc.patch
  * Do not patch generated-configure.sh that is anyway regenerated.
- Modified patch: system-libjpeg.patch
  * Do not patch generated-configure.sh that is anyway regenerated.
  * Rediff to apply cleanly
- Modified patches: link-with-as-needed.patch,
  system-giflib5.patch, system-lcms.patch, system-libpng.patch
  * Rediff to apply cleanly

-------------------------------------------------------------------
Tue Sep 23 08:16:11 UTC 2014 - fstrba@suse.com

- Add provides jre-32 on %{ix86} and ppc
  * This satisfies libreoffice's requires

-------------------------------------------------------------------
Mon Sep  8 07:46:47 UTC 2014 - fstrba@suse.com

- Add provides jre-64 on x86_64. bnc#895191

-------------------------------------------------------------------
Wed Aug 20 14:31:18 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u20-b26
  * Tag corresponding to jdk8u20 public release
- Do not include the build number in version information, since
  this is the official 1.8.0.20 release

-------------------------------------------------------------------
Wed Jul 23 08:00:09 UTC 2014 - fstrba@suse.com

- Use icedtea-sound-1.0.1 release tarball

-------------------------------------------------------------------
Fri Jul 18 07:21:20 UTC 2014 - fstrba@suse.com

- Upgrade to upstream tag jdk8u20-b23
  * Security updates from 15 July 2014
- Removed patch: voidreturn.patch
  * Integrated upstream
- Re-diffed patch: java-atk-wrapper-security.patch
  * Re-diff to correspond to the new changes
- Modify accessibility post script to actually create the
  corresponding symlinks

-------------------------------------------------------------------
Tue Jul 15 08:03:53 UTC 2014 - fstrba@suse.com

- Initial package built from upstream OpenJDK
  * Version 1.8.0.20~b22
  * Sources from http://hg.openjdk.java.net/jdk8u/jdk8u20/
    tag jdk8u20-b22
- Initial bug-/build-fix patches
  * 1015432.patch
  * aarch64-jni-update.patch
  * aarch64-misc.patch
  * adlc-parser.patch
  * applet-hole.patch
  * compare-pointer-with-literal.patch
  * disable-doclint-by-default.patch
  * hotspot-build-j-directive.patch
  * implicit-pointer-decl.patch
  * include-all-srcs.patch
  * java-atk-wrapper-security.patch
  * link-with-as-needed.patch
  * memory-limits.patch
  * multiple-pkcs11-library-init.patch
  * ppc-zero-hotspot.patch
  * PStack-808293.patch
  * s390-java-opts.patch
  * s390-size_t.patch
  * system-giflib5.patch
  * system-lcms.patch
  * system-libjpeg.patch
  * system-libpng.patch
  * voidreturn.patch
- Added aarch64 hotspot from the tip of
  http://hg.openjdk.java.net/aarch64-port/jdk8/hotspot
- Added pulseaudio provider from the tip of
  http://icedtea.classpath.org/hg/icedtea-sound/