OBS-URL: https://build.opensuse.org/package/show/Java:Factory/java-1_8_0-openjdk?expand=0&rev=114

2015-07-22 08:38:46 +00:00 · 2015-07-22 08:38:46 +00:00 · 2098fba855
commit 2098fba855
parent 6b7d8bfebc
2 changed files with 56 additions and 1 deletions
--- a/java-1_8_0-openjdk.changes
+++ b/java-1_8_0-openjdk.changes
@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Wed Jul 22 08:21:13 UTC 2015 - fstrba@suse.com
+
+- Upgrade to upstream tag jdk8u51-b16
+  * Security fix release of July 15, 2015 (bsc#938248, bsc#937828)
+- Security issues fixed:
+  * CVE-2015-2590: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: Libraries).
+  * CVE-2015-2597: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: Install).
+  * CVE-2015-2601: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: JCE).
+  * CVE-2015-2613: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: JCE).
+  * CVE-2015-2619: Vulnerability in the Java SE, JavaFX, Java SE
+    Embedded component of Oracle Java SE (subcomponent: 2D).
+  * CVE-2015-2621: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: JMX).
+  * CVE-2015-2625: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: JSSE).
+  * CVE-2015-2627: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: Install).
+  * CVE-2015-2628: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: CORBA).
+  * CVE-2015-2632; Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: 2D).
+  * CVE-2015-2637: Vulnerability in the Java SE, JavaFX, Java SE
+    Embedded component of Oracle Java SE (subcomponent: 2D).
+  * CVE-2015-2638: Vulnerability in the Java SE, JavaFX, Java SE
+    Embedded component of Oracle Java SE (subcomponent: 2D).
+  * CVE-2015-2659: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: Security).
+  * CVE-2015-2664: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: Deployment).
+  * CVE-2015-2808: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: JSSE).
+  * CVE-2015-4000: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: JSSE).
+  * CVE-2015-4729: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: Deployment).
+  * CVE-2015-4731: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: JMX).
+  * CVE-2015-4732: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: Libraries).
+  * CVE-2015-4733: Vulnerability in the Java SE, Java SE Embedded
+    component of Oracle Java SE (subcomponent: RMI).
+  * CVE-2015-4736: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: Deployment).
+  * CVE-2015-4748: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: Security).
+  * CVE-2015-4749: Vulnerability in the Java SE, JRockit, Java SE
+    Embedded component of Oracle Java SE (subcomponent: JNDI).
+  * CVE-2015-4760: Vulnerability in the Java SE component of Oracle
+    Java SE (subcomponent: 2D).
+
 -------------------------------------------------------------------
 Thu Jun 18 13:38:54 UTC 2015 - tchvatal@suse.com

--- a/java-1_8_0-openjdk.spec
+++ b/java-1_8_0-openjdk.spec
@ -183,7 +183,7 @@ Source7:        http://hg.openjdk.java.net/%{root_project}/%{root_repository}/na
 # Hotspot version from aarch64-port repository (using the _tip_ of the http://hg.openjdk.java.net/%{aarch64_project}/%{aarch64_repository}/hotspot)
 Source8:        http://hg.openjdk.java.net/%{aarch64_project}/%{aarch64_repository}/hotspot/archive/%{aarch64_hotspot_revision}.tar.bz2
 # Pulseaudio plugin
-Source9:        http://icedtea.wildebeest.org/download/source/icedtea-sound-%{icedtea_sound_version}.tar.xz
+Source9:        http://icedtea.classpath.org/download/source/icedtea-sound-%{icedtea_sound_version}.tar.xz
 # Systemtap tapsets. Zipped up to keep it small.
 Source10:       systemtap-tapset.tar.gz
 # Desktop files. Adapated from IcedTea.